admin管理员组

文章数量:1425734

We are signing up to an online resource that uses http-referer as authentication (bad idea, I know) to prove that the request es from our intranet (IP address is not available for this as there is a higher level proxy).

Unfortunately it might be that their system requires a specific referer URL rather than taking the domain. This will mean when we want to link to the resource from a different page we will need to either register yet another URL with them or link to effectively a splash page they have to click through again.

If we need to go down this route I'd like to make it as unnoticeable as possible and so was wondering what the best approach would be to achieve the following:

  1. http://intranet/somerandomurl has a link to
  2. http://intranet/AuthorisedUrl which needs to be the referrer to
  3. http://externalsite/

Is there any way to do this without literally making people click on a link? (the vast majority of browsers will be IE6 or IE7 if that helps, if some need to click on the link but I can use JS for most I'm ok with that).

We are signing up to an online resource that uses http-referer as authentication (bad idea, I know) to prove that the request es from our intranet (IP address is not available for this as there is a higher level proxy).

Unfortunately it might be that their system requires a specific referer URL rather than taking the domain. This will mean when we want to link to the resource from a different page we will need to either register yet another URL with them or link to effectively a splash page they have to click through again.

If we need to go down this route I'd like to make it as unnoticeable as possible and so was wondering what the best approach would be to achieve the following:

  1. http://intranet/somerandomurl has a link to
  2. http://intranet/AuthorisedUrl which needs to be the referrer to
  3. http://externalsite/

Is there any way to do this without literally making people click on a link? (the vast majority of browsers will be IE6 or IE7 if that helps, if some need to click on the link but I can use JS for most I'm ok with that).

  • javascript
  • http-redirect
  • referrer
  • http-referer
Share Improve this question edited Jun 24, 2013 at 10:58 Chao asked Sep 2, 2010 at 14:38 ChaoChao 3,0433 gold badges33 silver badges36 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 4

Put this code on link 2. For those with JavaScript enabled, 

 <script type="text/javascript">

window.location = "http://example./"

</script>

This will redirect them to http://example./ as soon as it executes. Put this as early on within the <head> as possible, so that the redirect occurs as early in the page loading as possible

Then just put a manual link on the page for those with JavaScript disabled.

Either way, link 2 will be the referrer for externalsite.

(Caveat: This is a really, really unsecure method of authentication.)

EDIT: It looks like there's a known issue with some IE versions not passing a Referer header after javascript redirects. Here is the workaround: http://webbugtrack.blogspot./2008/11/bug-421-ie-fails-to-pass-http-referer.html

本文标签: javascriptChanging httpreferer via a redirectStack Overflow

版权声明:本文标题:javascript - Changing http-referer via a redirect - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745410302a2657433.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。