Talk:HTTP referer

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
WikiProject Computing / Software / Websites (Rated Start-class, Low-importance)
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software (marked as Low-importance).
Taskforce icon
This article is supported by WikiProject Websites (marked as Mid-importance).

Mention of Security[edit]

I'm aware of no context where the referer header would be used as a security mechanism, given that it's voluntary, browser-supplied information. It might be unwise to suggest it as relevant to security at all, lest people think it has real utility in that respect. — Preceding unsigned comment added by (talk) 16:33, 14 July 2012 (UTC)


Would it not make more sense to spell the word correctly across the majority of this page, apart from where necessary to highlight the mistake? Andrewferrier 14:16, 2004 Oct 23 (UTC) Unseparated entry. When adding a section to talk page, give it a name - especially if you're the starting the talk page. Yura87 (talk) 20:38, 23 February 2012 (UTC)

I think the intention in not doing so was to imply (somewhat justifiably) that "referer" is, although historically a mistake, now the "correct"/"accepted" spelling for this usage. Essentially, "referer" and "referrer" have become different words, and this article is only about the first of them. This is, of course, a rather descriptivist take on the situation... - IMSoP 19:30, 24 Oct 2004 (UTC)
Phillip Hallam-Baker, the original proposer of the referer field and most likely the person most likely for the spelling has made this exact argument, that his spelling is now the most commonly used and thus is now the 'correct' one.

I think it's cool that Referrer redirects to a 'common misspelling' of itself. :) - ulayiti (talk) 22:36, 16 February 2006 (UTC)

Since "correct" spellings are only conventions coming from common usage, it is probably more correct to say that "referer" was formerly regarded as a mis-spelling but has come into such common usage in a broad number of respected contexts that it is becoming, in fact, an accepted alternative correct spelling for referrer. In fact, it may be on its way to full acceptance as *the* correct spelling, and referrer may well become an archaicism... we'll know when that heppens when Wikipedia's use of "referrer" simply looks strange and its insistence that "referer" is an mis-spelling seems eccentric and dowdy ;)

Stephen -- (talk) 14:02, 7 April 2009 (UTC)

I wonder what's to argue here. This is NOT a casual everyday word. It's defined in a standard (both its meaning and spelling)! And since the article describes the term in the meaning given by the standard there's simply no question about how to spell it. There's NO "Referrer" field in HTTP headers. There's "Referer" no matter you like it or not! We could simply explain that matter in the beginning of the article and use the correct (in this context) spelling. It doesn't matter if you deem its spelling correct or not. Suppose there's a template in wiki that's called "spelling_eror", it's called like that and no other way. Because if later i want to refer to this same template and call it "spelling_error" i'd be wrong, because there is NO such template (or if there was - it could be different). —Preceding unsigned comment added by (talk) 03:47, 17 May 2009 (UTC)

Requested move[edit]

Derefer Rewrite[edit]

I've just rewritten the Derefer section, Wikipedia does not need a list of dereferer services. The concept of this dereferer appears to be altering the HTTP header defining the referring URI, so I've put in a concise section explaining the whole thing and mentioning dereferer. I've also removed all the external links, as none of them were very relevant to the article and looked like link spam. --Draicone (talk) 07:22, 4 July 2007 (UTC)

Hide Referrer / SpoofURL[edit]

I see two sites listed in external links - Hide Referrer and SpoofURL. Shouldn't these be removed? I don't think they're considerably notable to be included. Anyone who wants to use such services can easily search it up. I'll remove these links after two weeks if I get no response here. Ankur Banerjee (talk) 19:39, 14 April 2009 (UTC)

Since I didn't get any objections, I removed the said links. Ankur Banerjee (talk) 07:53, 8 May 2009 (UTC)

When is it sent?[edit]

