473,405 Members | 2,171 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > javascript > questions > http request headers and javascript

Join Bytes to post your question to a community of 473,405 software developers and data experts.

HTTP request headers and javascript

I am writing a website for a real estate client, and am using Dynamic
HTML menus. In doing so, the way the browser moves to the next page is
via the onclick property and changing the location.href to the next
URL.

The problem is that this method does not seem to send the RERRER header
field in the HTTP request, which causes an error cause they check that
the referrer url is correct.

The website is on a Windows Server, and we are using ASP pages. Is
tehre a way to add the REFERER field to our HTTP requests?

Obviously, using the HTML <a> tag works, but our DHTML code requires it
to be in JAVASCRIPT.

Help!

-Marc

Jul 23 '05 #1
5 9120
Jay

<le******@iwavesolutions.com> wrote in message
news:11*********************@z14g2000cwz.googlegro ups.com...
I am writing a website for a real estate client, and am using Dynamic
HTML menus. In doing so, the way the browser moves to the next page is
via the onclick property and changing the location.href to the next
URL.

The problem is that this method does not seem to send the RERRER header
field in the HTTP request, which causes an error cause they check that
the referrer url is correct.

The website is on a Windows Server, and we are using ASP pages. Is
tehre a way to add the REFERER field to our HTTP requests?

Obviously, using the HTML <a> tag works, but our DHTML code requires it
to be in JAVASCRIPT.
Can you insert some server side code into the javascript?
<script>
function blah() {
var TheRef = <%=request.servervariable("http_referer")%>
.....
</script>

Jay

Help!

-Marc

Jul 23 '05 #2
In article <11*********************@z14g2000cwz.googlegroups. com>,
le******@iwavesolutions.com enlightened us with...

The problem is that this method does not seem to send the RERRER header
field in the HTTP request, which causes an error cause they check that
the referrer url is correct.


Ooh, I love when people check the referer header instead of using session
variables. That way, I can spoof away until my heart's content. ;)

--
--
~kaeli~
Why do they sterilize the needles for lethal injections?
http://www.ipwebdesign.net/wildAtHeart
http://www.ipwebdesign.net/kaelisSpace

Jul 23 '05 #3
Yes, I could insert server side code into the javascript page.

Here is the thing...

I have client website www.a.com

which has code that looks like:

<div
onclick="javascript:lcoation.href=http://www.b.com/xxx/yyy?cccc=ggg">

The problem is that www.b.com checks to make sure you are coming from
www.a.com, so I need the referer to say we are coming from www.a.com.
For some reason its not getting passed along with this DHTML code,
whereas a simple <a> works fine.

I appreciate your response. Please continue with your example.

-Marc

Jul 23 '05 #4
Yea, I think its lame that they are doing it this way, which is making
coding this up and pain in the but.

-Marc

Jul 23 '05 #5
On 22 Apr 2005 17:23:45 -0700, le******@iwavesolutions.com wrote:
Yea, I think its lame that they are doing it this way, which is making
coding this up and pain in the but.


Simply tell them that referrer's are trivial to spoof, therefore no
security method based on using them is worthwhile so reconsider.

(in any case the question is answered in the links from faq 4.24)

Jim.
Jul 23 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
HTTP - basic authentication example.
by: Michael Foord | last post by:
#!/usr/bin/python -u # 15-09-04 # v1.0.0 # auth_example.py # A simple script manually demonstrating basic authentication. # Copyright Michael Foord # Free to use, modify and relicense. #...
Python
3
Read HTTP Headers with Javascript???
by: Rick Edwards | last post by:
Can I do this? If I'm passing info in my HTTP headers, can I read this info via Javascript? I've seen some hope out there, but nothing definitive - I'm hoping to get that answer here.... TIA...
Javascript
6
How to I do a http post from within a webform
by: Phillip N Rounds | last post by:
I have a webform, from which I have to submit info to another site. Their instructions are to have a html form, with the following as the submit: <form method="post"...
.NET Framework
1
How to get/set and send the HTTP Headers(user-defined)
by: Lakshmi Narayanan.R | last post by:
Hi Experts, In one SMS gateway project i need a great and urgent help from u all. There, the Service Providers sending the data thru "HTTP Headers" (For ex. sms-Id,sms-source ). So i need to...
ASP / Active Server Pages
3
HttpWebRequest Exception on HTTP/1.0 204 No Content
by: superseed | last post by:
Hi, I'm currently coding in C# a class to control a PTZ (Pan Tilt Zoom) Camera. To control the camera I have to send request on a CGI on it. Something like this : ...
.NET Framework
8
Cannot redirect after http headers have been sent
by: Andreas Klemt | last post by:
Hello, I get this error Message "cannot redirect after http headers have been sent" when I do this response.redirect ("home.aspx") How can I find out with vb.net if already a http header has...
ASP.NET
1
Adding Http Headers..
by: Ale News | last post by:
Hi to All.. I must add some custom headers HTTP and then i would to read them.. I used the AppendHeader Method to add my headers but when i try to read the headers i can't see my custom ones.....
ASP.NET
11
HTTP in the background in IE
by: Steve Kirkendall | last post by:
I need a work-around for an IE limitation, regarding fetching HTTP documents in the background. It takes a bit of explaining; please be patient... I'm working on an project that will run on an...
Javascript
7
redirect http to https
by: =?Utf-8?B?YzY3NjIyOA==?= | last post by:
Hi all, I am trying to set this up using asp code and IIS configuration. But it seems not working. Here it is the way I am doing. In IIS I set up a virtual directory with secure communication, I...
ASP / Active Server Pages
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!