Can you at least get the domain of the https referer?

Asked 14/5, 2013 at 19:44 Answered 8/8, 2018 at 10:58

I've noticed that if a foreign https: site links to my non-https site, that I don't get anything in the HTTP Referer header at all. I've experienced this with access.log, but I presume the same happens with JavaScript's document.referrer, too.

So, if the referrer is https, is there no way to get any information about it? Not even the hostname / domain name? Or is it possible to somehow get at least the domain, with JavaScript?

Also, I presume running my own site with https isn't going to solve this issue for me, correct?

Summersummerhouse answered 14/5, 2013 at 19:44 Comment(1)

check this webmasters.stackexchange.com/questions/47405/… – Thistledown 14/5, 2013 at 19:48

You should check this answer : Get referrer URL - visitors coming from Paypal (HTTPS)

In case your site uses HTTP (not HTTPS) and the referer uses HTTPS, there is no Referrer being sent!

HTTP RFC - 15.1.3 Encoding Sensitive Information in URI's states:

Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.

So the only way to get the Referrer is to use HTTPS on your site.

Egomania answered 14/5, 2013 at 19:47 Comment(2)

So, if I move my site to https, I will be getting ALL https referrers? Even inter-domain https referrers? – Summersummerhouse 14/5, 2013 at 20:12

yes you can get inter-domain https referrers too if you're using HTTPS. I just practiced and commented here – Sheldonshelduck 16/5, 2019 at 4:33

To get the document.referrer, You can use either of the options below:

You Need to convert your HTTP site to HTTPS.
Or you can add the below simple meta tag in your HTTPS site.

<meta name="referrer" content="always">

Masturbate answered 8/8, 2018 at 10:58 Comment(0)

Recommended topics

Hot tags