The referrer, or HTTP referrer—also known by the common misspelling referer that occurs as an HTTP header HTTP Headers form the core of an HTTP request, and are very important in an HTTP response. They define various characteristics of the data that is requested or the data that has been provided. The headers are separated from the request or response body by a blank line. HTTP headers can be near-arbitrary strings, but only some are commonly field—identifies, from the point of view of an internet The Internet is a global system of interconnected computer networks that use the standard Internet Protocol Suite to serve billions of users worldwide. It is a network of networks that consists of millions of private, public, academic, business, and government networks of local to global scope that are linked by a broad array of electronic and webpage A web page or webpage is a document or resource of information that is suitable for the World Wide Web and can be accessed through a web browser and displayed on a monitor or mobile device or resource, the address of the webpage (commonly the URL In computing, a Uniform Resource Locator is a Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. In popular usage and in many technical documents and verbal discussions it is often incorrectly used as a synonym for URI,. The best-known example of a URL is the ", the more generic URI In computing, a Uniform Resource Identifier is a string of characters used to identify a name or a resource on the Internet. Such identification enables interaction with representations of the resource over a network (typically the World Wide Web) using specific protocols. Schemes specifying a concrete syntax and associated protocols define each or the i18n In computing, internationalization and localization are means of adapting computer software to different languages and regional differences. Internationalization is the process of designing a software application so that it can be adapted to various languages and regions without engineering changes. Localization is the process of adapting updated IRI On the Internet, the Internationalized Resource Identifier is a generalization of the Uniform Resource Identifier (URI), which is in turn a generalization of the Uniform Resource Locator (URL). While URIs are limited to a subset of the ASCII character set, IRIs may contain characters from the Universal Character Set (Unicode/ISO 10646), including) of the resource which links to it. By checking the referrer, the new page can see where the request came from. Referrer logging is used to allow websites A website [citation needed] is a collection of related web pages, images, videos or other digital assets that are addressed relative to a common Uniform Resource Locator (URL), often consisting of only the domain name, or the IP address, and the root path ('/') in an Internet Protocol-based network. A web site is hosted on at least one web server, and web servers A web server is a computer program that delivers content, such as web pages, using the Hypertext Transfer Protocol (HTTP), over the World Wide Web. The term web server can also refer to the computer or virtual machine running the program to identify where people are visiting them from, for promotional or security purposes. Referrer is a popular tool to combat cross-site request forgery Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits, but such security mechanisms do not work when the referrer is disabled. Referrer is widely used for statistical purposes.
A dereferrer is a means to strip the details of the referring website from a link In computing, a hyperlink is a reference to a document that the reader can directly follow, or that is followed automatically[citation needed]. The reference points to a whole document or to a specific element within a document. Hypertext is text with hyperlinks. Such text is usually viewed with a computer. A software system for viewing and request so that the target website cannot identify the page which was clicked on to originate a request.
Contents |
Origin of the term referer
The misspelling referer originated in the original proposal by computer scientist Phillip Hallam-Baker to incorporate the field into the HTTP specification.[1] The misspelling was set in stone by the time of its incorporation into the standards document RFC In computer network engineering, a Request for Comments is a memorandum published by the Internet Engineering Task Force (IETF) describing methods, behaviors, research, or innovations applicable to the working of the Internet and Internet-connected systems 1945; document co-author Roy Fielding Roy Thomas Fielding is an American computer scientist. He is one of the principal authors of the HTTP specification (RFC 2616), and a frequently-cited authority on computer network architecture has remarked that neither "referrer" nor the misspelling "referer" were recognized by the standard Unix Unix is a computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna. Today's Unix systems are split into various branches, developed over time by AT&T as well as various commercial vendors and non-profit spell checker In computing, a spell checker is an application program that flags words in a document that may not be spelled correctly. Spell checkers may be stand-alone capable of operating on a block of text, or as part of a larger application, such as a word processor, email client, electronic dictionary, or search engine of the period.[2] "Referer" has since become a widely used spelling in industry when discussing HTTP referrers; usage of the misspelling is not universal, though, as the correct spelling of "referrer" is used in some web specifications such as the Document Object Model The Document Object Model is a cross-platform and language-independent convention for representing and interacting with objects in HTML, XHTML and XML documents. Aspects of the DOM (such as its "Elements") may be addressed and manipulated within the syntax of the programming language in use. The public interface of a DOM are specified in.
