I want to set Referer header of my webpage. Currently it displays "xyz" and I want to set it to "abc".
Viewed referer using javascript:alert(document.referer)
You cannot set Referer header manually but you can use location. href to set the referer header to the link used in href but it will cause reloading of the page.
The Referer HTTP request header contains an absolute or partial address of the page that makes the request. The Referer header allows a server to identify a page where people are visiting it from. This data can be used for analytics, logging, optimized caching, and more.
To help mitigate CSRF attacks, you can configure WebSEAL to validate the referer header in incoming HTTP requests. WebSEAL compares this referer header with a list of configured allowed-referers to determine whether the request is valid. Referrer validation affects the following WebSEAL management pages: /pkmslogout.
You can already try out the change starting from Chrome 81: visit chrome://flags/#reduced-referrer-granularity in Chrome and enable the flag. When this flag is enabled, all websites without a policy will use the new strict-origin-when-cross-origin default. Enabling the flag.
You can use Object.defineProperty on the document object for the referrer property:
Object.defineProperty(document, "referrer", {get : function(){ return "my new referrer"; }});
Unfortunately this will not work on any version of safari <=5, Firefox < 4, Chrome < 5 and Internet Explorer < 9 as it doesn't allow defineProperty to be used on dom objects.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With