RE: cgi.HTTP_REFERER
You could try (on the calling page) writing a session variable for the current page, then call that variable instead of cgi.http_referrer -Original Message- From: Coldfusion [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 9:18 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Why not append the CGI.SCRIPT_NAME to the URL location? Or hard code the name. Because I agree with Dave, I do not think the referrer Will be displayed on a cflocation but then again I have Not tested it. -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 8:57 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Calling page is: cflocation url=test_ref.cfm Still not working. I don't think that the Referer header is passed when you redirect using CFLOCATION. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236528 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Ah... That might not work. I don't think that a page with only a cflocation is going to generate the referrer variable. !//-- andy matthews web developer ICGLink, Inc. [EMAIL PROTECTED] 615.370.1530 x737 --//- -Original Message- From: Richard Colman [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 7:22 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Calling page is: cflocation url=test_ref.cfm Still not working. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236550 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
But what if he doesn't have control over the calling page? !//-- andy matthews web developer ICGLink, Inc. [EMAIL PROTECTED] 615.370.1530 x737 --//- -Original Message- From: Charles Sheehan-Miles [mailto:[EMAIL PROTECTED] Sent: Thursday, March 30, 2006 5:06 AM To: CF-Talk Subject: RE: cgi.HTTP_REFERER You could try (on the calling page) writing a session variable for the current page, then call that variable instead of cgi.http_referrer -Original Message- From: Coldfusion [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 9:18 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Why not append the CGI.SCRIPT_NAME to the URL location? Or hard code the name. Because I agree with Dave, I do not think the referrer Will be displayed on a cflocation but then again I have Not tested it. -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 8:57 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Calling page is: cflocation url=test_ref.cfm Still not working. I don't think that the Referer header is passed when you redirect using CFLOCATION. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236551 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Then you handle the fact that the variable doesn't exist cfif not structKeyExiss(session.foo) or session.foo neq myValue !--- push them somewhere I can have control --- cflocation blah blah blah. -- Timothy Heald Analyst, Architect, Developer [EMAIL PROTECTED] W: 202-228-8372 C: 703-300-3911 -Original Message- From: Andy Matthews [mailto:[EMAIL PROTECTED] Sent: Thursday, March 30, 2006 11:09 AM To: CF-Talk Subject: RE: cgi.HTTP_REFERER But what if he doesn't have control over the calling page? !//-- andy matthews web developer ICGLink, Inc. [EMAIL PROTECTED] 615.370.1530 x737 --//- -Original Message- From: Charles Sheehan-Miles [mailto:[EMAIL PROTECTED] Sent: Thursday, March 30, 2006 5:06 AM To: CF-Talk Subject: RE: cgi.HTTP_REFERER You could try (on the calling page) writing a session variable for the current page, then call that variable instead of cgi.http_referrer -Original Message- From: Coldfusion [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 9:18 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Why not append the CGI.SCRIPT_NAME to the URL location? Or hard code the name. Because I agree with Dave, I do not think the referrer Will be displayed on a cflocation but then again I have Not tested it. -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 8:57 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Calling page is: cflocation url=test_ref.cfm Still not working. I don't think that the Referer header is passed when you redirect using CFLOCATION. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236553 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
A lot of software blocks this variable, like firewalls and stuff. Http_referer is useful, but you can't rely on it being there. -Original Message- From: Richard Colman [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 2:33 PM I am trying to get this to work, and the simple test case is: cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. A1. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236467 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. Rick Colman Just to eliminate any other kind of white space characters, I usually do a trim on anything I'm trying to compare to an empty string. cfif trim(cgi.HTTP_REFERER) EQ I also usually try to phrase this as a binary comparison. cfif len(trim(cgi.HTTP_REFERER)) -- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA - | 1 | | - Binary Soduko | | | - C code. C code run. Run code run. Please! - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236468 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
Re: cgi.HTTP_REFERER
what is the result of the conditional? the variable will always exist. there should (i believe) always be a key in the CGI scope (struct) for cgi.http_referer. However, the value of that key could be an empty string (if the user bookmarked the page, typed it in manually, etc). On 3/29/06, Richard Colman [EMAIL PROTECTED] wrote: I am trying to get this to work, and the simple test case is: cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. Rick Colman ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236469 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
Re: cgi.HTTP_REFERER
