Re: Referer from https

[Maverick <myeaddress () gmail com>]

Thanks Sake ,I really appreciate your answer and efforts.


On Thu, Feb 10, 2011 at 3:16 AM, Sake Blok <sake () euronet nl> wrote:
> On 10 feb 2011, at 03:06, Stephen Fisher wrote:
>
> > On Wed, Feb 09, 2011 at 03:26:22PM -0500, Maverick wrote:
> >
> > > If a user is clicked on a link from an https site and that link isn't
> > > using ssl itself can we detect the refere information in that case.
> >
> > Yes, but then it isn't an "https" site and is instead an "http" site.
>
> Funny, I would have expected this to (a "https://xxx referer in the http request), but I just tested with Firefox and 
> whenever I follow a link on an https page to a non-https page (either on the same site or a different site), there is 
> just no "Referer:" header. I'm not sure how other browsers are dealing with this, so I checked the RFC[1]. It states 
> in 15.1.3:
>
>
>   Clients SHOULD NOT include a Referer header field in a (non-secure)
>   HTTP request if the referring page was transferred with a secure
>   protocol.
>
>
> So there is your answer why you don't get the referer information.
>
> Cheers,
>
>
> Sake
>
> [1]  http://tools.ietf.org/html/rfc2616#section-15.1.3
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe