Comments on: Referrer Securer

Comments on: Referrer Securer http://johnleach.co.uk/words/234/referrer-securer Stuff I think, see and do Sat, 11 Feb 2012 15:56:55 +0000 hourly 1 http://wordpress.org/?v=3.3 By: Matthew M. Boedicker http://johnleach.co.uk/words/234/referrer-securer/comment-page-1#comment-4961 Matthew M. Boedicker Thu, 17 Aug 2006 02:03:22 +0000 http://johnleach.co.uk/words/archives/2006/08/16/234/#comment-4961 That's the recommendation in section 15.1.3 of http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html Clients SHOULD NOT include a Referer header field in a (non-secure) HTTPrequest if the referring page was transferred with a secure protocol. If I recall correctly, IE does send the referrer when going from SSL to non-SSL. That’s the recommendation in section 15.1.3 of http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html

Clients SHOULD NOT include a Referer header field in a (non-secure) HTTPrequest if the referring page was transferred with a secure protocol.

If I recall correctly, IE does send the referrer when going from SSL to non-SSL.

]]>