This is kind of like asking to make sure your computer is plugged in (so you've probably already checked this) but it will be empty if you didn't actually have a referrer (as in, you browse directly to the page). On 3/29/06 10:38 PM, Ian Skinner [EMAIL PROTECTED] wrote: cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. Rick Colman Just to eliminate any other kind of white space characters, I usually do a trim on anything I'm trying to compare to an empty string. cfif trim(cgi.HTTP_REFERER) EQ I also usually try to phrase this as a binary comparison. cfif len(trim(cgi.HTTP_REFERER)) -- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA - | 1 | | - Binary Soduko | | | - C code. C code run. Run code run. Please! - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236471 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
cfif IsDefined(CGI.HTTP_REFERER) checks for it's existence Actually, I'm pretty sure that IsDefined always returns true for any CGI variable, whether it actually exists or not. For example, this would return true: cfif IsDefined(CGI.I_MADE_THIS_UP) Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236474 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
Re: cgi.HTTP_REFERER
cfif IsDefined(CGI.HTTP_REFERER) checks for it's existence Actually, I'm pretty sure that IsDefined always returns true for any CGI variable, whether it actually exists or not. For example, this would return true: cfif IsDefined(CGI.I_MADE_THIS_UP) Dave Watts, CTO, Fig Leaf Software WTF!! Dave may kindly ask if you have any insight into the logic behind that little gem? ;-) Thanks Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [EMAIL PROTECTED] web: www.electricedgesystems.com ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236478 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
Re: cgi.HTTP_REFERER
For that matter (and I know this is a bit off the original point), cgi.jimmyhoffa will always exist. The cgi scope is really funny that way, everything exists there. --Ferg Charlie Griefer wrote: what is the result of the conditional? the variable will always exist. there should (i believe) always be a key in the CGI scope (struct) for cgi.http_referer. However, the value of that key could be an empty string (if the user bookmarked the page, typed it in manually, etc). On 3/29/06, Richard Colman [EMAIL PROTECTED] wrote: I am trying to get this to work, and the simple test case is: cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. Rick Colman ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236480 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
WTF!! Dave may kindly ask if you have any insight into the logic behind that little gem? ;-) I can only speculate, but the set of CGI variables is dependent on the browser and the server, so my presumption is that they did this to reduce errors when checking CGI variables. I think it's kind of silly, myself. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236481 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
cfif IsDefined(CGI.I_MADE_THIS_UP) Dave Watts, CTO, Fig Leaf Software WTF!! Dave may kindly ask if you have any insight into the logic behind that little gem? ;-) Thanks CGI is a bit of a bastard because different web server software will return deferent lists. This can be confounded with proxy servers and other systems in between. So basically CF just assumes you know what CGI you want and that it exists when you ask for it. This is just one of those special rules. -- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA - | 1 | | - Binary Soduko | | | - C code. C code run. Run code run. Please! - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236482 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
Re: cgi.HTTP_REFERER
Thanks DaveI'm not sure I'd use the word sillybut I hear ya ;-) Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [EMAIL PROTECTED] web: www.electricedgesystems.com ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236485 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Also you have to be going to that page from another page for it to have a value... Eric snipped ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236505 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Calling page is: cflocation url=test_ref.cfm Still not working. -Original Message- From: Charles Sheehan-Miles [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 7:43 AM To: CF-Talk Subject: Re: cgi.HTTP_REFERER This is kind of like asking to make sure your computer is plugged in (so you've probably already checked this) but it will be empty if you didn't actually have a referrer (as in, you browse directly to the page). On 3/29/06 10:38 PM, Ian Skinner [EMAIL PROTECTED] wrote: cfif cgi.HTTP_REFERER IS NOT cgi variable exists cfelse cgi variable does not exist /cfif cfoutput#CGI.HTTP_REFERER#/cfoutput However I am not getting anything back in the cgi variable. Any comments appreciated. Rick Colman Just to eliminate any other kind of white space characters, I usually do a trim on anything I'm trying to compare to an empty string. cfif trim(cgi.HTTP_REFERER) EQ I also usually try to phrase this as a binary comparison. cfif len(trim(cgi.HTTP_REFERER)) -- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA - | 1 | | - Binary Soduko | | | - C code. C code run. Run code run. Please! - Cynthia Dunning Confidentiality Notice: This message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender and delete any copies of this message. ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236506 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Calling page is: cflocation url=test_ref.cfm Still not working. I don't think that the Referer header is passed when you redirect using CFLOCATION. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236508 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: cgi.HTTP_REFERER
Why not append the CGI.SCRIPT_NAME to the URL location? Or hard code the name. Because I agree with Dave, I do not think the referrer Will be displayed on a cflocation but then again I have Not tested it. -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 29, 2006 8:57 PM To: CF-Talk Subject: RE: cgi.HTTP_REFERER Calling page is: cflocation url=test_ref.cfm Still not working. I don't think that the Referer header is passed when you redirect using CFLOCATION. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236513 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations Support: http://www.houseoffusion.com/tiny.cfm/54
RE: CGI.HTTP_REFERER is blank!
