tags:

views:

37

answers:

4
Q: 

How to do a redirect without the original referrer showing?

I need to do redirect my site visitors to a third party site, without the original referrer showing as the urls disclose private information.

Is there a way to instruct a browser redirection without a referrer being sent to the destination site? E.g. using javascript?

Thanks

A: 

You will need to redirect through another page. You can do a POST to your own page which then does a redirect to the destination. This will show only your intermediate page as the referrer.

There is not a way to do this with just javascript.

Alan Geleynse  2010-10-19 20:36:25
+2  A: 

As a quick workaround, you could redirect them to a special URL owned by you which exclusively redirects to the target URL (or one provided as a query parameter, for example). This way the private information would be lost in the extra hop.

maerics  2010-10-19 20:36:47
when I do this with e.g. a tinyurl redirection, the original referrer still shows when loading the final destination page.
Gj  2010-10-20 00:36:46
Right, you'll have to setup your own HTTP request handler which simply responds "302 Found" with a Location header as your redirect URL and ideally overwriting the Referer header, in case your webserver or container copies that header automatically for 302 responses.
maerics  2010-10-20 03:37:12
A: 

Have you tried 

<meta http-equiv="refresh" content="0;url=http://www.someplace.com"&gt;
Faheem  2010-10-19 20:40:09
this still results with the original url sent as the referrer
Gj  2010-10-20 00:27:44
A: 

Try redirect with curl for example.

bswietochowski  2010-10-19 21:20:22

related questions

Retrieving HTTP status code from loaded iframe with Javascript
How to specify an authenticated proxy for a python http connection?
Why does HttpCacheability.Private suppress ETags?
How to respond to an alternate URI in a RESTful web service
Is there a reason to use BufferedReader over InputStreamReader when reading all characters?
What would be a good, windows and iis (http) based distributed version control system
Database query representation impersonating file on Windows share?
How do I use NTLM authentication with Active Directory
Process raw HTTP request content
How would you implement FORM based authentication without a backing database?
Reading "chunked" response with HttpWebResponse
Best way to let users download a file from my website: http or ftp
How do I convert a date to a HTTP-formatted date in .Net / C#
What is the best way to upload a file via an HTTP POST with a web form?
How do I stop IIS7 dropping my cookies?
Checking FTP status codes with a PHP script.
HTTP Libraries for Emacs
Accessing post variables using Java Servlets
HTTP: Generating ETag Header
HTTP: How to know when to send a 304 Not Modified response
How do I best detect an ASP.NET expired session?
How can I make the browser see CSS and Javascript changes?
How to curl or wget a web page?
The Definitive Guide To Website Authentication
Implementation of "Remember me" in a Rails application.