About dan

Daniel Chmielewski has no experience in writing short bios as evidenced by this somewhat recursive sentence.

Hiding the HTTP Referer with PHP, JS or Meta Refresh

So there’s been some talk recently in some blogs on the interwebs regarding cloaking/masking/hiding HTTP REFERERs to protect your traffic sources.

I did some simple testing of my own and thought I’d share my results and some sample code to help some people out with a simple jump/redirect script. The three basic ways to accomplish a redirect are via javascript, meta refr
esh, or an HTTP 30x header. The former two are sent within HTML and the latter is sent before any HTML output to the browser.

Here’s a sample of each:


Javascript Redirect:
<script type="text/javascript">
<!--
window.location = "http://www.example.com/"
//-->
</script>

Meta Refresh:
<meta http-equiv="refresh" content="5;url=http://example.com"/>

HTTP 302 Header Redirect in PHP
<?php header('Location: http://www.example.com',true,302); exit; ?>

The odd thing I found was that IE handles javascript and meta refreshes slightly differently than FireFox or Safari. Internet Explorer will null the REFERER when it hits the target site, while FireFox and Safari will both set the REFERER to the URL with the javascript or meta refresh code on it.

If you want to cloak an Internet Explorer redirect, you’ll have to follow xmcp‘s frame/iframe suggestions. If you’re fine with blanking the REFERER in IE and sending a masked REFERER in FF and Safari, the example below may be useful (coded in php).


<?php
// Filename jump.php
// syntax http://www.example.com/jump.php?url=http://myaffiliateurl.com?id=myid
$url = htmlspecialchars($_GET['url']); // clean the url
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="refresh" content="3;url=<?php echo $url; ?>"/>
</head>
<body>
<div style="height:300px;line-height:300px;text-align:center">
<a href="<?php echo $url; ?>">Click here to continue</a>
</div>
<script type="text/javascript">
<!--
window.location = "<?php echo $url; ?>"
//-->
</script>
</body>
</html>

One additional note, if you are redirecting from an encrypted HTTPS (SSL) page to an HTTP url, the REFERER is not supposed to be passed. This may or may not be the case, in my testing… a regular a href link will pass a blank REFERER, but an a href= to the HTTPS which does a 302 to a HTTP host DOES pass the REFERER. Make sure to always test your intermediate jump script if referer cloaking/hiding is important to you!

Digg’s 1337 iPhone Cookie?

Digg 1337 Cookie Today I noticed digg sets a cookie named ’1337′ with a value of 0 (zero) when you browse their digg.com/iphone url. I’ve tried changing the cookie using FireFox’s webmaster tools to various values (1, 31337, 1337, leet, etc) but it just switches back to 0 each time.Anyone happen to have any guesses or perhaps inside knowledge into the use of this cookie? 

Speech by Brian Dyson, CEO Coca Cola

If anyone knows the original source of this, please let me know so I can link to it.

Imagine life as a game in which you are juggling some five balls in the air. You name them – work, family, health, friends and spirit … and you’re keeping all of these in the air.

You will soon understand that work is a rubber ball. If you drop it, it will bounce back. But the other four balls – family, health, friends and spirit – are made of glass. If you drop one of these, they will be irrevocably scuffed, marked, nicked, damaged or evenshattered. They will never be the same. You must understand that and strive for Balance in your life.

How?

Don’t undermine your worth by comparing yourself with others. It is because we are different that each of us is special.

Don’t set your goals by what other people deem important. Only you know what is best for you.

Don’t take for granted the things closest to your heart. Cling to them as you would your life, for without them, life is meaningless.

Don’t let your life slip through your fingers by living in the past or for the future. By living your life one day at a time, you live all the days of your life.

Don’t give up when you still have something to give. Nothing is really over until the moment you stop trying.

Don’t be afraid to admit that you are less than perfect. It is this fragile thread that binds us to each together.

Don’t be afraid to encounter risks. It is by taking chances that we learn how to be pave.

Don’t shut love out of your life by saying it’s impossible to find time. The quickest way to receive love is to give; the fastest way to lose love is to hold it too tightly; and the best way to keep love is to give it wings!

Don’t run through life so fast that you forget not only where you’ve been, but also where you are going.

Don’t forget, a person’s greatest emotional need is to feel appreciated.

Don’t be afraid to learn. Knowledge is weightless, a treasure you can always carry easily.

Don’t use time or words carelessly. Neither can be retrieved. Life is not a race, but a journey to be savoured each step of the way…

–Brian G. Dyson

President and CEO, Coca-Cola Enterprises during his speech at the Georgia Tech 172nd Commencement Address Sept. 6, 1996


If you liked this post, you might also enjoy:
Great Life Advice


UPDATE: Apparently, as stated below in the comments by blissfu1ness, this quote is originally from the book: “Suzanne’s Diary to Nicholas” by James Patterson

UPDATE 2: (Feb 15, 2012) According to Beckie’s comment below: “Brian Dyson died in 1994, Suzanne’s Diary to Nicholas was published in 2001. How could he have gotten that from James Patterson when the book came out 7 years after Brian died?”

UPDATE 3: (Apr 13, 2012) According to Aleph’s comment below: “Mr. Dyson is very much alive and well and living in Atlanta, and gave his commencement speech in 1996.” … I did some googling and found the following:

Mr. Brian G. Dyson has been the President of Chatham International Corp. since December 1993. Mr. Dyson served as a Senior Consultant to The Coca-Cola Company from January 1992 to October 1993. Prior to 1992, he served as the President and Chief Executive Officer of Coca-Cola Enterprises Inc. and held various other Executive Level Positions with The Coca-Cola Company; and in 1991 Mr. Dyson was named the Vice Chairman of Coca-Cola Enterprises. He joined Coca Cola Co. in Venezuela in 1959, and worked for many years in South America, the Caribbean and Mexico. In 1978 Mr. Dyson was named the President of Coca-Cola USA, Coca Cola Co.’s U.S. soft drink division. In 1983, he was named the President of Coca-Cola North America, with responsibility for Coca Cola Co.’s entire North American business. Mr. Dyson retired from the Coca-Cola system in 1994. In August 2001, he came out of retirement and accepted the positions of the Vice Chairman and Chief Operating Officer of Coca Cola Co., the latter of which Mr. Dyson held until December 2002. He is a Member of Advisory Board of Linley Capital. He served as a Director of Audits & Surveys Worldwide Inc., since May 1995. Mr. Dyson served as the Chairman of the Board of PlusPharma since August 2004. He served as the Vice Chairman of Coca Cola Co. until July 31, 2003.

source