Solved

Change the reffer information before requesting a page.

Posted on 2003-11-19
10
941 Views
Last Modified: 2012-08-13
Hi everyone!

Ok, here's my problem...

I am trying out a new forum system, but the site protects against session hijacking by using a URL like this:

http://www.vbmysql.com/fudtest/index.php/f/2/?SQ=1069280974

the ?SQ=1069280974 section is the root of my problem. I use Google adsense with my site, and it has the following piece of code for inlining a context-sensitive ad:

<script TYPE="text/javascript"><!--
google_ad_client = "pub-2660766695269970";
google_alternate_ad_url = "http://www.vbmysql.com/includes/amazon.html";
google_ad_width = 728;
google_ad_height = 90;
google_ad_format = "728x90_as";
google_color_border = "2184BD";
google_color_bg = "FFFFFF";
google_color_link = "666666";
google_color_url = "000000";
google_color_text = "000000";
//--></SCRIPT>
<script TYPE="text/javascript"
  SRC="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</SCRIPT>

So here's the thing, I am fairly certain that Google must be using the referrer information to do a database lookup and send the best ads for the page requested, well the ?SQ portion of the URL is of course going to drive Google batty. My Apache logs show that google is indeed spidering with the ?SQ portion in place, and things just do not work out well.

What I am wondering is this: Can I have Javascript strip the ?SQ=98672387 portion of the referrer information, THEN call for the  show_ads script and finally put the ?SQ=something portion back so that the forum software does not false alarm a session hijack?

If this is possible great! Please be aware that my Javascript experience is minimal and I will need working code to award points.

Thanks!
0
Comment
Question by:Squeebee
  • 4
  • 4
  • 2
10 Comments
 
LVL 1

Expert Comment

by:Witchazel
ID: 9783347
0
 
LVL 1

Expert Comment

by:Witchazel
ID: 9783369
i think what you are asking cant be done,   you can easily break the url to pieces, but you cannot change the url in the browser address box (would be nice, i might even try frames if you could hehe)
0
 
LVL 25

Expert Comment

by:devic
ID: 9783379
<script>
if(top.location.href.indexOf("?")!=-1){top.location.href=top.location.href.split("?")[0]}
</script>
0
 
LVL 25

Expert Comment

by:devic
ID: 9783434
better to change your forum :) but if you put code above in first line, then will be redirect quickly.

so like this:
===============================================================
<script>
if(top.location.href.indexOf("?")!=-1){top.location.href=top.location.href.split("?")[0]}
</script>
<html>
<head>
0
 
LVL 17

Author Comment

by:Squeebee
ID: 9784021
I will check that out, but does the contents of the location bar determine what the referrer information will be?

Can we influence the external .js file?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 25

Expert Comment

by:devic
ID: 9785746
>>>I will check that out, but does the contents of the location bar determine what the referrer information will be?
no it lost referrer. To test it, you can always i in adress bar write javascript:alert(document.referrer) and press enter

i just saw, that if i replace location, i see google ads.

>>>Can we influence the external .js file?
every script can be placed in the external .js file.

<script src=myscript.js></script>
======myscript.js=========
if(top.location.href.indexOf("?")!=-1){top.location.href=top.location.href.split("?")[0]}
0
 
LVL 17

Author Comment

by:Squeebee
ID: 9787488
I was referring to influencing the .js file at

<script TYPE="text/javascript"
  SRC="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</SCRIPT>

I have implemented your suggestion and it looks like it may be working, I will just have to give it some time and watch the logs to make sure the googlebots are seeing things right.
0
 
LVL 17

Author Comment

by:Squeebee
ID: 9789116
Ok, your suggestion is good, but doubles all my traffic and does not seem to be working too well to boot.

Here's a question, the following if from google's javascript at the link above:

if (window.google_page_url == null) {
  google_page_url = document.referrer;
  if (window.top.location == document.location) {
    google_page_url = document.location;
  }
}

This seems to be what determines the url that gets passed to google for searching. Now I cannot understand Javascript too well but is there something we can do before passing it to google to fool it into thinking there is no query string? Would this just involve relocating your code snippet further down?
0
 
LVL 25

Accepted Solution

by:
devic earned 500 total points
ID: 9790269
google_page_url=document.referrer.split("?")[0]

:)

place it in head, before include of google:


==========================
<script>
google_page_url=document.referrer.split("?")[0];
</script>
<script TYPE="text/javascript"
 SRC="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

0
 
LVL 17

Author Comment

by:Squeebee
ID: 9791550
It world, but Google says it is not allowed, how ironic.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now