How does refer(r)er work technically?

Question

I don't understand: how are webserver and trackers like Google Analytics able to track referrals?

Is it part of HTTP?

Is it some (un)specified behavior of the browsers?

Apparently every time you click on a link on a web page, the original web page is passed along the request.

What is the exact mechanism behind that? Is it specified by some spec?

I've read a few docs and I've played with my own Tomcat server and my own Google Analytics account, but I don't understand how the "magic" happens.

Bonus (totally related) question: if, on my own website (served by Tomcat), I put a link to another site, does the other site see my website as the "referrer" without me doing anything special in Tomcat?

Answer 1

If you request a web page using a browser, your browser will sent the HTTP Referer header along with the request.

Answer 2

Your browser passes referrer with each page request.

It seems unusual that JavaScript has access to this as well, but it does.

Answer 3

Referer (misspelled in the spec) is an HTTP header. It's a standard header that all major HTTP clients support (though some proxy servers and firewalls can be configured to strip it or mangle it). When you click on a link, your browser sends an HTTP request that contains the page being requested and the page on which the link was found, among other things.

Since this is a client/request header, the server is irrelevant, and yes, clicking a link on a page hosted on your own server would result in that page's URL being sent to the other site's server, though your server may not necessarily be accessible from that other site, depending on your network configuration.

Answer 4

Yes, the browser sends the previous page in the HTTP headers. This is defined in the HTTP/1.1 spec:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.36

The answer to your question is yes, as the browser sends the referer.

Answer 5

"The referrer field is an optional part of the HTTP request sent by the browser program to the web server."

http://en.wikipedia.org/wiki/HTTP_referrer

Answer 6

When you click on a link the browser adds a Referer header to the request. It is part of HTTP. You can read more about it here.

Answer 7

From: http://en.wikipedia.org/wiki/HTTP_referrer

The referrer field is an optional part of the HTTP request sent by the browser program to the web server.

From RFC 2616:

The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the "referrer", although the header field is misspelled.)

Answer 8

One detail to add to what's already been said about how browsers send it: HTTPS changes the behavior a bit. I am not aware if it's in any spec, but if you jump from HTTPS to HTTP, and if you stay on the same domain or go to different domains, then sometimes the referrer is not sent. I don't know the exact rules, but I've observed this in the wild. If there's some spec or description about this, it would be great.

EDIT: ok, the RFC says plainly:

Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.

So, if you go from HTTPS page to a HTTP link, referrer info is not sent.