Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1058
  • Last Modified:

Need to spoof HTTP_REFERER in via a link

I have a need to link to another site, however I do not want that site to know I am refering traffic to them.  I run .asp pages and javascript on my site now, I have looked and the only way I have seen to really do this is based on an article I found on Expert Exchange (http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21793985.html).  But it was not detailed enough, I know ASP better than Java!!

Ideally here is what I want to happen is;
* Link from asp page with 1 dynamic vairable
* Open a new window
* Mask or remove the HTTP_REFERER
* reusable for several different links on the same page (ie the dymanic variable will change several times in a for next type loop

Here is the way I do it now but it does not spoof the referer (the "#" is to hide the URL from the user);
<a href="#" onClick="window.open('http://www.somesite.com/testing/topic.asp?SID=<%=Cstr(fp_rs("Topic"))%','_blank','width=750,height=420,resizable=1,scrollbars=1')">Link me</a>

What I want is a real world example of the javascript code (or any other proposed code that works with .asp - NOT .NET!) and the link syntax.
0
jloberg
Asked:
jloberg
  • 10
  • 6
1 Solution
 
Giant2Commented:
The solution gave there was using JSP or servlet. If you want to use ASP (this is the wrong topic) and javascript you can use the AJAX method.
If I well understand, you want to not displayable to your user the link where you go.
You can use a webserver answering to your question in XML and the AJAX on the client managing these data.
Aiax goes with the activeXObject Microsoft.XMLHTTP, so you can use even a VBscript (if you are more familiar with Microsoft).
Bye, Giant.
0
 
Giant2Commented:
About Ajax here is a step by step tutorial:
http://www.w3schools.com/ajax/default.asp

Hope this could help you.
Bye, Giant.
0
 
jlobergAuthor Commented:
I posted in this form because that other post was the closest thing I was able to find to what I needed.  I am not familar with AJAX method.  If that is a solution and can be done in conjunction with ASP and you have the knowledge please provide a solution.

As far as displaying the link I guess in reality that is trivial, I would rather either remove or spoof the HTTP_REFERER compared to hiding the link from the end user.  But I definitely do need it to open in a new windows without the tool bars etc.

If there is a way to do this with Java / Javascript that would be great.  If not please let me know which topic (forum) you feel this should be posted.

Thank You,
Jerry
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
Giant2Commented:
>But I definitely do need it to open in a new windows without the tool bars etc.
You can do this easily checking the mouse click and the CTRL or ALT click.
If you are able to check if these events occurs your problem is solved.
0
 
Giant2Commented:
Here are many scripts for disable mouse click:
http://www.jsmadeeasy.com/javascripts/DHMTL%20Miscelanious/list_test.asp
0
 
Giant2Commented:
Here for shift, alt and ctrl detection:
http://www.javascripter.net/faq/ctrl_alt.htm
0
 
jlobergAuthor Commented:
Still not sure how to do it.  What would it take for you to code the file(s) (from what I saw AJAX will require a file to sit on the server).

The end user should not have to do anything other than click on the link, the script or what ever is needed will do the masking, spoofing of the HTTP_REFERER and opening the new window.

Again if you feel this is in the wrong forum please let m know where you think I should post this.  It does seem like Giant2 does know what it would take to get this to work.  I am looking for a complete working sample as I am not able to figure it own my own.  :(

I have searched the net for over a day and not found a working sample, so I am sure others would benefit from this solution also.
0
 
Giant2Commented:
With te REFERER you can filter and check what was the root followed by the client. You can detect using VB, for example:
<%@ LANGUAGE = VBScript %>
<% Option Explicit %>
<%
Dim strReferer
strReferer = Request.ServerVariables ("HTTP_REFERER")
If (Right(strReferer, 9) <> "index.htm") and _
  (Right(strReferer, 8) <> "menu.htm") then
    Response.Redirect("index.htm")
Else
%>
<html>

//put here if the check goes well

</html>
<% End If %>

this piece of code check if the request come from index.html or menu.html it redirect the request to index.html
If all goes ok, it follows with the rest of the code.

Hope this could solve your problem.
Bye, Giant.
0
 
jlobergAuthor Commented:
Maybe I did not explain it correctly...  

Lets say MY domain is abc.com, I have a link to http://www.somesite.com/testing/topic.asp?SID=1234 (the 1234 would be dynamic as shown in the original post).  I do not want www.somesite.com to know that abc.com was the domain that refered the user to them.  So I either need to 'blank out' the referer or change it to somesite.com.

Does that make sense?  Sorry if my original post was not clear enough on that.
0
 
Giant2Commented:
As I told before, the EE example you point is referred to a JSP or Servlet. So if you want to use it you must have a JSP or a servlet.
I think you must be clear with onething:
Client click over the button/link.
YourServer receive the request and apply the empty REFERRER, so redirect the request to the other server.
Is this what you neded?
0
 
jlobergAuthor Commented:
Sorry for the confusion, but yes, the end user (web user) will click on a link that is on the web page I am servering from server 1.  That link will have a link to server 2 and as the user clicks on the link (that the asp page created) I do not want to transfer server 1's referer information.

If this is the wrong forum what forum what for should I be posting it in?  Can the JSP or servlet work with my asp page?  If so then I am ok using JSP or a servlet.  Sorry if I am not being clear, I thought I knew more than I apparently do and I appologize for the frustration I appear to be casuing you!
0
 
Giant2Commented:
I believe a better topic could be the HTML because to use JSP and Servlet you must have a servlet container (Tomcat, JBoss, etc.) but if you use ASP it's sure you do not have.
0
 
jlobergAuthor Commented:
Ok, I will try.  So you do not have any proposed solutions that I can award you an acceptable solution for then?
0
 
Giant2Commented:
I believe the only way is to direct the request passing from your server (not directly link).
I see even this link:
http://www.htmlforums.com/archive/index.php/t-42277.html
agree with me.

So I believe the solution is the one who passes from the server (which open a new URL connection without referer).
Good luck, Giant.
0
 
tvtimesCommented:
Here is a solution although it is not javascript nor .asp, however it will work with .asp.  It is a perl / cgi script that you should be able to run (most web providers who use .asp also offer cgi).

This script does not transmit an HTTP_REFERER (It appears blank).  To give proper credit I did find the script at; http://watson-net.com/download/download.asp?name=Redirector&file=redir.zip

Test the syntax based on the following to a site that verifies if you are 'refered';

<a href="http://www.inet-police.com/cgi-bin/env.cgi"> Traditional Link</a>

<a href="/cgi-bin/redir.pl?url=http://www.inet-police.com/cgi-bin/env.cgi">Anonymous Link</a>


Because this uses a standard "a href", you should be able to use the following (based on your example).  You will need to save the redir.pl file into your cgi-bin folder;

<a href="#" onClick="window.open('/cgi-bin/redir.pl?url=http://www.somesite.com/testing/topic.asp?SID=<%=Cstr(fp_rs("Topic"))%','_blank','width=750,height=420,resizable=1,scrollbars=1')">Link me</a>

As long as you have cgi abilities this should meet your needs, otherwise based on other responses I think your out of luck.
0
 
jlobergAuthor Commented:
Yes my host does have CGI abilities.
It is surprising that this seems to be the only solution.
But thanks.

Jerry
0
 
Giant2Commented:
Sorry not help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 10
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now