Solved

browser not sending HTTP_REFERER headers to website

Posted on 2008-06-21
7
3,243 Views
Last Modified: 2013-12-08
I'm trying to sign up for stream my game, but everything I click "New User" I get an error.
I have tried lowering my settings in IE7 to allow everything, windows firewall is off, and i don't have any firewall programs, but i do have a watchguard firewall.


Warning: your browser doesn't send the HTTP_REFERER header to the website.
This can be caused due to your browser, using a proxy server or your firewall.
Please change browser or turn off the use of a proxy
or turn off the 'Deny servers to trace web browsing' in your firewall
and you shouldn't have problems when sending a POST on this website.

Open in new window

0
Comment
Question by:milkyline
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 14

Expert Comment

by:agriesser
ID: 21838865
Please go to http://tuxx-home.at/temp/info.php, click on the link and post the results here.
I've written a small script which prints out all the server variables set when accessing this page.
0
 

Author Comment

by:milkyline
ID: 21839015
DOCUMENT_ROOT=/home/tuxx/www/htdocs
GATEWAY_INTERFACE=CGI/1.1
HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
HTTP_ACCEPT_ENCODING=gzip, deflate
HTTP_ACCEPT_LANGUAGE=en-us
HTTP_CONNECTION=Keep-Alive
HTTP_HOST=tuxx-home.at
HTTP_UA_CPU=x86
HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FDM; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.2; .NET CLR 3.0.04506.648)
PATH=/bin:/usr/bin
QUERY_STRING=clicked
REDIRECT_STATUS=200
REMOTE_ADDR=71.41.221.70
REMOTE_HOST=rrcs-71-41-221-70.se.biz.rr.com
REMOTE_PORT=4541
REQUEST_METHOD=GET
REQUEST_URI=/temp/info.php?clicked
SCRIPT_FILENAME=/home/tuxx/www/htdocs/temp/info.php
SCRIPT_NAME=/temp/info.php
SERVER_ADDR=88.198.57.56
SERVER_ADMIN=office@tuxx-home.at
SERVER_NAME=tuxx-home.at
SERVER_PORT=80
SERVER_PROTOCOL=HTTP/1.1
SERVER_SIGNATURE=
ORIG_SCRIPT_NAME=/temp/info.php
ORIG_SCRIPT_FILENAME=/home/tuxx/www/htdocs/temp/info.php
PHP_SELF=/temp/info.php
REQUEST_TIME=1214085289
argv=Array
argc=1
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21839052
Strange. I see that you did access this site with a Mozilla browser (probably Firefox 1.x), is that true?
That would at least tell us that the problem is not related to IE7.

Have you checked the sendRefererHeader setting in Firefox?
To do this, open the URL "about:config" and search for "network.http.sendRefererHeader". This value should read "1".

Your computer might also be infected by Smitfraud/Zlog, please check that:
http://boards.cexx.org/index.php?topic=15022.msg61952
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:milkyline
ID: 21839200
No, I am useing Internet Explorer 7. I have a portable verson of Firefox 2, but I only used it for some testing, but I went and changed that setting and I still have the same message. I went and ran the clean feature of that program they listed, but that too didn't solve my problem.
0
 
LVL 14

Accepted Solution

by:
agriesser earned 250 total points
ID: 21840119
So to summarize: It doesn't matter wheter you're using IE or Firefox, both browsers don't send the HTTP_REFERER option, is that true?

Then it might really be an issue of your Watchguard Firewall/proxy solution.
I found an article about configuring the outgoing proxy characteristics of this applicance here:
https://www.watchguard.com/support/fireware_howto/83/HTTP_Proxy_OutgoingProxyAction.pdf

Quoting the interesting part:

-----------------------------------------------
Clients use the Referer header to send the address (URI) of the resource from which this request-URI was obtained. In
other words, sometimes when you click on a link, your browser sends information about the site you just came from.
This lets the receiving server gather statistics, optimize caching, trace bad links, and so on. Some users feel it is a
breach of privacy to tell any server what previous site referred the user to visit this site. Some sites do not allow connections
if the Referer field is not present or if the referer is not a certain domain. In addition, many CGI scripts that
run on the web server rely on the Referer header to make sure the HTTP request comes from a previously scripted
event. This is becoming less common as web security professionals realize that the header is easily spoofed. Because
stripping this header causes some connections to break, the rule is disabled by default.
Recommendation:
Keep the defaults unless you are familiar with the header you want to strip and know the consequences if you
strip it. Most request headers the client sends are necessary for the server to know the intentions and the
capabilities of the client.
-------------------------------------------

Could you check this setting on your watchguard firewall?
0
 
LVL 14

Expert Comment

by:agriesser
ID: 21924187
Any updates on this one?
0
 

Author Closing Comment

by:milkyline
ID: 31469462
Helped solve my problem
0

Featured Post

Ready to get started with anonymous questions?

It's easy! Check out this step-by-step guide for asking an anonymous question on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Now-a-days, indirectly, postal services have been replaced by email services. Yes, whenever we hear the word "email" a lot of people only think of gmail. Some people still think that email and gmail are one and the same thing :-). Let's see some …
Internet is a big network which is formed by connecting multiple small networks.It is a platform for all the users which are connected to it.Internet act as platform in different fields. Such as: Internet  as a collaboration platform. Internet  as…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question