Donnie: The Referer header is optional.HTTP Clients are not required to send the header or, if they do, are not required to be truthful about the data specified by the header.Additionally, a lot of systems along the path of the HTTP connection (firewalls, gateways, etc.) can strip the header before it reaches your server.In short, don't rely on the HTTP_REFERER value. -- Mosh Teitelbaum evoch, LLC Tel: (301) 942-5378 Fax: (301) 933-3651 Email: [EMAIL PROTECTED] WWW: http://www.evoch.com/ -Original Message- From: Donnie Carvajal [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 11:41 AM To: CF-Talk Subject: CGI.HTTP_REFERER is blank! I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank.Any ideas of what might cause this?Are there certain settings in a browser that might cause this? Thanks. Donnie Carvajal [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER is blank!
Sending a referrer is entirely up to the browser/system - most home firewall software will prevent referrers from being sent for example. You really should never use referrer as security mechanism it's just not reliable enough. Jim Davis I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank.Any ideas of what might cause this?Are there certain settings in a browser that might cause this? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER is blank!
So, any ideas on the best way to keep outside sites from submitting my forms? -Original Message- From: Mosh Teitelbaum [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 10:50 AM To: CF-Talk Subject: RE: CGI.HTTP_REFERER is blank! Donnie: The Referer header is optional.HTTP Clients are not required to send the header or, if they do, are not required to be truthful about the data specified by the header.Additionally, a lot of systems along the path of the HTTP connection (firewalls, gateways, etc.) can strip the header before it reaches your server.In short, don't rely on the HTTP_REFERER value. -- Mosh Teitelbaum evoch, LLC Tel: (301) 942-5378 Fax: (301) 933-3651 Email: [EMAIL PROTECTED] WWW: http://www.evoch.com/ -Original Message- From: Donnie Carvajal [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 11:41 AM To: CF-Talk Subject: CGI.HTTP_REFERER is blank! I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank.Any ideas of what might cause this?Are there certain settings in a browser that might cause this? Thanks. Donnie Carvajal [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: CGI.HTTP_REFERER is blank!
proxy server ;-) Bryan Stevenson B.Comm. VP Director of E-Commerce Development Electric Edge Systems Group Inc. t. 250.920.8830 e. [EMAIL PROTECTED] - Macromedia Associate Partner www.macromedia.com - Vancouver Island ColdFusion Users Group Founder Director www.cfug-vancouverisland.com - Original Message - From: Donnie Carvajal To: CF-Talk Sent: Monday, July 12, 2004 8:40 AM Subject: CGI.HTTP_REFERER is blank! I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank.Any ideas of what might cause this?Are there certain settings in a browser that might cause this? Thanks. Donnie Carvajal [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER is blank!
Internet Privacy software will strip out the referrer oftentimes.With all of the privacy issues and the software to address them, it might not be a good idea to rely on CGI.HTTP_REFERERespecially since it can be forged easily. Marlon -Original Message- From: Donnie Carvajal [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 10:41 AM To: CF-Talk Subject: CGI.HTTP_REFERER is blank! I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank. Any ideas of what might cause this?Are there certain settings in a browser that might cause this? Thanks. Donnie Carvajal [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER is blank!
Donnie: There's been a lot of discussion on this topic in the past.You can check the House Of Fusion archives for them. In general, the best method I've heard of is dynamically generating a unique value on form display that needs to be submitted to the form processing page.Basically, when the user first requests the form, generate a unique value and store it in a hidden field of the form or in a cookie.Also store the value on the server (SESSION, database, etc.).When the form is submitted, compare the form/cookie value to the server-side value.This ensures that the form used to submit to your site is your own form and not someone else's. -- Mosh Teitelbaum evoch, LLC Tel: (301) 942-5378 Fax: (301) 933-3651 Email: [EMAIL PROTECTED] WWW: http://www.evoch.com/ Donnie Carvajal [mailto:[EMAIL PROTECTED] wrote: So, any ideas on the best way to keep outside sites from submitting my forms? Mosh Teitelbaum [mailto:[EMAIL PROTECTED] wrote: The Referer header is optional.HTTP Clients are not required to send the header or, if they do, are not required to be truthful about the data specified by the header.Additionally, a lot of systems along the path of the HTTP connection (firewalls, gateways, etc.) can strip the header before it reaches your server.In short, don't rely on the HTTP_REFERER value. [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER is blank!
Norton Internet Security and similar products will strip it. -Original Message- From: Donnie Carvajal [mailto:[EMAIL PROTECTED] Sent: Monday, July 12, 2004 10:41 AM To: CF-Talk Subject: CGI.HTTP_REFERER is blank! I am trying to check the CGI.HTTP_REFERER variable to keep outside sites from submitting forms; however, I have seen some strange things.The same form on one computer when the form is submitted will have data in CGI.HTTP_REFERER and on another computer, CGI.HTTP_REFERER is blank. Any ideas of what might cause this?Are there certain settings in a browser that might cause this? Thanks. Donnie Carvajal _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
Re: CGI.HTTP_REFERER is blank!
