OK - there is a LOT misinformation about referrers.
What is a referrer?
The referrer, or HTTP referrer—also known by the common misspelling referer that occurs as an HTTP header field—identifies, from the point of view of an internet webpage or resource, the address of the webpage of the resource which links to it.
By checking the referrer, the new page can see where the request came from. Referrer logging is used to allow websites and web servers to identify where people are visiting them from, for promotional or security purposes.
Referrer is a popular tool to combat cross-site request forgery, but such security mechanisms do not work when the referrer is disabled. Referrer is widely used for statistical purposes.
Examples
Example 1.
I have a fantastic website with a landing-page:
On the page buycoolstuffnow.html I link to
What is the referrer google sees when the link is from buycoolstuffnow.html. Correct it's
.
Example 2.
On
I include an iFrame displaying
. What is the referrer Google sees? Yes -
.
Example 3.
What if our Google.com url links to someting external Page C. Click the link, the iframe now shows page C. What is the referrer for C?
Most browsers report that referrer is B (Google.com).
Example 4.
What if you nest iframes in Iframes etc.?
Well Always look at the page where the link is located. The closest containing page will always be the referrer for the link.
If you have nested iframes the referrer for the iframe is the closest containing iframe or page.
How to test?
Always use a site like
to test your setup.
Remember you can't do a proper test before your site is actually online and not run locally on your machine.
Want to keep this basic as you need to know the basics before moving on to more advanced stuff - so nothing here about clearing or spoofing.
What is a referrer?
The referrer, or HTTP referrer—also known by the common misspelling referer that occurs as an HTTP header field—identifies, from the point of view of an internet webpage or resource, the address of the webpage of the resource which links to it.
By checking the referrer, the new page can see where the request came from. Referrer logging is used to allow websites and web servers to identify where people are visiting them from, for promotional or security purposes.
Referrer is a popular tool to combat cross-site request forgery, but such security mechanisms do not work when the referrer is disabled. Referrer is widely used for statistical purposes.
Examples
Example 1.
I have a fantastic website with a landing-page:
Code:
http://www.mydomain.com/buycoolstuffnow.htmlOn the page buycoolstuffnow.html I link to
Code:
http://www.google.com
Code:
http://www.mydomain.com/buycoolstuffnow.htmlExample 2.
On
Code:
http://www.mydomain.com/buycoolstuffnow.html
Code:
http://www.google.com
Code:
http://www.mydomain.com/buycoolstuffnow.htmlExample 3.
What if our Google.com url links to someting external Page C. Click the link, the iframe now shows page C. What is the referrer for C?
Most browsers report that referrer is B (Google.com).
Example 4.
What if you nest iframes in Iframes etc.?
Well Always look at the page where the link is located. The closest containing page will always be the referrer for the link.
If you have nested iframes the referrer for the iframe is the closest containing iframe or page.
How to test?
Always use a site like
Code:
http://www.whatismyreferrer.com/Remember you can't do a proper test before your site is actually online and not run locally on your machine.
Want to keep this basic as you need to know the basics before moving on to more advanced stuff - so nothing here about clearing or spoofing.
