Request.ServerVariables("HTTP_REFERER") returns empty value in IE

I am trying to find the previous page which redirected to my page using Request.ServerVariables("HTTP_REFERER").

I get a value in Firefox or chrome but it is always empty in IE7+

Is there any work-around for this.

Thanks
Shankar Manickam
shankarmanickamAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
Not that I know of.  In addition, most browsers can turn off the referer field for privacy.  You need to find a different way to limit access to your pages.
0
 
Dave BaldwinFixer of ProblemsCommented:
What server language are you using?  Looks like ASP.NET which would put you on IIS.  You should "Request Attention" and get those zones added to your question.
0
 
Dave BaldwinFixer of ProblemsCommented:
I see that it's ASP.  For what it's worth, it does work in IE8 on IIS5.0.  You do have to get there from a link on another page.  If you go directly there by typing in the address, there is no referrer.
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
shankarmanickamAuthor Commented:
The page is redirected from Google.

http://www.google.com/url?q=http//wstest9/MyPage.aspx

This url redirects to the MyPage.aspx. But in MyPage.aspx Request.ServerVariables("HTTP_REFERER") is empty if the redirect happens in the IE.

But Request.ServerVariables("HTTP_REFERER") is equal to http://www.google.com/url?q=http//wstest9/MyPage.aspx in case of Firefox or Chrome.
0
 
Dave BaldwinFixer of ProblemsCommented:
This is the essence of what I've found: "when using a javascript based link or redirect, IE doesn't get the referer information."  Apparently, it has always been this way for IE.
0
 
shankarmanickamAuthor Commented:
Please provide me some solutions for this.

Thanks
Shankar Manickam.
0
 
Dave BaldwinFixer of ProblemsCommented:
The "HTTP_REFERER" is simply not going to be available from IE under that circumstance.  What is your goal in collecting the "HTTP_REFERER"?
0
 
shankarmanickamAuthor Commented:
I have to allow acccess to my site only from fixed list of websites.

If they are not coming from the fixed list of website, I should redirect to Unauthorized Users page.


Thanks
Shankar Manickam
0
 
Dave BaldwinFixer of ProblemsCommented:
If they come to your site from a regular link, not javascript or redirect, then the "HTTP_REFERER" will be there in IE.  If you can make sure the allowed websites use regular links, then you can consider a blank "HTTP_REFERER" as unacceptable.  Note also that typing the address of that page directly in the address bar will result in no "HTTP_REFERER" for any browser as will a refresh after they are on the page.

If there is money involved, you should read this page: http://en.wikipedia.org/wiki/Referrer_spoofing  The "HTTP_REFERER" can be faked.
0
 
shankarmanickamAuthor Commented:
Is there any alternate for HTTP_REFERER that will get the source URL from which it was redirected.

Thanks
Shankar Manickam.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.