HTTP Referer not always being passed

拥有回忆 提交于 2019-11-27 23:40:12

问题


I have an application which records users visits. None of these visits are directly accessed, 100% of these visits are referred from another site.

I am passing $_SERVER['HTTP_REFERER'] through to the database. Approximately 35% of the logged entrees pass a referer, the rest are blank.

Is there a reason for this?


回答1:


If a user visits your site directly, there is no referrer. It's also possible they have set it up so their browser never sends the referrer.

According to this answer, browsers do not necessarily send a referrer when doing a meta refresh.




回答2:


There are a couple of number of reasons why HTTP_REFERER might be blank.

  1. You have to understand it's an environment variable given by the browser. Meaning users can remove it or even change it, if they so intend to.
  2. Users accessing the link from a bookmark, history or by typing the link manually do not have a referer.
  3. IE has also been known to remove the referer in situations revolving around javascript. Such as window.open, window.location and even setting target="_blank" in anchors or meta refresh.
  4. Clicking an embedded link in a chat application, PDF/Word/Excel document, will also not set a referer.
  5. Using AJAX, file_get_contents, fopen and other similar functions in other languages will probably not set a referer request.
  6. cURL, fsockopen, applications that have browser-like components might not set a referer.

There are probably more situations when this could happen, I'll update if I can think of anything that seems reasonable.




回答3:


Browsers sometimes will include the referer in the request. But it is not mandatory to do so (the referer is 100% voluntary). Indeed there are various privacy and security issues surrounding the referer (for example, if an HTTPS site refers you to an HTTP site, the browser should not include the referring site as the referer). So don't rely on it.




回答4:


When linking from one document to another in Internet Explorer 4.0 and later, the Referer header will not be sent when the link is from an HTTPS page to a non-HTTPS page. The Referer header also will not be sent when the link is from a non-HTTP(S) protocol, such as file://, to another page. for more info go to this link




回答5:


  1. Direct access to your page (typing URL in address bar or from bookmarks, history, etc)
  2. Browser settings (disabled referrer or empty)
  3. if someone requests page content with file_get_contents() function...



回答6:


It is common when you are stuck finding why it is missing: - Sometime your referer is https and you are on http, it will be lost.

Otherwise: - User accessing by inputing url directly. - A user has bookmarked and come from bookmarks. - Sometime user keep the url default for browser (similar like bookmark) - Proxy surfying may remove referer. - accessing website as bots (search engine)



来源:https://stackoverflow.com/questions/5643773/http-referer-not-always-being-passed

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!