Details
When visiting a webpage A web page or webpage is a document or resource of information that is suitable for the World Wide Web and can be accessed through a web browser and displayed on a monitor or mobile device, the referrer or referring page is the URL In computing, a Uniform Resource Locator is a Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. In popular usage and in many technical documents and verbal discussions it is often incorrectly used as a synonym for URI,. The best-known example of a URL is the " of the previous webpage from which a link In computing, a hyperlink is a reference to a document that the reader can directly follow, or that is followed automatically[citation needed]. The reference points to a whole document or to a specific element within a document. Hypertext is text with hyperlinks. Such text is usually viewed with a computer. A software system for viewing and was followed. Server code running through CGI The Common Gateway Interface is a standard protocol that defines how webserver software can delegate the generation of webpages to a console application. Such applications are known as CGI scripts; they can be written in any programming language, although scripting languages are often used and PHP PHP: Hypertext Preprocessor is a widely used, general-purpose scripting language that was originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document. As a general-purpose can access it with the HTTP_REFERER environment variable.
More generally, a referrer is the URL of a previous item which led to this request. The referrer for an image, for example, is generally the HTML HTML, which stands for HyperText Markup Language, is the predominant markup language for web pages. It is written in the form of HTML elements consisting of "tags" surrounded by angle brackets within the web page content page on which it is to be displayed. The referrer field is an optional part of the HTTP request sent by the browser program A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content. Hyperlinks present in resources enable users to easily navigate their browsers to to the web server A web server is a computer program that delivers content, such as web pages, using the Hypertext Transfer Protocol (HTTP), over the World Wide Web. The term web server can also refer to the computer or virtual machine running the program.[3]
Many web sites log referrers as part of their attempt to track their users. Most web log analysis software Web log analysis software is a simple kind of Web analytics software that parses a log file from a web server, and based on the values contained in the log file, derives indicators about who, when, and how a web server is visited. Usually reports are generated from the log files immediately, but the log files can alternatively be parsed to a can process this information. As referrer information can violate privacy Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. The boundaries and content of what is considered private differ among cultures and individuals, but share basic common themes. Privacy is sometimes related to anonymity, the wish to remain unnoticed or, some browsers allow the user to disable the sending of referrer information. Some proxy In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to and firewall A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices which is configured to permit or deny computer applications based upon a set of rules and other criteria software will also filter out referrer information, to avoid leaking the location of non-public websites. This can in turn cause problems: some servers block parts of their site to browsers that don't send the right referrer information, in an attempt to prevent deep linking Deep linking, on the World Wide Web, is making a hyperlink that points to a specific page or image on a website, instead of that website's main or home page. Such links are called deep links or unauthorised use of images (bandwidth theft Inline linking is the use of a linked object, often an image, from one site into a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located). Some proxy software has the ability to give the top-level address of the target site as the referrer, which usually prevents these problems while still not divulging the user's last visited site.
Recently many blogs have started publishing referrer information in order to link back to people who are linking to them, and hence broaden the conversation. This has led, in turn, to the rise of referrer spam Referrer spam is a kind of spamdexing . The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise. Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer's site, which will in turn be indexed by the search: the sending of fake referrer information in order to popularize the spammer's site.
Many pornographic paysites A paysite, in pornography jargon, is a website that charges money to become a member and view its content, and often produces original adult content. They can be contrasted with "free-sites", which do not charge a membership fee. Most paysites offer "free tours" which allow non-members to view a limited number of short trailers utilize referrer information to secure their materials: only browsers arriving from a small set of approved (login-) pages are given access; this facilitates the sharing of materials among a group of cooperating paysites. Referrer spoofing In computer security, referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referer data with is often used to gain free access to these sites.
