document.referrer是否等于HTTP Referer标头？ [英] Does document.referrer equal the HTTP referer header?

问题描述

如果我遵循从 http://google.com 到 http://example.com ，
通常是我的浏览器发送到example.com的http Referrer标头是google.com。
标头的值是否始终与example.com页面中document.referrer的值相同？

If I follow a normal link from http://google.com to http://example.com, normally the http referrer header that my browser sends to example.com is of google.com. Is that header's value always the same as the value of document.referrer inside the example.com page?

推荐答案

客户端在请求标头中发送的引荐来源网址与JavaScript中的 document.referrer 相同。但是，您不能依靠引荐来源信息始终可用。

The referer sent by the client in the request header is the same as document.referrer available in JavaScript. However, you can't rely that the referrer information would always be available.

由客户来发送信息。您可以在浏览器设置中将其关闭。

It's up to the client to send the information. You can turn it off i.e. in the browser settings.

在Firefox中： https://www.technipages.com/firefox-enable-disable-referrer

In Firefox: https://www.technipages.com/firefox-enable-disable-referrer

或者您可以将其打开

在Chrome中： https://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin?hl=zh_CN

欺骗/发送您想要的任何引荐来源也很容易。以cURL为例：

It's also easy to spoof / send whatever referer you want. With cURL for instance:

curl --referer http://whatever.com/bot.html http://www.example.com/

编辑：您也可以在页面，因此从该页面单击的链接或ajax调用不会发送引荐来源标头。只需将此标签添加到页面即可。

You can also disable referrer sending in the page, so that links clicked or ajax calls made from that page won't send the referrer header. Just add this tag to the page.

<meta name="referrer" content="no-referrer" />

此处有更多讨论： https://stackoverflow.com/a/32014225/5601169

这篇关于document.referrer是否等于HTTP Referer标头？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！