esh, or an HTTP 30x header. The former two are sent within HTML and the latter is sent before any HTML output to the browser.
Here’s a sample of each:
window.location = "http://www.example.com/"
<meta http-equiv="refresh" content="5;url=http://example.com"/>
HTTP 302 Header Redirect in PHP
<?php header('Location: http://www.example.com',true,302); exit; ?>
If you want to cloak an Internet Explorer redirect, you’ll have to follow xmcp‘s frame/iframe suggestions. If you’re fine with blanking the REFERER in IE and sending a masked REFERER in FF and Safari, the example below may be useful (coded in php).
// Filename jump.php
// syntax http://www.example.com/jump.php?url=http://myaffiliateurl.com?id=myid
$url = htmlspecialchars($_GET['url']); // clean the url
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<meta http-equiv="refresh" content="3;url=<?php echo $url; ?>"/>
<a href="<?php echo $url; ?>">Click here to continue</a>
window.location = "<?php echo $url; ?>"
One additional note, if you are redirecting from an encrypted HTTPS (SSL) page to an HTTP url, the REFERER is not supposed to be passed. This may or may not be the case, in my testing… a regular a href link will pass a blank REFERER, but an a href= to the HTTPS which does a 302 to a HTTP host DOES pass the REFERER. Make sure to always test your intermediate jump script if referer cloaking/hiding is important to you!