Donnie Carvajal wrote: So, any ideas on the best way to keep outside sites from submitting my forms? Try using ticketmaster to buy some tickets, you'll see what is probably one of the more effective methods... then scan the list archives for the many discussions on methods of doing it.=)It's been talked about OFTEN. - Rick [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
RE: CGI.HTTP_REFERER
A firewall would have to _strip_ the referer header from the HTTP request... a lot of work, and I can't imagine what additional security would be gained from doing this. Imagine that you've got a relatively unsavory site with a bunch of links to less unsavory sites. You might not want to have the good site log the fact that you came from the bad site. A minor issue, but there are those concerned enough about their privacy to care about this. In any case, it's not a lot of work for a firewall to strip that one header. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
The syntax on the first one is correct. Are you referencing it after a page request or form submittal? Douglas Brown Email: [EMAIL PROTECTED] - Original Message - From: Cornillon, Matthieu [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Saturday, July 27, 2002 3:49 PM Subject: CGI.HTTP_REFERER Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I'm checking it in my Application.cfm. I want to see whether the page before the current page is from my site or not. If not, I want to do something different. I am guessing that my company's firewall is set to block outgoing referer information from the browser. I am checking into this with my IT department. Thanks anyway, Matthieu -Original Message- From: Douglas Brown [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 27, 2002 7:05 PM To: CF-Talk Subject: Re: CGI.HTTP_REFERER The syntax on the first one is correct. Are you referencing it after a page request or form submittal? Douglas Brown Email: [EMAIL PROTECTED] - Original Message - From: Cornillon, Matthieu [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Saturday, July 27, 2002 3:49 PM Subject: CGI.HTTP_REFERER Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
H not sure it will work in application.cfm due to that being the first file processed by CF. It needs to have a referring page, hence the name. Douglas Brown Email: [EMAIL PROTECTED] - Original Message - From: Cornillon, Matthieu [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Saturday, July 27, 2002 4:48 PM Subject: RE: CGI.HTTP_REFERER I'm checking it in my Application.cfm. I want to see whether the page before the current page is from my site or not. If not, I want to do something different. I am guessing that my company's firewall is set to block outgoing referer information from the browser. I am checking into this with my IT department. Thanks anyway, Matthieu -Original Message- From: Douglas Brown [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 27, 2002 7:05 PM To: CF-Talk Subject: Re: CGI.HTTP_REFERER The syntax on the first one is correct. Are you referencing it after a page request or form submittal? Douglas Brown Email: [EMAIL PROTECTED] - Original Message - From: Cornillon, Matthieu [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Saturday, July 27, 2002 3:49 PM Subject: CGI.HTTP_REFERER Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
Which web server and version of CF are running on this server? On my CF5/IIS5 server, I always have the exact same set of CGI variable (including CGI.HTTP_REFERER), but some of them will sometimes have a zero length string as there value. A firewall would have to _strip_ the referer header from the HTTP request... a lot of work, and I can't imagine what additional security would be gained from doing this. Jim - Original Message - From: Cornillon, Matthieu [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Saturday, July 27, 2002 4:49 PM Subject: CGI.HTTP_REFERER Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
Turn on Debugging on you development box. This should show you all the values in the CGI scope. Joe -Original Message- From: Cornillon, Matthieu [mailto:[EMAIL PROTECTED]] Sent: Saturday, July 27, 2002 6:49 PM To: CF-Talk Subject: CGI.HTTP_REFERER Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
Some firewalls (such as Norton's - I know this from personal experience), block or change the http_referer that is sent from the browser to the server. In the case or Norton, it gets changed to http_weferer, and consists of a rather random looking alphabet soup. Cheers, Mark Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
The correct spelling is the American spelling - i.e. cgi.http_referer even though my outlook insists on arguing with me and changing it to referrer. But as you have discovered, not all browsers send the parameter, because the anti-spamming measures adopted by a lot of people block it. This hasn't been much of a worry until recently. But a site I'm working on has a rapidly increasing number of users with this problem, and I'm having to re-write a whole application which relied on http_referer to verify the user had access. Computers are increasingly being delivered to users with personal firewalls installed and that gives rise to the problem. IN short, if you're planning an application that's going to need http_referer, my advice is to re-think it! Cheers, Mike Kear Windsor, NSW, Australia AFP WebWorks -Original Message- From: mark brinkworth [mailto:[EMAIL PROTECTED]] Sent: Sunday, 28 July 2002 1:09 PM To: CF-Talk Subject: Re: CGI.HTTP_REFERER Some firewalls (such as Norton's - I know this from personal experience), block or change the http_referer that is sent from the browser to the server. In the case or