Referrer hiding
Most web servers will maintain logs of all traffic, and record the HTTP The Hypertext Transfer Protocol is a networking protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web referrer sent by the browser for each request. This raises a number of privacy concerns, and as a result a number of systems to prevent servers being sent the real referring URL have been developed. These systems work either by blanking the referrer header or by replacing it with inaccurate data. Generally, internet security When a computer connects to a network and begins communicating with other computers, it is essentially taking a risk. Internet security involves the protection of a computer's Internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up suites blank the referrer data, while web based servers replace it with a false URL, usually their own - of course, this raises the problem of referrer spam Referrer spam is a kind of spamdexing . The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise. Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer's site, which will in turn be indexed by the search. The technical details of both methods are fairly consistent - software applications act as a proxy server In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to and manipulate the HTTP request, while web based methods load websites within frames, causing the browser to send a referrer URL of their website address. Some web browsers A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content. Hyperlinks present in resources enable users to easily navigate their browsers to give their users the option to turn off referrer headers.[4]
Most browsers do not send the referrer header when they are instructed to redirect using the "Refresh" HTTP header, this does not include some versions of Opera and many Mobile browsers[5]. However, this method of redirection is discouraged by the W3C The World Wide Web Consortium is the main international standards organization for the World Wide Web (abbreviated WWW or W3).[6]
If a website accessed from an HTTP Secure Hypertext Transfer Protocol Secure is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encryption and secure (website security testing) identification of the server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems connection and a link points to a non-secure connection, then the referrer header is not sent.[7]
References
- ^ Hallam-Baker, Phillip. "Re: Is Al Gore The Father of the Internet?" alt.folklore.computers, 2000-09-21
- ^ Fielding, Roy. "Re: Referer: (sic)." HTTP-wg, 1995-03-09
- ^ "The Referer[sic] request-header field allows the client to specify […] the address (URI) of the resource from which the Request-URI was obtained […]" RFC 2616 § 14.36
- ^ http://kb.mozillazine.org/Network.http.sendRefererHeader
- ^ http://referer.us/hide-http-referer.html
- ^ http://www.w3.org/TR/WCAG10-HTML-TECHS/#meta-element
- ^ "Clients SHOULD NOT include a Referer[sic] header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol." RFC 2616 § 15.1.3
See also
- Referrer spoofing In computer security, referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referer data with, changing referrer information to gain unauthorized access to a web site.
- Referrer spam Referrer spam is a kind of spamdexing . The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise. Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer's site, which will in turn be indexed by the search, providing fake referrer information in order to popularize a spammer's website.
References and external links
Categories: URI scheme Categories: Internet standards | Network addressing | Application layer protocols | Identifiers | HTTP headers | URL Categories: URI scheme | Web design | World Wide Web | Hypertext
Personal tools
- New features
- Log in / create account
Namespaces
Variants
Views
Actions
Navigation
- Main page A man engaged in waterskiing, a sport in which an individual is pulled behind a boat or a cable ski installation on a body of water, skimming the surface. Waterskiing is a relatively young sport, having been invented in the early 20th century. The skis this person is wearing are specialized for ski jumping
- Contents A portal is an introductory page for a given topic. It complements the main article of the subject by introducing the reader to key articles, images, and categories that further describe the subject. They also include to-do lists that are used mostly by Wikipedia's editors
- Featured content
- Current events
- Random article
Interaction
- About Wikipedia
- Community portal
- Recent changes
- Contact Wikipedia
- Donate to Wikipedia
- Help
Toolbox
- What links here
- Related changes
- Upload file
- Special pages
- Permanent link
- Cite this page
Print/export
- Create a book
- Download as PDF
- Printable version
Languages
- Deutsch
- Français
- 한국어
- Italiano
- עברית
- Latviešu
- Magyar
- 日本語
- Polski
- Русский
- 中文