Solved

Need to spoof HTTP_REFERER in via a link

Posted on 2006-06-12
18
1,037 Views
Last Modified: 2013-11-24
I have a need to link to another site, however I do not want that site to know I am refering traffic to them.  I run .asp pages and javascript on my site now, I have looked and the only way I have seen to really do this is based on an article I found on Expert Exchange (http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21793985.html).  But it was not detailed enough, I know ASP better than Java!!

Ideally here is what I want to happen is;
* Link from asp page with 1 dynamic vairable
* Open a new window
* Mask or remove the HTTP_REFERER
* reusable for several different links on the same page (ie the dymanic variable will change several times in a for next type loop

Here is the way I do it now but it does not spoof the referer (the "#" is to hide the URL from the user);
<a href="#" onClick="window.open('http://www.somesite.com/testing/topic.asp?SID=<%=Cstr(fp_rs("Topic"))%','_blank','width=750,height=420,resizable=1,scrollbars=1')">Link me</a>

What I want is a real world example of the javascript code (or any other proposed code that works with .asp - NOT .NET!) and the link syntax.
0
Comment
Question by:jloberg
  • 10
  • 6
18 Comments
 
LVL 12

Expert Comment

by:Giant2
ID: 16885158
The solution gave there was using JSP or servlet. If you want to use ASP (this is the wrong topic) and javascript you can use the AJAX method.
If I well understand, you want to not displayable to your user the link where you go.
You can use a webserver answering to your question in XML and the AJAX on the client managing these data.
Aiax goes with the activeXObject Microsoft.XMLHTTP, so you can use even a VBscript (if you are more familiar with Microsoft).
Bye, Giant.
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885212
About Ajax here is a step by step tutorial:
http://www.w3schools.com/ajax/default.asp

Hope this could help you.
Bye, Giant.
0
 

Author Comment

by:jloberg
ID: 16885239
I posted in this form because that other post was the closest thing I was able to find to what I needed.  I am not familar with AJAX method.  If that is a solution and can be done in conjunction with ASP and you have the knowledge please provide a solution.

As far as displaying the link I guess in reality that is trivial, I would rather either remove or spoof the HTTP_REFERER compared to hiding the link from the end user.  But I definitely do need it to open in a new windows without the tool bars etc.

If there is a way to do this with Java / Javascript that would be great.  If not please let me know which topic (forum) you feel this should be posted.

Thank You,
Jerry
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 12

Expert Comment

by:Giant2
ID: 16885270
>But I definitely do need it to open in a new windows without the tool bars etc.
You can do this easily checking the mouse click and the CTRL or ALT click.
If you are able to check if these events occurs your problem is solved.
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885298
Here are many scripts for disable mouse click:
http://www.jsmadeeasy.com/javascripts/DHMTL%20Miscelanious/list_test.asp
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885332
Here for shift, alt and ctrl detection:
http://www.javascripter.net/faq/ctrl_alt.htm
0
 

Author Comment

by:jloberg
ID: 16885337
Still not sure how to do it.  What would it take for you to code the file(s) (from what I saw AJAX will require a file to sit on the server).

The end user should not have to do anything other than click on the link, the script or what ever is needed will do the masking, spoofing of the HTTP_REFERER and opening the new window.

Again if you feel this is in the wrong forum please let m know where you think I should post this.  It does seem like Giant2 does know what it would take to get this to work.  I am looking for a complete working sample as I am not able to figure it own my own.  :(

I have searched the net for over a day and not found a working sample, so I am sure others would benefit from this solution also.
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885433
With te REFERER you can filter and check what was the root followed by the client. You can detect using VB, for example:
<%@ LANGUAGE = VBScript %>
<% Option Explicit %>
<%
Dim strReferer
strReferer = Request.ServerVariables ("HTTP_REFERER")
If (Right(strReferer, 9) <> "index.htm") and _
  (Right(strReferer, 8) <> "menu.htm") then
    Response.Redirect("index.htm")
Else
%>
<html>

//put here if the check goes well

</html>
<% End If %>

this piece of code check if the request come from index.html or menu.html it redirect the request to index.html
If all goes ok, it follows with the rest of the code.