Norton, it gets changed to http_weferer, and consists of a rather random looking alphabet soup. Cheers, Mark Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I have always regarded the use of HTTP_Referer as a security measure to be rather poor, as it can easily be spoofed. So my sites don't rely on it, although occassionally they may use it to refine error messages. Cheers The correct spelling is the American spelling - i.e. cgi.http_referer even though my outlook insists on arguing with me and changing it to referrer. But as you have discovered, not all browsers send the parameter, because the anti-spamming measures adopted by a lot of people block it. This hasn't been much of a worry until recently. But a site I'm working on has a rapidly increasing number of users with this problem, and I'm having to re-write a whole application which relied on http_referer to verify the user had access. Computers are increasingly being delivered to users with personal firewalls installed and that gives rise to the problem. IN short, if you're planning an application that's going to need http_referer, my advice is to re-think it! Cheers, Mike Kear Windsor, NSW, Australia AFP WebWorks -Original Message- From: mark brinkworth [mailto:[EMAIL PROTECTED]] Sent: Sunday, 28 July 2002 1:09 PM To: CF-Talk Subject: Re: CGI.HTTP_REFERER Some firewalls (such as Norton's - I know this from personal experience), block or change the http_referer that is sent from the browser to the server. In the case or Norton, it gets changed to http_weferer, and consists of a rather random looking alphabet soup. Cheers, Mark Okay. I'm stumped. I had this whole lovely plan for something I'm working on. It involved looking at the value of CGI.HTTP_REFERER. But that value isn't coming up on my radar. It doesn't matter what browser I use. It's just not there. I've tried different spellings (REFERRER, REFERER), looped through every variable available, put a reference without a variable scope prefix, everything. It just doesn't show up. I understand that the CGI variables returned are based on the server configuration. So I guess my entire pile of questions is: A) Am I doing something simple and obviously stupid? B) What would I have to do to my server to get it to return this variable: is it on the CFAS side, or on the HTTP-server-software side? Thanks for any help anyone can give. I need this blasted variable!! Matthieu __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
Save it as a variable? Pete - Original Message - From: Jim Vosika [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Monday, July 08, 2002 6:19 PM Subject: CGI.HTTP_REFERER I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? Thanks! Jim Vosika http://tinyclick.com http://tinyclick.com/ Free URL Shortening! __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I mean for pages out of my control. Like say the user first goes to a google result page then clicks through to some website where there is a link to me. This is a bad example but I would want to see the google url. Thanks, Jim Vosika http://tinyclick.com Free URL Shortening! -Original Message- From: Pete Ruckelshaus [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 09, 2002 7:15 AM To: CF-Talk Subject: Re: CGI.HTTP_REFERER Save it as a variable? Pete - Original Message - From: Jim Vosika [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Monday, July 08, 2002 6:19 PM Subject: CGI.HTTP_REFERER I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? Thanks! Jim Vosika http://www.softwaresupermall.com http://www.jimvosika.com __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I doubt that you can do this without some assistance from the intervening page. While browsers have a history object, this is usually not available for extracting information from. Users are hesitant enough about the browsing history within a given site, let alone across multiple sites. Cheers From: Jim Vosika [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Subject: RE: CGI.HTTP_REFERER Date: Tue, 9 Jul 2002 08:03:45 -0500 I mean for pages out of my control. Like say the user first goes to a google result page then clicks through to some website where there is a link to me. This is a bad example but I would want to see the google url. Thanks, Jim Vosika http://tinyclick.com Free URL Shortening! -Original Message- From: Pete Ruckelshaus [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 09, 2002 7:15 AM To: CF-Talk Subject: Re: CGI.HTTP_REFERER Save it as a variable? Pete - Original Message - From: Jim Vosika [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Monday, July 08, 2002 6:19 PM Subject: CGI.HTTP_REFERER I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? Thanks! Jim Vosika http://www.softwaresupermall.com http://www.jimvosika.com __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I doubt that you can do this without some assistance from the intervening page. While browsers have a history object, I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? This is not exactly the same thing, but the following does access the history object successfully. I don't know JavaScript that well, but it's not a stretch to think you could access and capture the url. This may help too: http://www.dannyg.com/javascript/quickref/index.html HTH -Craig !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN html head titleGO BACK/title script language=javascript function goHistory(form) { window.history.go(parseInt(form.num.value)); } /script /head body form select name=num option value=-1-1/option option value=-2-2/option option value=-3-3/option option value=-4-4/option /select input type=button value=GO THIS MANY PAGES BACK onClick=goHistory(this.form) /body /html __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: CGI.HTTP_REFERER