I know that referrer information is sent if I click on a link or if an image is loaded to be slotted into a page I am viewing. But is a referrer sent if I type a URL into the address bar and press enter? This would seem to be a privacy concern, as if for example someone is on their Facebook page, then decides to visit a website (but not by clicking on a link), their identity is disclosed to the site they visit. Is this behaviour consistent or variable between browsers? What happens if you open a link in a new tab or new window, or if you load a bookmark in the same tab that you just had another site in? I've always wondered about this. Beorhtwulf (talk) 17:25, 23 August 2011 (UTC)

When you manually type a URL, no referrer is sent because technically no site referred you. In cases of opening in a new tab, the actual answer partly depends on the browser itself but typically it's the same thing: no referrer is sent. You can easily find out for yourself if you're curious by using Fiddler [2], HTTPLook [3], SmartSniff [4], WireShark [5] and/or many many other packet sniffers [6] [7] or HTTP sniffers [8] [9]. Eliwins (talk) 05:02, 19 October 2011 (UTC)

Chrome and anti-hotlinking - Yura87 (talk) 20:34, 23 February 2012 (UTC)[edit]

Some, if not all, "apps" for Chrome cannot be added if the referrer is not "Chrome Store" (Tested via Dragon's option of hiding referrers). Apps are actually links with an icon bigger than Favicon, and with referrer checkup. I.e. if is visited without having "Bastion" app added, one will be redirected to Chrome Store. Other apps aren't that much into protecting it - i.e. Angry Birds' "chrome" page can be viewed on any HTML5 browser, but if the app is "added", one can play the first episode offline. Those claiming Android has no DRM forget that Android's browser itself, combined with a Google account, could act as DRM. This is just some info you may need to know to understand how much Referrer means to Google Chrome.

Reverted move[edit]

I've reverted the move. Referer is the technical term for the header, used in the main RFC, regardless of what spellings are also used. This is important for a technical topic. Also, "HTTP referer" has more Google hits than "HTTP referrer". Similarly, "referer spoofing" has more than "referrer spoofing". Finally, there was no consensus for this change, while the original consensus is right above us. I've also made the spelling in the article use referer. Superm401 - Talk 01:29, 23 March 2012 (UTC)

Sorry, I misread the history. I see now that the consensus was referrer, and that A:-)Brunuś moved it without consensus. I'll revert myself. Superm401 - Talk 01:56, 23 March 2012 (UTC)

Thanks, I was just composing some history to clarify. It's possibly worth posting what I have, for future reference: These three articles have a confusing history regarding their titles:

Technically (RFC 2616) the term is "referer" but it is acknowledged that that term was and is a misspelling, as explained at HTTP referrer#Origin of the term referer. Johnuniq (talk) 02:20, 23 March 2012 (UTC)

A:-)Brunuś has just reverted it again without comment or edit summary. I think that's inappropriate, since there's clearly an ongoing discussion. Superm401 - Talk 19:48, 23 March 2012 (UTC)

Background The three articles are listed above. The issue concerns whether the word "referrer" should be used in the titles and articles, or whether the misspelling "referer" should be used (both UK and US spellings are "referrer"). Some history is in the article: the original specification contained the spelling mistake "referer", and that term is used in HTTP headers. Also, many websites use the incorrect spelling in normal text.

The sequence of events is:

Johnuniq (talk) 00:48, 24 March 2012 (UTC)

Details on usage of "Referer"[edit]

Added 01:26, 25 March 2012 (UTC)

The defacto standard defining "HTTP Referer" is RFC 2616. That document uses the term "Referer" (with capital R) as the name of a field in an HTTP header. The document does not use the word "referer" (with lowercase R)—that is, "Referer" is the name of a field, and is not used as an English word. The RFC correctly spells words such as in these extracts:

referred to as "HTTP/1.1"
URI given by the user or referring resource

In the RFC, section 14.36 defines the field, and reads (the text includes the "[sic]" as shown; my underlining):

The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the "referrer", although the header field is misspelled.) The Referer request-header allows a server to generate lists of back-links to resources for interest, logging, optimized caching, etc. It also allows obsolete or mistyped links to be traced for maintenance. The Referer field MUST NOT be sent if the Request-URI was obtained from a source that does not have its own URI, such as input from the user keyboard.

