Categories




Still have a problem? Ask for help at our discussion forum.
Search


Advanced Search
Article Options
Popular Articles
  1. Windows Mail Spell Check Language is no longer available for Spell Checking
  2. Windows Vista Wallpaper
  3. An Error Has Occurred in the Script on This Page
  4. Windows Vista Release Schedule
  5. Windows Vista
No popular articles found.

 »  Home  »  Internet Explorer Page 2  »  Internet Explorer Does Not Send Referer Header in Unsecured Situations
Internet Explorer Does Not Send Referer Header in Unsecured Situations
By  Super Admin  | Published  11/23/2006 | Internet Explorer Page 2 | Rating:
Internet Explorer Does Not Send Referer Header in Unsecured Situations

The Referer header is a standard HTTP header in the form of "Referer: <URL>," which indicates to a Web server the URL of the page that contained the hyperlink to the currently requested URL. When a user clicks on a link on "http://example.microsoft.com/default.htm" to "http://example.microsoft.com/test.htm," the theoretical example.microsoft.com Web server will be sent a referer header of the form "http://example.microsoft.com".

However, Internet Explorer will not send the Referer header in situations that may result in secure data being sent accidentally to unsecured sites. For example, Internet Explorer will not send the Referer header for each of the following example hyperlinks from one document URL to another document URL:
javascript:somejavascriptcode --> http://example.microsoft.com
file://c:\alocalhtmlfile.htm  --> http://example.microsoft.com
https://example.microsoft.com --> http://www.microsoft.com
     
This prevents local file names from being sent inadvertently to Web servers when linking from local content to Web sites that might snoop on such information. Also, many secure (HTTPS) Web servers store secure information such as credit-card data in the URL during a GET request to a CGI or ISAPI server application. This information can be unwittingly sent in the Referer header when linking out of an "https://" server to an "http://" server elsewhere on the Web. Internet Explorer attempts to prevent this bad practice by not sending the Referer header when transitioning from an HTTPS URL to a non-HTTPS URL.

How would you rate the quality of this article?
1 2 3 4 5
Poor Excellent
Tell us why you rated this way (optional):

Send to Author Post on Site

Comments
  • Comment #1 (Posted by an unknown user)
    Rating
    It's better to leave Windows XP and just upgrade your laptop. It's much better. Besides Windows XP is way better then Windows Me. Windows Me is obsolete and many programs that can run with XP can't run with Me. -------------------
     
  • Comment #2 (Posted by an unknown user)
    Rating
    delite
     
Submit Comment