Not unless you pass the previous page as a variable of some sort (cookie, URL, form, etc). Kevin [EMAIL PROTECTED] 07/08/02 03:19PM I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? Thanks! Jim Vosika http://tinyclick.com http://tinyclick.com/ Free URL Shortening! __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER
I currently use #CGI.HTTP_REFERER# to see the last page my user came from, is there a way to look back 2 pages? Thanks! Jim Vosika I have never done this, but the javascript object model has a history object which has the info you would need to know. Something like window.history.go(-2) would be back 2 pages, other history.properties that might interest you are: current, length, next and previous; and history.methods: back(), forward(), go(). HTH -Craig __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: cgi.http_referer problem
Short answer: Yes. I've been running and logging referer tests for about 6 months now. I get an email every time one fails, and record all initial 'incoming' visitors in a db that logs, among other things, browser type and referer value. Every once in a while I'll have a user get 'refered' in from my own site, which should be impossible given the tests I run. Only maybe 1 out of 100 fail, and the failure appears to be random... sort of. It appears to be restricted to IE 5.x and AOL browsers after AOL 4.0. However I haven't tried to quantify this other than eyeballing the reports. On occasion, maybe the browser drops the ball and somehow loses the referer value. This could also be user behavior: Lets say for some reason a page doesn't load properly for whatever reason. a user could place their cursor in the Address field at the end and hits the ENTER key. That would do it, too. (i.e. user 'arrives' at a page after hitting 'Enter' and actually refreshes it. The next link is a referred link in from my own site). - Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com - - Original Message - From: Sima Lee [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Friday, November 02, 2001 8:20 AM Subject: cgi.http_referer problem snip So the question is: Is there any other situation when the cgi.http_referer would not be get set? ~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: cgi.http_referer problem
Hi Matt, Thanks for your input. Yes, this does not happen very often, we got two from one site: Browser used: Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; DigExt) Browser used: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) I guess we cannot do anything to prevent this to happen? Thank you again. Sima -Original Message- From: Matt Robertson [mailto:[EMAIL PROTECTED]] Sent: Friday, November 02, 2001 12:35 PM To: CF-Talk Subject: Re: cgi.http_referer problem Short answer: Yes. I've been running and logging referer tests for about 6 months now. I get an email every time one fails, and record all initial 'incoming' visitors in a db that logs, among other things, browser type and referer value. Every once in a while I'll have a user get 'refered' in from my own site, which should be impossible given the tests I run. Only maybe 1 out of 100 fail, and the failure appears to be random... sort of. It appears to be restricted to IE 5.x and AOL browsers after AOL 4.0. However I haven't tried to quantify this other than eyeballing the reports. On occasion, maybe the browser drops the ball and somehow loses the referer value. This could also be user behavior: Lets say for some reason a page doesn't load properly for whatever reason. a user could place their cursor in the Address field at the end and hits the ENTER key. That would do it, too. (i.e. user 'arrives' at a page after hitting 'Enter' and actually refreshes it. The next link is a referred link in from my own site). - Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com - - Original Message - From: Sima Lee [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Friday, November 02, 2001 8:20 AM Subject: cgi.http_referer problem snip So the question is: Is there any other situation when the cgi.http_referer would not be get set? ~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: cgi.http_referer problem
If there is anything we can do I certainly haven't figured it out. If this is user behavior it would explain the scattered random nature of the problem. I have about 1 records in the db at the moment. If I get the time today I'll see if I can pin the problem on specific browsers, although it won't do much good to know, I think. --- Matt Robertson[EMAIL PROTECTED] MSB Designs, Inc., www.mysecretbase.com --- -- Original Message -- from: Sima Lee [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] date: Fri, 2 Nov 2001 15:17:46 -0500 Hi Matt, Thanks for your input. Yes, this does not happen very often, we got two from one site: Browser used: Mozilla/4.0 (compatible; MSIE 5.0; AOL 5.0; Windows 98; DigExt) Browser used: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) I guess we cannot do anything to prevent this to happen? Thank you again. Sima -Original Message- From: Matt Robertson [mailto:[EMAIL PROTECTED]] Sent: Friday, November 02, 2001 12:35 PM To: CF-Talk Subject: Re: cgi.http_referer problem Short answer: Yes. I've been running and logging referer tests for about 6 months now. I get an email every time one fails, and record all initial 'incoming' visitors in a db that logs, among other things, browser type and referer value. Every once in a while I'll have a user get 'refered' in from my own site, which should be impossible given the tests I run. Only maybe 1 out of 100 fail, and the failure appears to be random... sort