Solved

Request.ServerVariables("HTTP_REFERER") returns empty value in IE

Posted on 2010-09-09
10
1,550 Views
Last Modified: 2012-05-10
I am trying to find the previous page which redirected to my page using Request.ServerVariables("HTTP_REFERER").

I get a value in Firefox or chrome but it is always empty in IE7+

Is there any work-around for this.

Thanks
Shankar Manickam
0
Comment
Question by:shankarmanickam
  • 6
  • 4
10 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 33638955
What server language are you using?  Looks like ASP.NET which would put you on IIS.  You should "Request Attention" and get those zones added to your question.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 33639044
I see that it's ASP.  For what it's worth, it does work in IE8 on IIS5.0.  You do have to get there from a link on another page.  If you go directly there by typing in the address, there is no referrer.
0
 

Author Comment

by:shankarmanickam
ID: 33639941
The page is redirected from Google.

http://www.google.com/url?q=http//wstest9/MyPage.aspx

This url redirects to the MyPage.aspx. But in MyPage.aspx Request.ServerVariables("HTTP_REFERER") is empty if the redirect happens in the IE.

But Request.ServerVariables("HTTP_REFERER") is equal to http://www.google.com/url?q=http//wstest9/MyPage.aspx in case of Firefox or Chrome.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 33640189
This is the essence of what I've found: "when using a javascript based link or redirect, IE doesn't get the referer information."  Apparently, it has always been this way for IE.
0
 

Author Comment

by:shankarmanickam
ID: 33640473
Please provide me some solutions for this.

Thanks
Shankar Manickam.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 33641301
The "HTTP_REFERER" is simply not going to be available from IE under that circumstance.  What is your goal in collecting the "HTTP_REFERER"?
0
 

Author Comment

by:shankarmanickam
ID: 33642473
I have to allow acccess to my site only from fixed list of websites.

If they are not coming from the fixed list of website, I should redirect to Unauthorized Users page.


Thanks
Shankar Manickam
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 33642742
If they come to your site from a regular link, not javascript or redirect, then the "HTTP_REFERER" will be there in IE.  If you can make sure the allowed websites use regular links, then you can consider a blank "HTTP_REFERER" as unacceptable.  Note also that typing the address of that page directly in the address bar will result in no "HTTP_REFERER" for any browser as will a refresh after they are on the page.

If there is money involved, you should read this page: http://en.wikipedia.org/wiki/Referrer_spoofing  The "HTTP_REFERER" can be faked.
0
 

Author Comment

by:shankarmanickam
ID: 33664756
Is there any alternate for HTTP_REFERER that will get the source URL from which it was redirected.

Thanks
Shankar Manickam.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 33665559
Not that I know of.  In addition, most browsers can turn off the referer field for privacy.  You need to find a different way to limit access to your pages.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question