Then you handle the fact that the variable doesn't exist
mailto:[EMAIL PROTECTED]
Sent: Thursday, March 30, 2006 11:09 AM
To: CF-Talk
Subject: RE: cgi.HTTP_REFERER
But what if he doesn't have control over the calling page?
-Original Message-
From: Charl
But what if he doesn't have control over the calling page?
-Original Message-
From: Charles Sheehan-Miles [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 30, 2006 5:06 AM
To: CF-Talk
Subject: RE: cgi.HTTP_REFERER
You could try (on the calling page) writing a session variable fo
Ah...
That might not work. I don't think that a page with only a cflocation is
going to generate the referrer variable.
-Original Message-
From: Richard Colman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 29, 2006 7:22 PM
To: CF-Talk
Subject: RE: cgi.HTTP_REFERER
Calling pa
You could try (on the calling page) writing a session variable for the
current page, then call that variable instead of cgi.http_referrer
-Original Message-
From: Coldfusion [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 29, 2006 9:18 PM
To: CF-Talk
Subject: RE: cgi.HTTP_REFERER
Why
, March 29, 2006 8:57 PM
To: CF-Talk
Subject: RE: cgi.HTTP_REFERER
> Calling page is:
>
>
>
> Still not working.
I don't think that the Referer header is passed when you redirect using
CFLOCATION.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software
> Calling page is:
>
>
>
> Still not working.
I don't think that the Referer header is passed when you redirect using
CFLOCATION.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber vendor-authorized
instruction at our training centers in
Calling page is:
Still not working.
-Original Message-
From: Charles Sheehan-Miles [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 29, 2006 7:43 AM
To: CF-Talk
Subject: Re: cgi.HTTP_REFERER
This is kind of like asking to make sure your computer is plugged in (so
you've pro
Also you have to be going to that page from another page for it to have a
value...
Eric
~|
Message: http://www.houseoffusion.com/lists.cfm/link=i:4:236505
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscrip
Thanks DaveI'm not sure I'd use the word sillybut I hear ya ;-)
Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
phone: 250.480.0642
fax: 250.480.1264
cell: 250.920.8830
e-mail: [EMAIL PROTECTED]
web: www.electricedgesystems.com
>
>
> Dave Watts, CTO, Fig Leaf Software
WTF!! Dave may kindly ask if you have any insight into the logic behind that
little gem? ;-)
Thanks
CGI is a bit of a bastard because different web server software will return
deferent lists. This can be confounded with proxy servers and other system
> WTF!! Dave may kindly ask if you have any insight into the
> logic behind that little gem? ;-)
I can only speculate, but the set of CGI variables is dependent on the
browser and the server, so my presumption is that they did this to reduce
errors when checking CGI variables. I think it's kind
For that matter (and I know this is a bit off the original point),
cgi.jimmyhoffa will always exist. The cgi scope is really funny that
way, everything exists there.
--Ferg
Charlie Griefer wrote:
> what is the result of the conditional?
>
> the variable will always exist. there should (i belie
>> checks for it's existence
>
> Actually, I'm pretty sure that IsDefined always returns true for any CGI
> variable, whether it actually exists or not. For example, this would return
> true:
>
>
>
> Dave Watts, CTO, Fig Leaf Software
WTF!! Dave may kindly ask if you have any insight into the l
> checks for it's existence
Actually, I'm pretty sure that IsDefined always returns true for any CGI
variable, whether it actually exists or not. For example, this would return
true:
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber vend
This is kind of like asking to make sure your computer is plugged in (so
you've probably already checked this) but it will be empty if you didn't
actually have a referrer (as in, you browse directly to the page).
On 3/29/06 10:38 PM, "Ian Skinner" <[EMAIL PROTECTED]> wrote:
>
> cgi variable exi
checks for it's existence
half assed checks for it being blank
the non-half assed approach would be:
means it's blank
This var is often blank or incorrect due to proxys etc.
HTH
Cheers
Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
phone:
what is the result of the conditional?
the variable will always exist. there should (i believe) always be a
key in the CGI scope (struct) for cgi.http_referer. However, the
value of that key could be an empty string (if the user bookmarked the
page, typed it in manually, etc).
On 3/29/06, Rich
cgi variable exists
cgi variable does not exist
#CGI.HTTP_REFERER#
However I am not getting anything back in the cgi variable.
Any comments appreciated.
