shankarmanickam
asked on
Request.ServerVariables("HTTP_REFERER") returns empty value in IE
I am trying to find the previous page which redirected to my page using Request.ServerVariables("H
I get a value in Firefox or chrome but it is always empty in IE7+
Is there any work-around for this.
Thanks
Shankar Manickam
I get a value in Firefox or chrome but it is always empty in IE7+
Is there any work-around for this.
Thanks
Shankar Manickam
Dave Baldwin
What server language are you using? Looks like ASP.NET which would put you on IIS. You should "Request Attention" and get those zones added to your question.
I see that it's ASP. For what it's worth, it does work in IE8 on IIS5.0. You do have to get there from a link on another page. If you go directly there by typing in the address, there is no referrer.
ASKER
The page is redirected from Google.
http://www.google.com/url?q=http//wstest9/MyPage.aspx
This url redirects to the MyPage.aspx. But in MyPage.aspx Request.ServerVariables("H
But Request.ServerVariables("H
http://www.google.com/url?q=http//wstest9/MyPage.aspx
This url redirects to the MyPage.aspx. But in MyPage.aspx Request.ServerVariables("H
But Request.ServerVariables("H
This is the essence of what I've found: "when using a javascript based link or redirect, IE doesn't get the referer information." Apparently, it has always been this way for IE.
ASKER
Please provide me some solutions for this.
Thanks
Shankar Manickam.
Thanks
Shankar Manickam.
The "HTTP_REFERER" is simply not going to be available from IE under that circumstance. What is your goal in collecting the "HTTP_REFERER"?
ASKER
I have to allow acccess to my site only from fixed list of websites.
If they are not coming from the fixed list of website, I should redirect to Unauthorized Users page.
Thanks
Shankar Manickam
If they are not coming from the fixed list of website, I should redirect to Unauthorized Users page.
Thanks
Shankar Manickam
If they come to your site from a regular link, not javascript or redirect, then the "HTTP_REFERER" will be there in IE. If you can make sure the allowed websites use regular links, then you can consider a blank "HTTP_REFERER" as unacceptable. Note also that typing the address of that page directly in the address bar will result in no "HTTP_REFERER" for any browser as will a refresh after they are on the page.
If there is money involved, you should read this page: http://en.wikipedia.org/wiki/Referrer_spoofing The "HTTP_REFERER" can be faked.
If there is money involved, you should read this page: http://en.wikipedia.org/wiki/Referrer_spoofing The "HTTP_REFERER" can be faked.
ASKER
Is there any alternate for HTTP_REFERER that will get the source URL from which it was redirected.
Thanks
Shankar Manickam.
Thanks
Shankar Manickam.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.