Web Front-endJS TutorialDocument.referrer browser support and failure summary of javascript_Basic knowledgeDocument.referrer browser support and failure summary of javascript_Basic knowledge
The traffic source function is available in the traffic statistics service. Traffic source refers to the concept of visit level. In other words, when a visit is created, the traffic source of the landing page is the traffic source of the visit. Although there are many types of Traffic sources, unfortunately according to current JS, there are only two ways to obtain Traffic sources - document.referrer and window.opener. What's even more unfortunate is that window.opener is not applicable to many scenarios, and document. The referrer is so weak that it is impossible to accurately determine the source of traffic in many scenarios.
Override of document.referrer
In terms of usage, document.referrer hopes to track browser-side behavior. If page A is opened, the actions that may occur on the browser side include user operations and JS code.
Let’s first take a look at the possible operations that users may perform when opening page A:
| 1 | 直接在地址栏中输入A的地址 |
| 2 | 从B页面左击link A,跳转至A页面 |
| 3 | 从B页面右击link A,在新窗口中打开 |
| 4 | 从B页面右击link A,在新标签页中打开 |
| 5 | 拖动link A至地址栏 |
| 6 | 拖动link A至标签栏 |
| 7 | 使用浏览器的前进、后退按钮 |
Note that the link here refers to the tag, but if there are events or targets, it will be a different matter.
Possible ways to open the page with JS:
1
|
Modify window.location
|
||||||
| 2 | Use window.open
|
||||||
| 3 | Click flash |
| 序号 | 场景 |
IE8.0 | FF3.6 | FF4.0 | chrome |
| 1 | 直接在地址栏中输入A的地址 | " " |
" " |
" " | " " |
| 2 | 从B页面左击link A,A页面替换B页面(target='_self') | √ | √ | √ | √ |
| 3 | 从B页面左击link A,A在新窗口中打开(target='_blank') | √ | √ | √ | √ |
| 3 | 从B页面右击link A,在新窗口中打开 | √ | √ | √ | " " |
| 4 | 从B页面右击link A,在新标签页中打开 | √ | √ | √ | " " |
| 5 | 鼠标拖动link A至地址栏 | / | " " | " " | " " |
| 6 | 鼠标拖动link A至标签栏 | " " | " " | " " | " " |
| 7 | 使用浏览器的前进、后退按钮 | 保持 | 保持 | 保持 | 保持 |
| 8 | 修改window.location打开A页面(同域) | " " | √ | √ | √ |
| 9 | 使用window.open打开A页面 | " " | √ | √ | √ |
| 10 | 点击flash打开A页面 | ||||
| 11 | 服务器重定向至A页面 | " " | " " | " " | " " |
| Serial number | Scene | IE8.0 | FF3.6 | FF4.0 | chrome |
| 1 | Enter A’s address directly in the address bar | " " | " " | " " | " " |
| 2 | Left-click link A from page B, and page A replaces page B (target='_self') | √ | √ | √ | √ |
| 3 | Left-click link A from page B, and A will open in a new window (target='_blank') | √ | √ | √ | √ |
| 3 | Right-click link A from page B to open in a new window | √ | √ | √ | " " |
| 4 | Right-click link A from page B and open it in a new tab | √ | √ | √ | " " |
| 5 | Drag link A to the address bar with the mouse | / | " " | " " | " " |
| 6 | Drag link A to the tab bar with the mouse | " " | " " | " " | " " |
| 7 | Use your browser's forward and back buttons | Keep | Keep | Keep | Keep |
| 8 | Modify window.location to open page A (same domain) | " " | √ | √ | √ |
| 9 | Use window.open to open page A | " " | √ | √ | √ |
| 10 | Click flash to open page A | ||||
| 11 | Server redirects to page A | " " | " " | " " | " " |
Among them, " " means an empty string, √ means that the source page can be correctly determined, and keep means that using forward and backward will not change the referrer of the page. It can be seen from this table that document.referrer can cover about half of the cases. However, some common operations, such as dragging links to the tab bar with the mouse, forward and backward, etc., cannot be handled correctly.
Source of document.referrer
When the browser requests page A from the server, it will send an HTTP request. The Referer attribute will be included in the header of this request. After the server receives the request, it can extract the Referer in the header to determine which page the visitor initiated the request from.
Generally, what is the Referer in the header sent when the browser requests A, then what is the value of document.referre after getting the A page. The picture above is a header requesting page A. The document.referre of A is http://localhost/Test/b.html.
If Referre is not included in the Header, it will be assigned an empty string when using document.referre.
About HTTPS requests
If you click an HTTPS link on an ordinary HTTP page, you can attach Referer information to the https request header, and then you can still use document.referre on the HTTPS page to get an ordinary http page.
