Detecting http-equiv meta refresh

[Gil Vidals <gi...@positionresearch.com>]

Is there a way to detect an incoming GET request generated by a meta refresh
at the server level with mod_perl???

Some of you have heard of users being able to "hijack" Google rankings by
simply creating a page with the meta tag in the head like so "<META
HTTP-EQUIV="refresh" CONTENT="1;  URL=http://www.domain-to-hijack.com">".

Eventually Google will give the rankings to the site that has placed the
above meta refresh tag somewhere on their web site.

I'm looking for a way to thwart a hijack attempt on my client sites. I tried
looking at the referrer in the log file, but it only shows an empty "-". Any
help will be greatly appreciated.


Gil.Vidals@PositionResearch.com
Position Research, Inc.
Search engine results by research
tel: (760) 480-8291 fax: (760) 480-8271
www.PositionResearch.com





-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: Detecting http-equiv meta refresh

[Perrin Harkins <pe...@elem.com>]

On Tue, 2004-09-14 at 16:52, Gil Vidals wrote:
> Is there a way to detect an incoming GET request generated by a meta refresh
> at the server level with mod_perl???

This is an HTTP and browser issue, not a mod_perl one.  You can
experiment with various browsers, but there is no way to be sure what
Google's proprietary browser will send when it follows a redirect or a
refresh link without actually setting one up, waiting for Google to hit
it, and checking your log files.  There is nothing I'm aware of in the
HTTP spec about what the Referer header should be after a refresh.

- Perrin


-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html