of. It appears to be restricted to IE 5.x and AOL browsers after AOL 4.0. However I haven't tried to quantify this other than eyeballing the reports. On occasion, maybe the browser drops the ball and somehow loses the referer value. This could also be user behavior: Lets say for some reason a page doesn't load properly for whatever reason. a user could place their cursor in the Address field at the end and hits the ENTER key. That would do it, too. (i.e. user 'arrives' at a page after hitting 'Enter' and actually refreshes it. The next link is a referred link in from my own site). - Matt Robertson [EMAIL PROTECTED] MSB Designs, Inc. http://mysecretbase.com - - Original Message - From: Sima Lee [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Friday, November 02, 2001 8:20 AM Subject: cgi.http_referer problem snip So the question is: Is there any other situation when the cgi.http_referer would not be get set? ~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER and SSL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris, I doubt there's an issue with the cgi.http_referer between secure non secure.. It's just that their server (authorize.net) is doing an HTTP POST to your server... just like in a CFHTTP post, you have the option what you want to POST... I'm sure what's happening is that authorize.net is not sending the http_referrer variable as part of that post. Maybe use the CGI.REMOTE_ADDR to make sure the IP address is correct? Maybe the form variables are posted to receipt.cfm they abort or cflocate the request? Aaron Johnson, MCSE, MCP+I Allaire Certified ColdFusion Developer MINDSEYE, Inc. phn617.350.0339 fax617.350.8884 icq66172567 [EMAIL PROTECTED] ___ "Never forget that only dead fish swim with the stream." -- Malcolm Muggeridge ___ - -Original Message- From: Chris Montgomery [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 14, 2000 2:43 PM To: CF-Talk Subject: CGI.HTTP_REFERER and SSL Howdy, I have a simple payment form that submits to a secure page at AuthorizeNet. Once a customer makes a payment, they are returned to a receipt page on my remotely hosted site. The AuthorizeNet gateway submits transaction information back to this receipt page using a form POST method. The form post is originating on their secure site back to my non-secure receipt page. To prevent anyone from inadvertently accessing the receipt page (receipt.cfm) I wanted to check for the http referring page (AuthorizeNet's posting page) and redirect them to another page if the referrer was anything else. This isn't working, the #cgi.http_referer# variable comes up blank. Is there a known problem using cgi.http_referer when transferring requests between secure and non-secure pages? TIA, Chris Montgomery [EMAIL PROTECTED] Web Development Consulting http://www.astutia.com Allaire Consulting Partner 210-490-3249/888-745-7603Fax 210-490-4692 ~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER and SSL
Maybe you could try to capture the cgi.Server_Name or IP instead? You may also want to look at the authorizenet merchant management section though. Login and click on settings. Then select Manage URLs. You'll want to configure this area. -Gary -Original Message- From: Chris Montgomery [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 14, 2000 1:43 PM To: CF-Talk Subject: CGI.HTTP_REFERER and SSL Howdy, I have a simple payment form that submits to a secure page at AuthorizeNet. Once a customer makes a payment, they are returned to a receipt page on my remotely hosted site. The AuthorizeNet gateway submits transaction information back to this receipt page using a form POST method. The form post is originating on their secure site back to my non-secure receipt page. To prevent anyone from inadvertently accessing the receipt page (receipt.cfm) I wanted to check for the http referring page (AuthorizeNet's posting page) and redirect them to another page if the referrer was anything else. This isn't working, the #cgi.http_referer# variable comes up blank. Is there a known problem using cgi.http_referer when transferring requests between secure and non-secure pages? TIA, Chris Montgomery [EMAIL PROTECTED] Web Development Consulting http://www.astutia.com Allaire Consulting Partner 210-490-3249/888-745-7603Fax 210-490-4692 ~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CGI.HTTP_REFERER and SSL
Aaron, Thanks for the reply. I considered using CGI.REMOTE_ADDR, but I'm not sure if this will be the same each time (depends on whether AuthorizeNet uses multiple servers or IP addresses). In the end, since the info is coming back to my site as an HTTP form post, I decided to just check to see if one of the required form fields is defined like when checking for this on the action page of any form submission. Should work fine (don't know why I didn't think of this before). Chris Montgomery [EMAIL PROTECTED] Web Development Consulting http://www.astutia.com Allaire Consulting Partner 210-490-3249/888-745-7603Fax 210-490-4692 -Original Message- From: Aaron Johnson [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 14, 2000 3:46 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: CGI.HTTP_REFERER and SSL -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris, I doubt there's an issue with the cgi.http_referer between secure non secure.. It's just that their server (authorize.net) is doing an HTTP POST to your server... just like in a CFHTTP post, you have the option what you want to POST... I'm sure what's happening is that authorize.net is not sending the http_referrer variable as part of that post. Maybe use the CGI.REMOTE_ADDR to make sure the IP address is correct? Maybe the form variables are posted to receipt.cfm they abort or cflocate the