D
Dave Anderson
I have had the misfortune of having to debug a problem with a vendor
application, and have determined that the problem was caused by the
existence of the HTTP_REFERER header.
Assuming I want the user to reach http://server/app.dll?qsinfo, each of the
following causes the app to function correctly:
• window.location.replace("http://server/app.dll?qsinfo")
• <META HTTP-EQUIV="REFRESH" CONTENT="0;URL=http://server/app.dll?qsinfo">
• window.open("http://server/app.dll?qsinfo")
• Opening the URL from a bookmark, desktop shortcut, or an application
other than the browser.
Each of these causes failure:
• <A HREF="http://server/app.dll?qsinfo">Go</A>
• <A HREF="Redirect.asp">Go</A>, where Redirect.asp reads:
<% Response.Redirect("http://server/app.dll?qsinfo") %>
• Ditto, but with Server.Transfer()
• <IFRAME SRC="http://server/app.dll?qsinfo"></IFRAME>
I suspected early on that the HTTP_REFERER was the culprit, as the
above divide neatly according to absence or presence of that header.
Fortunately, Mozilla allows me to confirm this:
[about:config] --> set network.http.sendRefererHeader = 0
Now, I am perfectly capable of using a workaround until the vendor fixes the
problem (my colleagues were happy to run with the META solution, but I find
it inelegant), but I am left wondering if there were an easier solution
available to me.
Is anyone here aware of a means of stripping the HTTP_REFERER header?
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.
application, and have determined that the problem was caused by the
existence of the HTTP_REFERER header.
Assuming I want the user to reach http://server/app.dll?qsinfo, each of the
following causes the app to function correctly:
• window.location.replace("http://server/app.dll?qsinfo")
• <META HTTP-EQUIV="REFRESH" CONTENT="0;URL=http://server/app.dll?qsinfo">
• window.open("http://server/app.dll?qsinfo")
• Opening the URL from a bookmark, desktop shortcut, or an application
other than the browser.
Each of these causes failure:
• <A HREF="http://server/app.dll?qsinfo">Go</A>
• <A HREF="Redirect.asp">Go</A>, where Redirect.asp reads:
<% Response.Redirect("http://server/app.dll?qsinfo") %>
• Ditto, but with Server.Transfer()
• <IFRAME SRC="http://server/app.dll?qsinfo"></IFRAME>
I suspected early on that the HTTP_REFERER was the culprit, as the
above divide neatly according to absence or presence of that header.
Fortunately, Mozilla allows me to confirm this:
[about:config] --> set network.http.sendRefererHeader = 0
Now, I am perfectly capable of using a workaround until the vendor fixes the
problem (my colleagues were happy to run with the META solution, but I find
it inelegant), but I am left wondering if there were an easier solution
available to me.
Is anyone here aware of a means of stripping the HTTP_REFERER header?
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.