问题
I've noticed that if a foreign https: site links to my non-https site, that I don't get anything in the HTTP Referer header at all. I've experienced this with access.log, but I presume the same happens with JavaScript's document.referrer, too.
So, if the referrer is https, is there no way to get any information about it? Not even the hostname / domain name? Or is it possible to somehow get at least the domain, with JavaScript?
Also, I presume running my own site with https isn't going to solve this issue for me, correct?
回答1:
You should check this answer : Get referrer URL - visitors coming from Paypal (HTTPS)
In case your site uses HTTP (not HTTPS) and the referer uses HTTPS, there is no Referrer being sent!
HTTP RFC - 15.1.3 Encoding Sensitive Information in URI's states:
Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.
So the only way to get the Referrer is to use HTTPS on your site.
回答2:
To get the document.referrer, You can use either of the options below:
You Need to convert your HTTP site to HTTPS.
Or you can add the below simple meta tag in your HTTPS site.
<meta name="referrer" content="always">
来源:https://stackoverflow.com/questions/16551586/can-you-at-least-get-the-domain-of-the-https-referer