Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is document.referrer cross browser compatible?

I'd like to use document.referrer for an informal referrer check. Is this element cross browser compatible? Will any browser throw an error when trying to reference the document object?

like image 711
buley Avatar asked Feb 23 '11 22:02

buley


People also ask

How do I find referrer in Chrome?

To check the Referer in action go to Inspect Element -> Network check the request header for Referer like below. Referer header is highlighted. Supported Browsers: The browsers are compatible with HTTP header Referer are listed below: Google Chrome.

What is referrer policy strict origin cross origin?

strict-origin-when-cross-origin offers more privacy. With this policy, only the origin is sent in the Referer header of cross-origin requests. This prevents leaks of private data that may be accessible from other parts of the full URL such as the path and query string.

How do I change referrer settings in Chrome?

Change referer headers in Chrome To disable referer headers in Chrome, all you need to do is launch it with the –no-referrers flag on the end. Linux and Mac users can do this from a terminal. Windows users will need to edit the shortcut and add the flag manually.

Is Referer header reliable?

Using HTTP_REFERER isn't reliable, its value is dependent on the HTTP Referer header sent by the browser or client application to the server and therefore can't be trusted because it can be manipulated. Regarding the Referer header, section 15.1.


2 Answers

The document.referrer property is described in the DOM spec:

http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-95229140

So it should be supported cross-browser. However, you can easily detect if the implementation does support this property like

if( 'referrer' in document ) { 
    console.log(document.referrer);
}
like image 139
jAndy Avatar answered Sep 21 '22 16:09

jAndy


You can not depend on it to determine if the request is coming from a browser (many non-browser robots also send one). While it is supported by browsers their are also privacy programs to specifically not provide it. Sometimes this is done by a proxy server ... http://en.wikipedia.org/wiki/HTTP_referrer ... and If a website is accessed from a HTTP Secure (HTTPS) connection and a link points to a non-secure connection, then the referrer field is not sent.

So the answer is yes but with exceptions.

like image 35
Wayne Avatar answered Sep 18 '22 16:09

Wayne