Similarly, if you click on another HTTPS link on an https page, you can attach Referer information to the request header.
But if you click an http link from an https page, then unfortunately, the http request header sent cannot contain information about the https page. This may be due to a protection measure for the https page.
Fake Referer information
According to the above description, document.referre originates from the Referer in Header. So if you want to modify the value of document.referre, theoretically, you only need to modify the request header. You can replace the existing Referer in the Header with the value you want, or add a Referer if it does not exist originally.
On the client side, tampering with the Header is very easy. Before a page's http request is sent out, you can use a packet interception tool to intercept it, then analyze the header information and modify the Referre.
After searching, I found that you can use the RefControl plug-in for FireFox to easily modify it. In short, spoofing traffic sources is a piece of cake.
Page Forced Refresh
Not long after I finished writing, I discovered that I had missed a way to jump to the page, that is, to force the specified page to refresh in the meta tag in html. For example, write
in b.html
After 5 seconds, the browser will automatically initiate a page request to the server.
After testing, in IE8 and FF3.6-FF4.0, there is no Referer information, but Chrome can accidentally add b.html as a Referer to the header.
Python vs. JavaScript: A Comparative Analysis for DevelopersMay 09, 2025 am 12:22 AMThe main difference between Python and JavaScript is the type system and application scenarios. 1. Python uses dynamic types, suitable for scientific computing and data analysis. 2. JavaScript adopts weak types and is widely used in front-end and full-stack development. The two have their own advantages in asynchronous programming and performance optimization, and should be decided according to project requirements when choosing.
Python vs. JavaScript: Choosing the Right Tool for the JobMay 08, 2025 am 12:10 AMWhether to choose Python or JavaScript depends on the project type: 1) Choose Python for data science and automation tasks; 2) Choose JavaScript for front-end and full-stack development. Python is favored for its powerful library in data processing and automation, while JavaScript is indispensable for its advantages in web interaction and full-stack development.
Python and JavaScript: Understanding the Strengths of EachMay 06, 2025 am 12:15 AMPython and JavaScript each have their own advantages, and the choice depends on project needs and personal preferences. 1. Python is easy to learn, with concise syntax, suitable for data science and back-end development, but has a slow execution speed. 2. JavaScript is everywhere in front-end development and has strong asynchronous programming capabilities. Node.js makes it suitable for full-stack development, but the syntax may be complex and error-prone.
JavaScript's Core: Is It Built on C or C ?May 05, 2025 am 12:07 AMJavaScriptisnotbuiltonCorC ;it'saninterpretedlanguagethatrunsonenginesoftenwritteninC .1)JavaScriptwasdesignedasalightweight,interpretedlanguageforwebbrowsers.2)EnginesevolvedfromsimpleinterpreterstoJITcompilers,typicallyinC ,improvingperformance.
JavaScript Applications: From Front-End to Back-EndMay 04, 2025 am 12:12 AMJavaScript can be used for front-end and back-end development. The front-end enhances the user experience through DOM operations, and the back-end handles server tasks through Node.js. 1. Front-end example: Change the content of the web page text. 2. Backend example: Create a Node.js server.
Python vs. JavaScript: Which Language Should You Learn?May 03, 2025 am 12:10 AMChoosing Python or JavaScript should be based on career development, learning curve and ecosystem: 1) Career development: Python is suitable for data science and back-end development, while JavaScript is suitable for front-end and full-stack development. 2) Learning curve: Python syntax is concise and suitable for beginners; JavaScript syntax is flexible. 3) Ecosystem: Python has rich scientific computing libraries, and JavaScript has a powerful front-end framework.
JavaScript Frameworks: Powering Modern Web DevelopmentMay 02, 2025 am 12:04 AMThe power of the JavaScript framework lies in simplifying development, improving user experience and application performance. When choosing a framework, consider: 1. Project size and complexity, 2. Team experience, 3. Ecosystem and community support.
The Relationship Between JavaScript, C , and BrowsersMay 01, 2025 am 12:06 AMIntroduction I know you may find it strange, what exactly does JavaScript, C and browser have to do? They seem to be unrelated, but in fact, they play a very important role in modern web development. Today we will discuss the close connection between these three. Through this article, you will learn how JavaScript runs in the browser, the role of C in the browser engine, and how they work together to drive rendering and interaction of web pages. We all know the relationship between JavaScript and browser. JavaScript is the core language of front-end development. It runs directly in the browser, making web pages vivid and interesting. Have you ever wondered why JavaScr
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
SublimeText3 English version
Recommended: Win version, supports code prompts!
Atom editor mac version download
The most popular open source editor
Notepad++7.3.1
Easy-to-use and free code editor
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
