Menu
I understand relying on Referer in the request header is not right. But my question is, why IE does not set Referer to the Request Header if I use window.location? Any thoughts or fixes?
This does not set Referer in the Request header:
function load1() { window.location = "https://" + serverURL + "/path/folder/page.aspx"; } <a href="javascript:load1()">Link 1</a> While this sets:
<a href="https://hardcode.server.url/path/folder/page.aspx">Link 1</a> 
317
You cannot set Referer header manually but you can use location. href to set the referer header to the link used in href but it will cause reloading of the page.
It can be done by simply using the HTTP header or the meta element in HTML which takes referrer keyword as value that in turn allows referrer policy setting through markup or using the referrerpolicy content attribute in HTML.
The Origin header is similar to the Referer header, but does not disclose the path, and may be null . It is used to provide the "security context" for the origin request, except in cases where the origin information would be sensitive or unnecessary.
Your post title shows that you want to change the current page programmatically using JavaScript but still having the HTTP referrer provided (from what I understood, using a <a> tag is just for a test case).
You need to be aware of cross-browser issues:
window.location.href under the following browsers: window.location.href (this is why some pseudo-solutions are based on myLink.click())click function does not exist (this is why pseudo-solutions based on myLink.click() do not work)click function exists under Firefox 5 but does not change the window location, so all the methods relying on the existence of the myLink.click() method will not work. Calling myLink.onclick() or myLink.onClick() raise an error ("onclick is not a function"), so solutions based on these calls will not work.In order to manage these cross-browser issues, I'm using the following method:
function navigateToUrl(url) { var f = document.createElement("FORM"); f.action = url; var indexQM = url.indexOf("?"); if (indexQM>=0) { // the URL has parameters => convert them to hidden form inputs var params = url.substring(indexQM+1).split("&"); for (var i=0; i<params.length; i++) { var keyValuePair = params[i].split("="); var input = document.createElement("INPUT"); input.type="hidden"; input.name = keyValuePair[0]; input.value = keyValuePair[1]; f.appendChild(input); } } document.body.appendChild(f); f.submit(); } navigateToUrl("http://foo.com/bar"); This solution works on all the browser flavors and version listed above. It has the advantage to be simple, multi-browser and easy to understand. Note that this has not been tested under HTTPS.
111
Setting window.location is not the same as following a link on that page. It starts a new request for the page as thought the user typed the URL into the browser's address bar.
I did manage to locate a workaround:
function goTo(url) { var a = document.createElement("a"); if(!a.click) //for IE { window.location = url; return; } a.setAttribute("href", url); a.style.display = "none"; document.body.appendChild(a); a.click(); } It creates a link on the page and simulates a click. The result is a change in window.location and the referrer is populated.
http://ianso.blogspot.com/2006/01/referer-header-not-set-on-http.html
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
