IE6 and Referer values sent to the web server ( IIS6 )

[Frank Rizzo]

I am reviewing some IIS6 log files and I have noticed a peculiarity
with certain types or versions of IE6. When a user comes to the site
it logs what page the user requested, the query string and the
referring URL etc in the web logs. The specific field I am interested
in is called the [cs(Referer)] field. As anyone whos knows a bit
about HTTP knows that once the request for the initial page comes in,
the browser does a GET for all of the items/objects in the HTML file
itself, this includes images, CSS files, JavaScript files etc. Each of
these items then has the referer field as the original page requested
PLUS the original query string. Ex:
http://www.abc.tv/index.asp?a=1&b=2. I have only seen IE6 have this
problem and it's only certain version of IE6. If the problem occured
with other browsers, I might think that IIS was the culprit, but since
it is only IE6, I tend to think it's a IE6 peculiarity.

These are the 4 examples I have with HTTP version included
----------------------------------------------------------
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)
HTTP/1.0 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+98;+EZN/PC)
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)


I don't have any way to test this either as my desktop box does not
have this problem. No other browser exhibits this problem that I am
aware of.

Is this a problem or a bug in IE6? Is this some anomoly of HTTP? Does
anyone know what causes this problem?

--Franky

 

[Frank Rizzo]

I am reviewing some IIS6 log files and I have noticed a peculiarity

with certain types or versions of IE6. When a user comes to the site
it logs what page the user requested, the query string and the
referring URL etc in the web logs. The specific field I am interested
in is called the [cs(Referer)] field. As anyone whos knows a bit
about HTTP knows that once the request for the initial page comes in,
the browser does a GET for all of the items/objects in the HTML file
itself, this includes images, CSS files, JavaScript files etc. Each of
these items then has the referer field as the original page requested
PLUS the original query string. Ex:
http://www.abc.tv/index.asp?a=1&b=2. I have only seen IE6 have this
problem and it's only certain version of IE6. If the problem occured
with other browsers, I might think that IIS was the culprit, but since
it is only IE6, I tend to think it's a IE6 peculiarity.

These are the 4 examples I have with HTTP version included
----------------------------------------------------------
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)
HTTP/1.0 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1)
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+98;+EZN/PC)
HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)


I don't have any way to test this either as my desktop box does not
have this problem. No other browser exhibits this problem that I am
aware of.

Is this a problem or a bug in IE6? Is this some anomoly of HTTP? Does
anyone know what causes this problem?

--Franky

I left out the question....I was cutting and pasting and somehow cut
the important question out.... ;(

Why do some versions of IE6 not post the referer properly and leave
off the query string piece?

I think I found the answer to this and it's not a bug. It seems that
the issue could be that some users are using 3rd party plug-in's or
some other method to block the values from being put in the header,
hence they are not logged in the web servers log.

Doe anyone have any ideas about this?

--Franky

 

[Markus]

Why do some versions of IE6 not post the referer properly and leave
off the query string piece?

I noticed the same analyzing my apache-logfiles!

Many requests for inline images are without the referring page.
The agents not sending the referrer information are mostly:

"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

That makes the correction of dangling links a hard work, and also
statistics get skewed.

Yes, it could be some anonymizer or firewall setting, which cuts out
these referrer-strings. But I see no security or privacy issue,
sending the referrer information, if the referring page is on the same
server, as I can always recontruct where the hit came from analyzing
the preceding lines in my logfile.

So if those "firewalls" want to leave out the referrer string, they
should do it only if the requested file is on a different host than
the referring file.

Ciao,
Markus