That shows that the document writers became aware of the misspelling, and that they use "referrer" when required as an English word. Archived emails like this show that the RFC contributors acknowledge the mistake.

The DOM Level 1 specification (1998 and subsequent updates) (text) specifies methods to allow scripts to interact with HTML documents. One method is getReferrer() which returns the "referrer" (double r in both cases)—the term "referer" is not used, despite the fact that it means "HTTP referer".

Summary: The original specification uses "Referer" as a technical term (with a capital R); it does not use the word "referer"; it uses "referring" when required. (Our article currently includes "the referer or refering page is the URL..." with two typos.) Many websites that discuss technical issues have copied the "referer" spelling, but some standards (like DOM) use the correct spelling. Johnuniq (talk) 01:26, 25 March 2012 (UTC)


  • Clearly the text should use the correct spelling because this is an encyclopedia and we need to get basic English correct (currently, we have the absurd "When visiting a webpage, the referer or refering page is the URL of the previous webpage" which contains two typos). To my mind, the titles should also use the correct spelling because there is no requirement that a title must use the exact text which appears in a specification. Anyone looking for HTTP referer will find it because that page will exist as a redirect to HTTP referrer. Johnuniq (talk) 00:48, 24 March 2012 (UTC)
    I just asked for comments at WT:WikiProject Computing#Referer vs. referrer. Johnuniq (talk) 03:01, 24 March 2012 (UTC)
  • Wiktionary seems to recognise wikt:refererA:-)Brunuś (talk) 10:34, 24 March 2012 (UTC)
    The Wiktionary entry (wikt:referer) states "Common misspelling of referrer". Johnuniq (talk) 01:26, 25 March 2012 (UTC)
  • Comment What spelling do the most authoritative secondary sources use? Do they correct the error in the specification or repeat it? —Ruud 11:54, 24 March 2012 (UTC)
    I put some details above. There is no doubt that the technical term is "Referer" and that must be used in the article. There are two issues: (1) How should words used in descriptions be spelled?; (2) What spelling should the article titles use? My view is that obviously correct English must be used for (1), and for (2), I see no reason that the technical term "Referer" needs to appear in the title (particularly since style here is to use lowercase, yet the defining standard only uses the term with a capital R to indicate that it is being used as jargon). Johnuniq (talk) 01:26, 25 March 2012 (UTC)
  • referer is the official spelling of the technical term. Since the technical term is the subject of the article, it seems to me that there is an obvious reason for including the technical term "referer" in the article. Also, please note the 4-year old archived discussion of the issue.Marikafragen (talk) 23:47, 9 May 2012 (UTC)

HTTP referer and redirect status codes[edit]

I noticed in Chrome that a redirect status code response (3xx) doesn't cause the browser to transmit a referer header. Is this default behavior? --Abdull (talk) 23:34, 15 May 2012 (UTC)

Lead Rewrite?[edit]

Widefox added a lead rewrite tag to the article but did not put any suggestions on the Talk page. What should be done? -- Frankie1969 (talk) 15:46, 17 December 2012 (UTC)

RfC Announce: Wikimedia referrer policy[edit]

In February of 2016 the Wikimedia foundation started sending information to all of the websites we link to that allow the owner of the website (or someone who hacks the website, or law enforcement with a search warrant / subpoena) to figure out what Wikipedia page the user was reading when they clicked on the external link.

The WMF is not bound by Wikipedia RfCs, but we can use an advisory-only RfC to decide what information, if any, we want to send to websites we link to and then put in a request to the WMF. I have posted such an advisory-only RfC, which may be found here:

Wikipedia:Village pump (policy)#RfC: Wikimedia referrer policy

Please comment so that we can determine the consensus of the Wikipedia community on this matter. --Guy Macon (talk) 21:53, 10 June 2017 (UTC)