Dijkgraaf
msg:577274 | 3:59 am on Feb 25, 2006 (gmt 0) |
The refer header is controlled and sent by the browser, so in short, no.
|
tombola
msg:577275 | 2:34 pm on Feb 27, 2006 (gmt 0) |
Uhm... HTTP headers are very easy to fake. You can find an example to set the REFERER header in an HTTP request here:
[microsoft.com...] (less than 10 lines of Perl code)
|
inveni0
msg:577276 | 3:29 pm on Feb 27, 2006 (gmt 0) |
I know nothing about Pearl...can this be done with PHP or javascript?
|
Dijkgraaf
msg:577277 | 7:01 pm on Feb 27, 2006 (gmt 0) |
tombola, yes it is easy to write an application that fetch a page and will spoof the referer. What you can't do is force the another application (e.g. the browser that the user is using) to report a different referer to what it decides to send as the referer; which is what in my opinion inveni0 is asking for. You cannot do this, not without writing Malware that infects the browser in question.
|
inveni0
msg:577278 | 3:45 pm on Feb 28, 2006 (gmt 0) |
Let's clarify: Is there a program that will 'spoof' a referrer. For instance, let's say I refer someone from my page (www.mysite.com/links/link.php?name=109437) to another site (www.yoursite.com). I'd like to spoof my referral url so that, when checking their tracking software, www.yoursite.com will show that my referral came from www.mysite.com. Is this possible?
|
tedster
msg:577279 | 3:52 pm on Feb 28, 2006 (gmt 0) |
No -- you can't change a browser's referer string from your web server.
|
tombola
msg:577280 | 12:26 pm on Mar 1, 2006 (gmt 0) |
Like for many "impossible" things, there's an easy way round (I'm sorry, I can only do this in Perl): 1. Transform your home page into an executable program:
www.mysite.com/index.cgi
2. On your link pages, use POST instead of GET to send visitors to index.cgi
For example: <form method="post" action="http://www.mysite.com/"> <input type="submit" name="submit" value="http://www.otherdomain1.com/"><br>
<input type="submit" name="submit" value="http://www.otherdomain2.com/"><br>
<input type="submit" name="submit" value="http://www.otherdomain3.com/"><br>
<input type="submit" name="submit" value="http://www.otherdomain4.com/"><br> </form> 3. Create a routine in index.cgi that checks whether a redirect must be executed (if not, display your home page) When visitors click on a link, they are sent to [mysite.com...] (no need to add index.cgi!)
Depending on the "submit" value, they are immediately redirected to the site in question.
The webmaster of that site will see [mysite.com...] as the referer. PS. You can use CSS to remove the borders from the input boxes so they look like real links.
|
inveni0
msg:577281 | 3:10 pm on Mar 1, 2006 (gmt 0) |
That may work! What I do is this: Link to a redir-page using a tag (PHP) like this > [mysite.com...] Then, I have code in the redir.php page that checks for an existent $URL string and then redirects to the url using a meta tag (this makes it look to trackers as if the redir.php page was never even loaded). On the end of [yoursite.com,...] I add?SRC=MySite. This seems to work fine, and is much like your idea.
|
|
