Solved

document.referrer is the empty string in IE if the request did not come from a link.

Posted on 2010-09-06
6
2,817 Views
Last Modified: 2012-05-10
CAVEAT:

My concerns are only peripherally related to security issues (eg, http://support.microsoft.com/kb/178066)  which I am not interested in in this case.  I am not going from an https to http page, or vice versa, and this is not a big security issue for me personally in this case.  In this particular situation, I'm more concerned about etiquette, given my web visitors may not be very computer savvy.  I just don't want them to view/share links that display garbage.

THE GOOD NEWS:

Chrome, FF, and Opera handle the below code fine (which lives on page staff.asp), even when the browser agent is directed here (to staff.asp) by scripts on next.asp and previous.asp.  The scripts on next.asp and previous.asp use a similar switch case using document.location for each case in order to change the postback URL vars:

 
<script language="javascript" type="text/javascript">
<!--

var refPath = document.referrer;
refPath = refPath.substring(refPath.lastIndexOf('/')+1);

alert(refPath);

switch (refPath)
{
case "staff-list.asp":
	break;
case "next.asp":
	break;
case "previous.asp":
	break;
default:
	location.href = "staff-list.asp"; 
}

//-->
</script>

Open in new window


THE PROBLEM:

This is a huge problem for IE, even though it works fine in FF, Chrome, and Opera, because in IE, the referrer header is empty when a user agent arrives at a page from another page, if it did not get there via a link that was clicked (that's my understanding, anyhow).

Note that unlike next.asp and previous.asp, the full listing at staff-list.asp fortunately directs the browser agent to the page staff.asp, via a list of clickable links (on staff-list.asp), and so staff.asp works fine in all browsers, including IE when arriving on staff.asp from staff-list.asp.

QUESTIONS:

Shall I provide the convenient check of referrer only for non-IE browsers (and present ugly junk only to those who venture to this page in IE, and without appropriate variables in the URL)?

Or is there some programmatic way to provide this redirection and changes to the URL variables, without spoofing the referrer, and without getting too complex.

IDEAS:

I could encode the URL of next.asp and previous.asp for post back along with other variables, and then change the switch/case statement on staff.asp to look for this instead of referrer, but that just sounds crazy to me.

Cookies are a huge overkill on this, and imposition to clients, just to browse a directory of staff.  Must I resort to session variables?  I'm actually on the verge of considering AJAX (which I have NEVER used before).  I've heard that MooTools makes XMLHttpRequest much easier?

Is there a more elegant way?

REFERENCE: (OVERALL  FLOW)
(1) staff-list.asp contains hard coded links like: staff.asp?empCode=egoManiac
(2) staff.asp checks the referrer and does a bunch of stuff on the page, based on the URL vars
(3) while on staff.asp, users can click next or previous which go to next.asp or previous.asp
(4) Next.asp and Previous.asp just use a switch statement to redirect back to staff.asp with new variables
0
Comment
Question by:ksuchy
  • 3
  • 3
6 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
If I comment out this line:

refPath = refPath.substring(refPath.lastIndexOf('/')+1);

it works fine in Firefox and IE8.  And IE6, Safari, and Chrome.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
Ok, I just reread your question.  You say "if it doesn't come from a link"?  If it doesn't come from another page, there is no referrer.  All of the browsers return a blank under that condition.  With or without that line.
0
 

Author Comment

by:ksuchy
Comment Utility
Hi Dave,

It seems that you may be mistaken.  The browser agent is arriving at staff.asp from another page, even though the page that send's the browser agent to staff.asp is not doing so because a human clicked on a link with their mouse.  Please let me know if what I wrote in "REFERENCE: (OVERALL  FLOW)" is not clear.  I may not have been specific enough.

This isn't really that big of a deal, but, again, I just wanted all the browsers to be nice and return humans to the staff-list.asp page (full list) if they wound up at staff.asp from any page other than the 3 I mentioned (previous.asp, next.asp, or staff-list.asp) --- and I wanted this behavior to be the same in all recent version browsers.

As a compromise, for the time being, I am excluding IE by the below code, which only executes the check of referrer page for non-IE browsers.  My tests show that this new code works fine in all browsers now, where as before (as I originally posted it), IE was not returning a 'referrer' header value, but FF, Chrome, and Opera were (and thus only they would remain at staff.asp with my new postback vars in the URL, rather than redirect to staff-list.asp).

Thank you,
~k


var IE = /*@cc_on!@*/false;

if(IE)
	{
		//IE specific code goes here
	}
	else
	{
		//code for all the other browsers
		var refPath = document.referrer;
		refPath = refPath.substring(refPath.lastIndexOf('/')+1);
		// alert(refPath);

		switch (refPath)
		{
			case "staff-list.asp":
				break;
			case "next.asp":
				break;
			case "previous.asp":
				break;
			default:
				location.href = "staff-list.asp"; 
	}
}

Open in new window

0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
I said "If it doesn't come from another page, there is no referrer."  That is true, you didn't contradict that.  I also said this line "refPath = refPath.substring(refPath.lastIndexOf('/')+1);" is killing the referrer variable making 'refpath' blank.  If you comment that out, you get the full referrer string for all browsers.  So I think if you edit that, you may be able to get what you're looking for.  I just don't know exactly how.  My tests didn't include pages that included query strings.
0
 

Author Comment

by:ksuchy
Comment Utility
this line "refPath = refPath.substring(refPath.lastIndexOf('/')+1);" is killing the referrer variable making 'refpath' blank  << only in IE
0
 

Author Closing Comment

by:ksuchy
Comment Utility
Thanks, I'll figure something else out.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

jQuery is a JavaScript library that greatly simplifies JavaScript programming. AJAX is an acronym formed from "Asynchronous JavaScript and XML."  AJAX refers to any communication between client and server, when the human client does not observe a…
OverviewThis article demonstrates a simple search form using AJAX. The purpose of the article is to demonstrate how to use the same code to render a page and javascript (JQuery) and AJAX to make subsequent calls to refine the results. The princip…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now