1. Board4all.biz is a forum where members can share their knowledge and much more - why not become part of our wonderful community thats been around for over 15 years and create an account with us. We have one of the (if not the) best development sections on the internet, especially Delphi. If you have problems registering you can send an email to admin@board4all.biz and we will look into it.

can I change referrer ?

Discussion in 'SW Helpdesk' started by FriendOfGhost, Mar 19, 2014.

  1. FriendOfGhost

    FriendOfGhost is a Trusted Warez PosterFriendOfGhost Moderator Staff Member Moderator

    Joined:
    Jan 15, 2009
    Messages:
    838
    Likes Received:
    4,682
    hi friends... I have a HUGE problem about that. I nee to change referrer in this structure. First site will post data so second site and second site cannot check referrer value.

    first page on FIRSTSITE.COM/test.php

    Code:
    <html>
    <head>
        <title></title>
    </head>
    <body>
        <form action="http://www.SECONDSITE.com/testreferrer.php" method="post">
            value: <input name="field1" type="text" />
            <br />
            <br />
            <input id="submit" type="submit" value="submit" />
        </form>
    </body>
    </html>
    
    second page whick checks the referrer on www.SECONDSITE.com/testreferrer.php

    Code:
    <html>
    <body>
    <form action=" method="post">
        <br>
           Your value is: <?php echo $_POST["field1"]; ?>
        <br>
          referrer:
        <?php echo $_SERVER['HTTP_REFERER']; ?>
        <br>
    </form>
    </body>
    </html> 
    
    normally testreferrer.php shows http//www.FIRSTSITE.COM/test.php as referrer value.

    I want to change it http://www.somesite.com/test.php

    I googled and found out some says "its impossible" as browser sends referrer value but some others claims they change it. Though I tried almost every code piece I found I could not make it run. my servers are linux and I think there should be a way to achieve this.

    any ideas please ?
     
  2. gj

    gjutras Registered User

    Joined:
    Jul 14, 2010
    Messages:
    5
    Likes Received:
    3
    When and at what point are you trying to change it? And client side or from server 1 as part of it's request handling? You could achieve this client side with a custom app, or a plugin or extension. But purely from script called by a page, I don't think you'll be able to override the browser behavior client side.
     
    Last edited: Dec 29, 2016
  3. FriendOfGhost

    FriendOfGhost is a Trusted Warez PosterFriendOfGhost Moderator Staff Member Moderator

    Joined:
    Jan 15, 2009
    Messages:
    838
    Likes Received:
    4,682
    I want some expert/experienced opinions if it can be done because I have web services that check REFERRER value to obtain security. I wanted to know if it can be done or "cheated".

    So If someone calls SECONDSITE by not using browser but creating a request by programming or they use some addons like said then they can change REFERRER is that correct ? As far as I know they can also cheat IP number.

    Then how will I secure my service so it can be used by only one domain ? I have username/password etc but they are known by many people (customer himself, programmer, third party programmer etc...)

    I need some solid variable to identify domain name which request has made. I need to be sure that SECONDSITE page is called from FIRSTSITE not some other site.
     
  4. Cl

    Cleric Registered User

    Joined:
    Dec 20, 2016
    Messages:
    5
    Likes Received:
    5

Share This Page