W3C home > Mailing lists > Public > www-validator@w3.org > September 2010

Re: "No Referer header found!" ?!?

From: <jason.vas.dias@gmail.com>
Date: Mon, 13 Sep 2010 11:20:43 +0100
To: Etienne Miret <elimerl@gmail.com>
Cc: www-validator@w3.org
Message-Id: <201009131120.44187.root@summit.onsightdata.com>
On Monday 13 September 2010 09:54:03 Etienne Miret wrote:
> Hello Jason,
> 
> As a security measure, browsers usually do not send a referer header
> from a from a secure connection, unless the new page is on the same domain.
> 
> Eg:
>  * https://example.com/page1 -> https://example.com/page2 : referer
> header sent
>  * https://example.com/page1 -> http://validator.w3.org/check/referer :
> referer header NOT sent
>  * https://example.com/page1 -> https://otherexample.com : referer
> header NOT sent (even though the now connection is secure)
> 
> I sugest you change the URI of the icon from
> http://validator.w3.org/check/referer to
> http://validator.w3.org/check?uri=http://example.com (replacing
> http://example.com with the actual URI of your document, of course.)
> 
> Regards,
> 
> 

Aha! Thanks Etienne - Problem Solved :
I replaced the link http://validator.w3.org/check?uri=referer or 'check/referer' with
/cgi-bin/validator.cgi, where validator.cgi is :

<code>
#!/usr/bin/perl
print <<"EOC"
Location: http://validator.w3.org/check?uri=$ENV{HTTP_REFERER}
Status:   301

EOC
;
</code>

This solution is in use at: https://text2car.com/tref2.html

Anyone else who finds this problem is welcome to use this solution.

I do think that it is a bug that the error text suggests that validator.w3.org
is available through HTTPS, when it isn't.

Regards,
Jason Vas Dias <jason.vas.dias@gmail.com>
Received on Monday, 13 September 2010 10:22:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 25 April 2012 12:14:43 GMT