22
Internet Explorer HTTP_REFERER javacript redirect issue
1 Comment | Posted by Žilvinas Šaltys in JavaScript
Internet Explorer has a strange issue regarding http referers. If you would have a link and would follow that link $_SERVER['HTTP_REFERER'] value would get populated. But if a redirect is done using javascript like this:
top.location.href = 'page.php';
The HTTP_REFERER will not get value populated. I tried to figure out why is this happening but seems it’s just the way it is. All other browsers Firefox, Chrome, Opera will set the referer properly, but IE6, IE7 and IE8 will not.
Though it is not a good practice to rely on HTTP_REFERER and you should probably not use it if you can, but nevertheless such kind of behaviour may cause strange bugs. If you happen to know why Internet Explorer behaves like this or know workaround to still have a referer value set when the browser redirects using javascript please leave a comment.
1 Comment for Internet Explorer HTTP_REFERER javacript redirect issue
SMFX | August 19, 2011 at 8:29 PM
I’m not sure if you’re still looking at why, but I ran into again for an annoying reason and found this KB article that documents why:
http://support.microsoft.com/kb/178066
Basically because crossing a site could potentially send info, they stopped doing it in IE4 when the real solution should have been “don’t include sensitve crap in your URL to begin with”, they instead went with “don’t ever include the Referer” because they couldn’t control the content of the first and only the content of the second.
The lesson is, don’t use the HTTP_REFERER.