Reputation: 2039
Where does document.referrer come from?
I have the following script at http://localhost/test.html:
<script>
alert(document.referrer);
</script>
If I access it directly the result is an empty alert, which isn't surprising.
If I link from a different document at http://example.com/different.html, the alert will be that URL, again, not surprising.
What is suprising to me is that, if I intercept the HTTP request and change the Referer Header:
GET /test.html HTTP/1.1
Host: localhost
Referer: test
Then the alert will still alert the original URL, not test.
So where does document.referrer come from if not from the referer HTTP Header? Is it not influenced by the HTTP request at all? Is there a standard for this, or do different browsers handle it differently? And is there a way to influence it, without creating a new file linking to the code myself?
Upvotes: 3
Views: 6824
Answers (3)
Reputation: 30217
Referrer header your have intercepted is the request done by the client to the server. The client already know which is the referring page, you cannot fool it.
Upvotes: 1
Reputation: 235
The value is set by the browser, I mean the browser is setting the value "test" when you are doing the http request.
Upvotes: 0
Reputation: 1714
Per MDN documentation:
document.referrer:
Returns the URI of the page that linked to this page.
Further notes on why it displays empty to you:
The value is an empty string if the user navigated to the page directly (not through a link, but, for example, via a bookmark). Since this property returns only a string, it does not give you DOM access to the referring page.
More info can be found at: MDN
Now looking at the developer tools from both Chrome, Firefox and IE I can see the header is being set to: Referer:https://www.google.com/ whenever I hit a search result from google and this value is being set automatically by the browser. How it's set depends on browser implementor but this is the corresponding document describing the header value RFC 7231
The "Referer" [sic] header field allows the user agent to specify a
URI reference for the resource from which the target URI was obtained (i.e., the "referrer", though the field name is misspelled).
Upvotes: 0
Related Questions
- How does Google set the HTTP Referrer when someone clicks on a search result link?
- Problems with document.referrer
- How does Google sets HTTP Referrer after a search result click
- Does document.referrer equal the HTTP referer header?
- where is window.document.referrer coming from?
- How does javascript's referrer property work under the hood
- Can document.referrer be forged?
- JavaScript document.referrer
- Is the REFERER set if you redirect to a new web page using location.href =?
- How does refer(r)er work technically?