php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27041 Cannot set referer in header function
Submitted: 2004-01-25 19:42 UTC Modified: 2004-01-26 02:21 UTC
From: it_chan at hotmail dot com Assigned:
Status: Not a bug Package: HTTP related
PHP Version: 4.3.4 OS: windows xp/redhat 7.3
Private report: No CVE-ID: None
 [2004-01-25 19:42 UTC] it_chan at hotmail dot com
Description:
------------
A web page (a.php) has a link to (b.php), when the link is clicked I want to http referer in b.php to show that referer is some other x.php as if the link was on x.php.

Reproduce code:
---------------
# a.php
<?php
header('Referer: http://localhost.com/x.php', true);
?>
<a href="/b.php"> check </a>

#b.php
<?php 
 echo "referrer = " . $_SERVER['HTTP_REFERER']; 
?>



Expected result:
----------------
referrer = http://localhost/x.php

Actual result:
--------------
referrer = http://localhost/a.php

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-25 19:52 UTC] iliaa@php.net
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Only the browser can send that header. 
 [2004-01-25 23:41 UTC] it_chan at hotmail dot com
Check this out. Though I am not a perl guru, I found this link which says you can do it.

"The most frequently used headers can also be accessed through the following convenience methods. These methods can both be used to read and to set the value of a header. The header value is set if you pass an argument to the method. The old header value is always returned. If the given header did not exists then undef is returned."

The list includes: $h->referer

Here is the URL: http://www.perldoc.com/perl5.8.0/lib/HTTP/Headers.html
 [2004-01-25 23:53 UTC] it_chan at hotmail dot com
This is from CURL: 

REFERRER 

A HTTP request has the option to include information about which address that referred to actual page. Curl allows you to specify the referrer to be used on the command line. It is especially useful to fool or trick stupid servers or CGI scripts that rely on that information being available or contain certain data. 

curl -e www.coolsite.com http://www.showme.com/ 

NOTE: The referer field is defined in the HTTP spec to be a full URL.

Here is the URL: http://curl.mirror.at.stealer.net/docs/readme.curl.html

----------------------

About CURL: http://curl.haxx.se/ : Curl is a command line tool for transferring files with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. Curl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, kerberos, HTTP form based upload, proxies, cookies, user+password authentication, file transfer resume, http proxy tunneling and a busload of other useful tricks.

Curl is free and open software that compiles under a wide variety of operating systems. Curl exists thanks to efforts from many authors, with Daniel Stenberg being primary author and project maintainer. Curl is the result of many spare time hours of programming. Voluntary contributions are vital.
 [2004-01-26 02:21 UTC] sniper@php.net
You're mixing client headers with server headers..
PHP 'header()' function sets the SERVER side headers,
the ones web browsers see. To set client-side headers, use curl:
 
  http://www.php.net/curl


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 12:01:31 2024 UTC