[Zope] Controlling HTTP_REFERER

John Hile johnh@hilgraeve.com
Fri, 26 May 2000 08:18:09 -0400


This is a multi-part message in MIME format.

------=_NextPart_000_0006_01BFC6EA.ED1C3940
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Can anybody suggest a good technique for controlling what gets sent in the
HTTP_REFERER header when users click on links to pages outside your own
site. We are setting up a secure server that may occasionally contain links
to outside sites. Normally, the browser passes the complete URL of our
current page in HTTP_REFERER when a user clicks on one of these links, but
there may be information in the URL that we want to protect. I tried simply
setting up a page on our site with a redirect to pass the links through, but
the browser still passes the original URL. Any suggestions for a good way to
handle this are welcome.

------=_NextPart_000_0006_01BFC6EA.ED1C3940
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3017.1000" name=3DGENERATOR></HEAD>
<BODY>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D387231012-26052000>Can =
anybody suggest=20
a good technique for controlling what gets sent in the HTTP_REFERER =
header when=20
users click on links to pages outside your own site. We are setting up a =
secure=20
server that may occasionally contain links to outside sites. Normally, =
the=20
browser passes the complete URL of our current page in HTTP_REFERER when =
a user=20
clicks on one of these links, but there may be information in the URL =
that we=20
want to protect. I tried simply setting up a page on our site with a =
redirect to=20
pass the links through, but the browser still passes the original URL. =
Any=20
suggestions for a good way to handle this are=20
welcome.</SPAN></FONT></DIV></BODY></HTML>

------=_NextPart_000_0006_01BFC6EA.ED1C3940--