tags:

views:

59

answers:

5
Q: 

Browsing activities outside the visited website

Is there a way a Web site can learn something about your browsing activities outside of this Web site from an HTTP request sent to the Web site by your browser?

A: 

Yes, sometimes. There is a referrer URL which browsers send if you click say from a google search result page.

In fact, in some cases, relying on this referrer has been detrimental to the web server(!) due to referrer spoofing.

See: http://en.wikipedia.org/wiki/HTTP_referrer

Moron  2010-05-17 18:40:47
Thanks! Your answer is also fine.
john  2010-05-17 19:01:29
A: 

From an ethically correct position, every website can find out the webpage you come from (if you clicked the links that redirects to your website)

From the dark side you might get something more with browser exploits or spying on your visitor cookies. Although exploits are not something that you can rely on, probably you can retrieve some information from users who do not click the option "accept only cookies from sites I navigate to".

Francisco Garcia  2010-05-17 18:44:08
+1  A: 

Hmm... possible, to an extent, I suppose. The HTTP request might contain the referrer link, so if a person visits your website by clicking your web link from some external site, you will at least know where they come from. Here's some info on the HTTP referrer header: http://www.w3.org/Protocols/HTTP/HTRQ_Headers.html

limc  2010-05-17 18:47:20
+2  A: 

Third-party cookies are a construct used specifically for this purpose.

Jacob  2010-05-17 18:51:05
A: 

As others have mentioned, the browser will send a Referrer header, which tells the web server where the link to the new page you're loading came from.

In theory this is the only information a site should be able to deduce about your browsing history. However, there are often browser vulnerabilities that mean that information is leaked - for example, using the fact that the colour for links that have been visited is different. Sometimes other browser bugs can leak cookies too. (Though note that these require more than just the initial GET - there usually must be javascript in the web page that gets served up in order to exploit these problems.)

In summary - theoretically the Referrer is all that gets sent; in practice browser bugs may leak more information.

psmears  2010-05-17 18:56:58

related questions

Which graphic file formats are supported by browsers?
How do you change Visual Studio's default web browser?
Is it possible to use ServicePointManager with Webbrowser control?
C# WebBrowser Control System.AccessViolationException
Flash in a browser to full screen
How to disable "Security Alert" window in Webbrowser control
Does IE 7 have any memory limitations when recieving a dynamically generated PDF? If so, does anyone have a workaround?
System.Windows.Forms.WebBrowser open links in same window or new window with same session
.Net WebBrowser.DocumentText Isn't Changing!
What functional differences exist between WPF and WinForms WebBrowser control?
How to embed a browser object, other than IE<n>, in a Delphi application
WebBrowser Control from .Net -- How to Inject Javascript?
How can I access PostData from WebBrowser.Navigating event handler?
Trying to set/get a JavaScript variable in an ActiveX WebBrowser from C#
Access Intranet via SSL using WebBrowser Winforms Control
How to "Open in New Window" using WebBrowser control?
What browser is best for testing web standards?
Secure Gmail login on web browser from external Java program
How do I reference a local resource in generated HTML in WinForms WebBrowser control?
How might I display a web page in a window with a transparent background using C#?
Getting the back/fwd history of the Windows Forms WebBrowser Control
How to print css applied background images with the winforms webbrowser control
Printing DOM Changes
Prevent WebBrowser control from swallowing exceptions
Other browsers