Solved

Request.ServerVariables("HTTP_REFERER") returns empty value in IE

Posted on 2010-09-09
10
1,520 Views
Last Modified: 2012-05-10
I am trying to find the previous page which redirected to my page using Request.ServerVariables("HTTP_REFERER").

I get a value in Firefox or chrome but it is always empty in IE7+

Is there any work-around for this.

Thanks
Shankar Manickam
0
Comment
Question by:shankarmanickam
  • 6
  • 4
10 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
What server language are you using?  Looks like ASP.NET which would put you on IIS.  You should "Request Attention" and get those zones added to your question.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
I see that it's ASP.  For what it's worth, it does work in IE8 on IIS5.0.  You do have to get there from a link on another page.  If you go directly there by typing in the address, there is no referrer.
0
 

Author Comment

by:shankarmanickam
Comment Utility
The page is redirected from Google.

http://www.google.com/url?q=http//wstest9/MyPage.aspx

This url redirects to the MyPage.aspx. But in MyPage.aspx Request.ServerVariables("HTTP_REFERER") is empty if the redirect happens in the IE.

But Request.ServerVariables("HTTP_REFERER") is equal to http://www.google.com/url?q=http//wstest9/MyPage.aspx in case of Firefox or Chrome.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
This is the essence of what I've found: "when using a javascript based link or redirect, IE doesn't get the referer information."  Apparently, it has always been this way for IE.
0
 

Author Comment

by:shankarmanickam
Comment Utility
Please provide me some solutions for this.

Thanks
Shankar Manickam.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
The "HTTP_REFERER" is simply not going to be available from IE under that circumstance.  What is your goal in collecting the "HTTP_REFERER"?
0
 

Author Comment

by:shankarmanickam
Comment Utility
I have to allow acccess to my site only from fixed list of websites.

If they are not coming from the fixed list of website, I should redirect to Unauthorized Users page.


Thanks
Shankar Manickam
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
If they come to your site from a regular link, not javascript or redirect, then the "HTTP_REFERER" will be there in IE.  If you can make sure the allowed websites use regular links, then you can consider a blank "HTTP_REFERER" as unacceptable.  Note also that typing the address of that page directly in the address bar will result in no "HTTP_REFERER" for any browser as will a refresh after they are on the page.

If there is money involved, you should read this page: http://en.wikipedia.org/wiki/Referrer_spoofing  The "HTTP_REFERER" can be faked.
0
 

Author Comment

by:shankarmanickam
Comment Utility
Is there any alternate for HTTP_REFERER that will get the source URL from which it was redirected.

Thanks
Shankar Manickam.
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
Not that I know of.  In addition, most browsers can turn off the referer field for privacy.  You need to find a different way to limit access to your pages.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now