|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Submitted: 2001-03-27 11:31 UTC Modified: 2002-03-07 06:15 UTC
From: brad at youreshop dot com Assigned:
Status: Closed Package: *Web Server problem
PHP Version: 4.0.4pl1 OS: Linux Redhat 6.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
33 + 20 = ?
Subscribe to this entry?

 [2001-03-27 11:31 UTC] brad at youreshop dot com
Linking to a phpinfo() page should give a valid HTTP_REFERER value, however, I don't see it. The only thing I see remotely close to that is:



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-03-29 11:11 UTC]
Works for me just fine with latest CVS. (snapshot can be found at )

Which webserver are you using? Apache?


 [2001-04-29 11:50 UTC]
No feedback.

 [2002-03-07 04:19 UTC] alexleu at starglory dot com
Both windows2000 & FreeBSD 3.4 found SAME Problem With Apache! 
How to decode HTTP_WEFERER?
 [2002-03-07 06:15 UTC]
HTTP_WEFERER has nothing todo with PHP its some 
data your browser gives out to the world.
 [2002-05-09 08:38 UTC] mn at red1 dot net
I experienced the same problem using PHP4.2.0 (win32) with Apache on WinME.
On the phpinfo() page HTTP_REFERER was shown as HTTP_WEFERER with a value of a string of letters.

When I disabled "Norton Internet Security" the problem disappeared. 

What is more, scripts on a remote server which were reliant on getting data from HTTP_REFERER would not run with "NIS" enabled.

Did you have a similar programme running?
 [2003-10-14 14:01 UTC] paul at bladetechnology dot co dot uk
The last comment was correct. It's caused by one of the Norton products (Norton Personal Firwall in my case) changing the HTTP_REFERER header into HTTP_WEFERER (elmer fudd?) and encrypting it.  You can solve this by creating a rule in the firewall software to pass unaltered headers to named sites.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Apr 21 02:01:28 2024 UTC