[英]Different header referer than document.referrer
这是我的请求 header:
GET / HTTP/1.1
Host: localhost:3002
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
sec-ch-ua-platform: "Linux"
Accept: */*
Origin: http://127.0.0.1:5500
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://127.0.0.1:5500/new.html
Accept-Encoding: gzip, deflate, br
Accept-Language: pl-PL,pl;q=0.9,en-US;q=0.8,en;q=0.7
If-None-Match: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Request URL: http://localhost:3002/
Request Method: GET
Status Code: 200 OK
Remote Address: [::1]:3002
Referrer Policy: unsafe-url
我的控制台返回 document.referrer 和 location.href:
document.referrer
'http://127.0.0.1:5500/test.html'
location.href
'http://127.0.0.1:5500/new.html'
测试.html:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="referrer" content="unsafe-url"/>
<title>Document</title>
</head>
<body>
<a href="/new.html" target="_blank" referrerpolicy="unsafe-url">test</a>
</html>
new.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="referrer" content="unsafe-url"/>
<title>Document</title>
</head>
<body>
<script>
setTimeout(() =>{
console.log(fetch("http://localhost:3002/"))
}, 4000)
</script>
</body>
</html>
如您所见,header referer 与 document.referrer 不同,甚至可以从上一页获取 referer 并将其设置为 referer header?
如您所见, header 引荐来源网址与 document.referrer 不同
因为您在不同文档中要求浏览器被不同文档引用的引用者。
浏览器要求/
因为new.html
告诉它要求它。 引用者是new.html
。
甚至可以从上一页获取referer并将其设置为referer header?
不,您不能让浏览器对引用它的内容撒谎。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.