request? Aaron Johnson, MCSE, MCP+I ~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: #cgi.http_referer# and IE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In the calling form, you could pass a hidden field w/ the name of the form page. Something like: Cfoutput input type="hidden" name="ReturnTo" value="#CGI.Script_Name#" /cfoutput Hope that helps. Best regards, Zac Bedell -Original Message- From: Michael Slatoff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 22, 2000 1:51 PM To: [EMAIL PROTECTED] Subject: #cgi.http_referer# and IE I have a form that sets a session.variable and then redirects to the cgi.http_referer. It works fine in Netscape 4.74 but IE 5.5 doesn't like it. cfoutput cflocation url="#cgi.http_referer#" /cfoutput Does anyone know of a work around? Micahel -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=list s/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Please use PGP!!! iQA/AwUBOaLBograVoMWBwRBEQKtwwCgtTquo/XztW4ixxE5vetvXeaNF5IAnj8A dugk9Y5uMn9YLwibP3hoYVJD =z0tu -END PGP SIGNATURE- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: #cgi.http_referer# and IE
I did a test with one page, created a form, sent them to another page and with the http_referer, had them redirected back where they came from. TO test it I ran a session variable as a counter. Worked fine in IE 5.5 and Netscape 4.73 -Original Message- From: Zachary Bedell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 22, 2000 2:09 PM To: '[EMAIL PROTECTED]' Subject: RE: #cgi.http_referer# and IE -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In the calling form, you could pass a hidden field w/ the name of the form page. Something like: Cfoutput input type="hidden" name="ReturnTo" value="#CGI.Script_Name#" /cfoutput Hope that helps. Best regards, Zac Bedell -Original Message- From: Michael Slatoff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 22, 2000 1:51 PM To: [EMAIL PROTECTED] Subject: #cgi.http_referer# and IE I have a form that sets a session.variable and then redirects to the cgi.http_referer. It works fine in Netscape 4.74 but IE 5.5 doesn't like it. cfoutput cflocation url="#cgi.http_referer#" /cfoutput Does anyone know of a work around? Micahel -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=list s/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Please use PGP!!! iQA/AwUBOaLBograVoMWBwRBEQKtwwCgtTquo/XztW4ixxE5vetvXeaNF5IAnj8A dugk9Y5uMn9YLwibP3hoYVJD =z0tu -END PGP SIGNATURE- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: #cgi.http_referer# and IE
This is the code that was giving me trouble: !--- form to pick layout --- bShow:/b Layout 1input type="radio" name="layout" value="1" onClick='window.location.href="index.cfm?fuseaction=changelayoutlayout=1"' cfif session.layout is "1"checked/cfif Layout 2input type="radio" name="layout" value="2" onClick='window.location.href="index.cfm?fuseaction=changelayoutlayout=2"' cfif session.layout is "2"checked/cfif !--- action to change layout --- cfswitch expression="#attributes.fuseaction#" cfcase value="changelayout" cfset session.layout = "#attributes.layout#" cflocation url="#cgi.http_referer#" addtoken="no" /cfcase /cfswitch It worked fine in Netscrape but Internet Exploiter wouldn't go back to the http_referer (cgi.http_referer ends up being empty). So, I did this: !--- Form to pick layout --- bShow:/b Layout 1input type="radio" name="layout" value="1" onClick='window.location.href="index.cfm?fuseaction=changelayoutlayout=1re turnto=cfoutput#urlencodedformat(cgi.path_info)#?#urlencodedformat(cgi.que ry_string)#/cfoutput"' cfif session.layout is "1"checked/cfif Layout 2input type="radio" name="layout" value="2" onClick='window.location.href="index.cfm?fuseaction=changelayoutlayout=2re turnto=cfoutput#urlencodedformat(cgi.path_info)#?#urlencodedformat(cgi.que ry_string)#/cfoutput"' cfif session.layout is "2"checked/cfif !--- action to change layout --- cfswitch expression="#attributes.fuseaction#" cfcase value="changelayout" cfset session.layout = "#attributes.layout#" cflocation url="#url.returnto#" addtoken="no" /cfcase /cfswitch - Original Message - From: "Randy Adkins" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 22, 2000 1:18 PM Subject: RE: #cgi.http_referer# and IE I did a test with one page, created a form, sent them to another page and with the http_referer, had them redirected back where they came from. TO test it I ran a session variable as a counter. Worked fine in IE 5.5 and Netscape 4.73 -Original Message- From: Zachary Bedell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 22, 2000 2:09 PM To: '[EMAIL PROTECTED]' Subject: RE: #cgi.http_referer# and IE -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In the calling form, you could pass a hidden field w/ the name of the form page. Something like: Cfoutput input type="hidden" name="ReturnTo" value="#CGI.Script_Name#" /cfoutput Hope that helps. Best regards, Zac Bedell -Original Message- From: Michael Slatoff [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 22, 2000 1:51 PM To: [EMAIL PROTECTED] Subject: #cgi.http_referer# and IE I have a form that sets a session.variable and then redirects to the cgi.http_referer. It works fine in Netscape 4.74 but IE 5.5 doesn't like it. cfoutput cflocation url="#cgi.http_referer#" /cfoutput Does anyone know of a work around? Micahel -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=list s/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com Comment: Please use PGP!!! iQA/AwUBOaLBograVoMWBwRBEQKtwwCgtTquo/XztW4ixxE5vetvXeaNF5IAnj8A dugk9Y5uMn9YLwibP3hoYVJD =z0tu -END PGP SIGNATURE- -- -- -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=listsbody=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.