You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Micha Brans <m....@sitehost.nl> on 2001/03/07 11:29:16 UTC
other/7370: $HTTP_REFERER gives no good information
>Number: 7370
>Category: other
>Synopsis: $HTTP_REFERER gives no good information
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Mar 07 02:30:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: m.brans@sitehost.nl
>Release: 1.3.17
>Organization:
apache
>Environment:
Linux CP36263-A 2.2.16-22 #1 Tue Aug 22 16:49:06 EDT 2000 i686 unknow
>Description:
When somebody comes to our server via a link, the $HTTP_REFERER gives the correct information. But when I go to a site just bij typing in the URL the $HTTP_REFERER has to be empty, but gives always "http://www.sitehost.nl:9999/apache/"
>How-To-Repeat:
1.
go to http://www.sitehost.nl en view the source. You will see 1 line containing <frame name = 'STAT' scrolling = 'NO' noresize src = 'stats/maak.php?domein=www.sitehost.nl&via=http://www.sitehost.nl:9999/apache/' frameborder = 'NO' bordercolor = '#FFFFFF'>
This source is made by a php-script who places the HTTP_REFERER after "via=".
This should be empty!
2.
Go to "http://www.ilse.nl/searchresults.dbl?oldquery=&LANGUAGE=NL&profile=st&family=no&search_for=sitehost" and take the link to SiteHost. When you look in the source now you wil see "<frame name = 'STAT' scrolling = 'NO' noresize src = 'stats/maak.php?domein=www.sitehost.nl&via=http://www.ilse.nl/searchresults.dbl?oldquery=&LANGUAGE=NL&profile=st&family=no&search_for=sitehost' frameborder = 'NO' bordercolor = '#FFFFFF'>"
>Fix:
No, I'm sorry
>Release-Note:
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or ]
["Re: general/1098:"). If the subject doesn't match this ]
[pattern, your message will be misfiled and ignored. The ]
["apbugs" address is not added to the Cc line of messages from ]
[the database automatically because of the potential for mail ]
[loops. If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request from a ]
[developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]