Rick Colman
Just to eliminate any other kind of white space characters, I usually do a trim
on anything I'm trying to c
A lot of software blocks this variable, like firewalls and stuff.
Http_referer is useful, but you can't rely on it being there.
> -Original Message-
> From: Richard Colman [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 29, 2006 2:33 PM
>
> I am trying to get this to work, and the si
Donnie Carvajal wrote:
> So, any ideas on the best way to keep outside sites from submitting my
> forms?
Try using ticketmaster to buy some tickets, you'll see what is probably
one of the more effective methods... then scan the list archives for the
many discussions on methods of doing it. =)
Norton Internet Security and similar products will strip it.
-Original Message-
From: Donnie Carvajal [mailto:[EMAIL PROTECTED]
Sent: Monday, July 12, 2004 10:41 AM
To: CF-Talk
Subject: CGI.HTTP_REFERER is blank!
I am trying to check the CGI.HTTP_REFERER variable to keep outside sites
fr
Donnie:
There's been a lot of discussion on this topic in the past. You can check
the House Of Fusion archives for them.
In general, the best method I've heard of is dynamically generating a unique
value on form display that needs to be submitted to the form processing
page. Basically, when the
Internet Privacy software will strip out the referrer oftentimes. With all
of the privacy issues and the software to address them, it might not be a
good idea to rely on CGI.HTTP_REFERERespecially since it can be forged
easily.
Marlon
> -Original Message-
> From: Donnie Carvajal [mai
proxy server ;-)
Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]
-
Macromedia Associate Partner
www.macromedia.com
So, any ideas on the best way to keep outside sites from submitting my
forms?
-Original Message-
From: Mosh Teitelbaum [mailto:[EMAIL PROTECTED]
Sent: Monday, July 12, 2004 10:50 AM
To: CF-Talk
Subject: RE: CGI.HTTP_REFERER is blank!
Donnie:
The "Referer" header i
Sending a referrer is entirely up to the browser/system - most home firewall
software will prevent referrers from being sent for example.
You really should never use referrer as security mechanism it's just not
reliable enough.
Jim Davis
I am trying to check the CGI.HTTP_REFERER variable to keep
Donnie:
The "Referer" header is optional. HTTP Clients are not required to send the
header or, if they do, are not required to be truthful about the data
specified by the header. Additionally, a lot of systems along the path of
the HTTP connection (firewalls, gateways, etc.) can strip the header
> A firewall would have to _strip_ the referer header from
> the HTTP request... a lot of work, and I can't imagine what
> additional security would be gained from doing this.
Imagine that you've got a relatively unsavory site with a bunch of links to
less unsavory sites. You might not want to
Message-
>From: mark brinkworth [mailto:[EMAIL PROTECTED]]
>Sent: Sunday, 28 July 2002 1:09 PM
>To: CF-Talk
>Subject: Re: CGI.HTTP_REFERER
>
>Some firewalls (such as Norton's - I know this from personal experience),
>block or change the http_referer that is sent fro
brinkworth [mailto:[EMAIL PROTECTED]]
Sent: Sunday, 28 July 2002 1:09 PM
To: CF-Talk
Subject: Re: CGI.HTTP_REFERER
Some firewalls (such as Norton's - I know this from personal experience),
block or change the http_referer that is sent from the browser to the
server. In the case or Norton, it get
Some firewalls (such as Norton's - I know this from personal experience),
block or change the http_referer that is sent from the browser to the
server. In the case or Norton, it gets changed to http_weferer, and consists
of a rather random looking alphabet soup.
Cheers,
Mark
>Okay. I'm st
Turn on "Debugging" on you development box. This should show
you all the values in the CGI scope.
Joe
-Original Message-
From: Cornillon, Matthieu [mailto:[EMAIL PROTECTED]]
Sent: Saturday, July 27, 2002 6:49 PM
To: CF-Talk
Subject: CGI.HTTP_REFERER
Okay. I'm stumped. I had this whol
Which web server and version of CF are running on this server? On my CF5/IIS5
server, I always have the exact same set of CGI variable (including
CGI.HTTP_REFERER), but some of them will sometimes have a zero length string
as there value. A firewall would have to _strip_ the referer header from
quot;CF-Talk" <[EMAIL PROTECTED]>
Sent: Saturday, July 27, 2002 4:48 PM
Subject: RE: CGI.HTTP_REFERER
> I'm checking it in my Application.cfm. I want to see whether the page
> before the current page is from my site or not. If not, I want to do
> something different. I am
this with my IT department.