Hope this could solve your problem.
Bye, Giant.
0
 

Author Comment

by:jloberg
ID: 16885557
Maybe I did not explain it correctly...  

Lets say MY domain is abc.com, I have a link to http://www.somesite.com/testing/topic.asp?SID=1234 (the 1234 would be dynamic as shown in the original post).  I do not want www.somesite.com to know that abc.com was the domain that refered the user to them.  So I either need to 'blank out' the referer or change it to somesite.com.

Does that make sense?  Sorry if my original post was not clear enough on that.
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885705
As I told before, the EE example you point is referred to a JSP or Servlet. So if you want to use it you must have a JSP or a servlet.
I think you must be clear with onething:
Client click over the button/link.
YourServer receive the request and apply the empty REFERRER, so redirect the request to the other server.
Is this what you neded?
0
 

Author Comment

by:jloberg
ID: 16885757
Sorry for the confusion, but yes, the end user (web user) will click on a link that is on the web page I am servering from server 1.  That link will have a link to server 2 and as the user clicks on the link (that the asp page created) I do not want to transfer server 1's referer information.

If this is the wrong forum what forum what for should I be posting it in?  Can the JSP or servlet work with my asp page?  If so then I am ok using JSP or a servlet.  Sorry if I am not being clear, I thought I knew more than I apparently do and I appologize for the frustration I appear to be casuing you!
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885870
I believe a better topic could be the HTML because to use JSP and Servlet you must have a servlet container (Tomcat, JBoss, etc.) but if you use ASP it's sure you do not have.
0
 

Author Comment

by:jloberg
ID: 16885911
Ok, I will try.  So you do not have any proposed solutions that I can award you an acceptable solution for then?
0
 
LVL 12

Expert Comment

by:Giant2
ID: 16885934
I believe the only way is to direct the request passing from your server (not directly link).
I see even this link:
http://www.htmlforums.com/archive/index.php/t-42277.html
agree with me.

So I believe the solution is the one who passes from the server (which open a new URL connection without referer).
Good luck, Giant.
0
 

Accepted Solution

by:
tvtimes earned 100 total points
ID: 17050105
Here is a solution although it is not javascript nor .asp, however it will work with .asp.  It is a perl / cgi script that you should be able to run (most web providers who use .asp also offer cgi).

This script does not transmit an HTTP_REFERER (It appears blank).  To give proper credit I did find the script at; http://watson-net.com/download/download.asp?name=Redirector&file=redir.zip

Test the syntax based on the following to a site that verifies if you are 'refered';

<a href="http://www.inet-police.com/cgi-bin/env.cgi"> Traditional Link</a>

<a href="/cgi-bin/redir.pl?url=http://www.inet-police.com/cgi-bin/env.cgi">Anonymous Link</a>


Because this uses a standard "a href", you should be able to use the following (based on your example).  You will need to save the redir.pl file into your cgi-bin folder;

<a href="#" onClick="window.open('/cgi-bin/redir.pl?url=http://www.somesite.com/testing/topic.asp?SID=<%=Cstr(fp_rs("Topic"))%','_blank','width=750,height=420,resizable=1,scrollbars=1')">Link me</a>

As long as you have cgi abilities this should meet your needs, otherwise based on other responses I think your out of luck.
0
 

Author Comment

by:jloberg
ID: 17072420
Yes my host does have CGI abilities.
It is surprising that this seems to be the only solution.
But thanks.

Jerry
0
 
LVL 12

Expert Comment

by:Giant2
ID: 17128105
Sorry not help!
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
difference of if loops 23 62
tomcat not starting 6 67
Adding multiple JVM environments to RedHat 6 7 46
Eclipse Java import and method not resolved 4 47
Java Flight Recorder and Java Mission Control together create a complete tool chain to continuously collect low level and detailed runtime information enabling after-the-fact incident analysis. Java Flight Recorder is a profiling and event collectio…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Viewers learn about the “while” loop and how to utilize it correctly in Java. Additionally, viewers begin exploring how to include conditional statements within a while loop and avoid an endless loop. Define While Loop: Basic Example: Explanatio…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question