Thanks anyway,
Matthieu
-Original Message-
From: Douglas Brown [mailto:[EMAIL PROTECTED]]
Sent: Saturday, July 27, 2002 7:05 PM
To: CF-Talk
Subject: Re: CGI.HTTP_REFERER
The syntax on the first one is correct. Are you referencing it after a page
reque
The syntax on the first one is correct. Are you referencing it after a page
request or form submittal?
Douglas Brown
Email: [EMAIL PROTECTED]
- Original Message -
From: "Cornillon, Matthieu" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Saturday, July 27, 2002 3:49 PM
Sub
>>I doubt that you can do this without some assistance from the intervening
>>page. While browsers have a history object,
<<<
>>> > I currently use #CGI.HTTP_REFERER# to see the last page my user came
>>> > from, is there a way to look back 2 pages?<<<
This is not exactly the same thing, but the
.
Cheers
>From: "Jim Vosika" <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: CF-Talk <[EMAIL PROTECTED]>
>Subject: RE: CGI.HTTP_REFERER
>Date: Tue, 9 Jul 2002 08:03:45 -0500
>
>I mean for pages out of my control. Like say the user first goes to a
>
Message-
From: Pete Ruckelshaus [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 09, 2002 7:15 AM
To: CF-Talk
Subject: Re: CGI.HTTP_REFERER
Save it as a variable?
Pete
- Original Message -
From: "Jim Vosika" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROT
Save it as a variable?
Pete
- Original Message -
From: "Jim Vosika" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Monday, July 08, 2002 6:19 PM
Subject: CGI.HTTP_REFERER
> I currently use #CGI.HTTP_REFERER# to see the last page my user came
> from, is there a way to look
I currently use #CGI.HTTP_REFERER# to see the last page my user came
>>from, is there a way to look back 2 pages?
>>
>>Thanks!
>>Jim Vosika
<<
I have never done this, but the javascript object model has a history object
which has the info you would need to know. Something like
window.history
Not unless you pass the previous page as a variable of some sort (cookie, URL, form,
etc).
Kevin
>>> [EMAIL PROTECTED] 07/08/02 03:19PM >>>
I currently use #CGI.HTTP_REFERER# to see the last page my user came
from, is there a way to look back 2 pages?
Thanks!
Jim Vosika
http://tinyclick.com
illa/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
I guess we cannot do anything to prevent this to happen?
Thank you again.
Sima
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 02, 2001 12:35 PM
To: CF-Talk
Subject: Re: cgi.http_referer problem
happen?
Thank you again.
Sima
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 02, 2001 12:35 PM
To: CF-Talk
Subject: Re: cgi.http_referer problem
Short answer: Yes.
I've been running and logging referer tests for about 6 months now. I
g
Short answer: Yes.
I've been running and logging referer tests for about 6 months now. I get
an email every time one fails, and record all initial 'incoming' visitors in
a db that logs, among other things, browser type and referer value.
Every once in a while I'll have a user get 'refered' in f
astutia.com
Allaire Consulting Partner
210-490-3249/888-745-7603Fax 210-490-4692
> -Original Message-
> From: Aaron Johnson [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, December 14, 2000 3:46 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: CGI.HTTP_REFERE
Maybe you could try to capture the cgi.Server_Name or IP instead?
You may also want to look at the authorizenet merchant management section
though. Login and click on settings. Then select Manage URLs. You'll want to
configure this area.
-Gary
> -Original Message-
> From: Chris Montgome
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris,
I doubt there's an issue with the cgi.http_referer between secure &
non secure.. It's just that their server (authorize.net) is doing an
HTTP POST to your server... just like in a CFHTTP post, you have the
option what you want to POST... I'm s
ut 1checked>
Layout 2checked>
- Original Message -
From: "Randy Adkins" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 22, 2000 1:18 PM
Subject: RE: #cgi.http_referer# and IE
> I did a test with one page, cre
:[EMAIL PROTECTED]]
Sent: Tuesday, August 22, 2000 2:09 PM
To: '[EMAIL PROTECTED]'
Subject: RE: #cgi.http_referer# and IE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In the calling form, you could pass a hidden field w/ the name of the
form page.
Something like:
Hope that helps.
Be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In the calling form, you could pass a hidden field w/ the name of the
form page.
Something like:
Hope that helps.
Best regards,
Zac Bedell
> -Original Message-
> From: Michael Slatoff [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August
51 matches
Mail list logo
