I am trying to track the url that refered my website. One way is using a custom affiliate url which will do a redirect (302) to my site. I want to track where the users are coming from. However, I realize that after redirection, the HTTP_REFERER fro the header defaults to '/' when I was expecting it to be the url where the user was redirected from. Does the HTTP_REFERER header gets deleted after redirection? If yes, is there a way to store this information.
I am using rails for my website and I am doing request.referer to get the HTTP_REFERER.
Referers are not guaranteed; they are completely optional and any number of things could be stripping them.
Related
Some websites like Facebook and Ask FM use #_=_ at the end of an URL to an external website. Why?
If two large websites are doing so, surely it must mean something?
The problem is after authenticating with Facebook. The base path becomes a hash which eventually breaks the navigation.
I think this is because of facebook passing the url with some hash key. Because with or without passing redirection url facebook passing this to avoid vulnerability of attacks.
From https://developers.facebook.com/blog/post/552/, change in Session Redirect Behavior:
This week, we started adding a fragment #= to the redirect_uri when this field is left blank. Please ensure that your app can handle this behavior.
A solution is simply removing the hash as stated here then everything seems back to normal:
Facebook Callback appends '#_=_' to Return URL
ive been doing a stephen grider course and he creates a google oauth client id with authorised js orgins as http://localhost:5000 and authorised redirect URI as http://localhost:5000/* and google accepts it. But when i try the same it throws me an error for redirect URI as Invalid redirect: Cannot contain a wildcard (*). And im not sure without this , further it will cause problems.Any way to solve this. Ive typed http://localhost:5000/ as a temp solution. Kindly suggest.
What ever course you are following must be very old I have been developing with Google for five years a wildcard redirect uri has not been allowed in that time.
Authorized redirect URIs
For use with requests from a web server. This is the path in your application that users are redirected to after they have authenticated with Google. The path will be appended with the authorization code for access. Must have a protocol. Cannot contain URL fragments or relative paths. Cannot be a public IP address.
Redirect uri must be a path to the file you wish to use to handle your authorization.
The redirect URL you configure to the API console must be an exact string match to the redirect URL you use in your app. So for example, http://localhost:5000 does not match http://localhost:5000/ or https:5000//localhost. Thus a wildcard will never work.
Furthermore, it's very unusual for a redirect URL to not have a path component. So something like http://localhost:5000/myoauth is more conventional. That's not to say that an empty path is impossible, simply that it's so unusual that it's more probable you have misunderstood OAuth somewhere.
However, note that you can configure several redirect URLs, so http://local:5000 and https://localhost:5000 and https://myliveservice.com/redirect
when i checked the GTmetrix site in Yslow it has shown that i have few URL redirects which i need to avoid for increasing my site speed.
But i had URL redirects from
http://googleads.g.doubleclick.net/pagead/viewthroughconversion/997898667/?... redirects to http://www.google.com/ads/user-lists/997898667/?...
http://www.youtube.com/embed/XeyKZ4CVsWs redirects to https://www.youtube.com/embed/XeyKZ4CVsWs
http://www.youtube.com/embed/SjoNhZhuaGc redirects to https://www.youtube.com/embed/SjoNhZhuaGc
Youtube and googleads is there any possibility of avoiding these.
For the ads, the general answer is No. Redirects are very common there and there isn't much you can do.
For the embedded youtube.com content, you could explicitly include them with secure links "https://" instead of "http://". That might save you some redirect penalties.
Whats difference between Redirect() and RedirectPermanent(). I had read some articles, but I don't understand when we must use Redirect() and RedirectPermanent(). Can you show a pieces of example.
The basic difference between the two is that RedirectPermanent sends the browser an HTTP 301 (Moved Permanently) status code whereas Redirect will send an HTTP 302 status code.
Use RedirectPermanent if the resource has been moved permanently and will no longer be accessible in its previous location. Most browsers will cache this response and perform the redirect automatically without requesting the original resource again.
Use Redirect if the resource may be available in the same location (URL) in the future.
Example
Let's say that you have users in your system. You also have an option to delete existing users. Your website has a resource /user/{userid} that displays the details of a given user. If the user has been deleted, you must redirect to the /user/does-not-exist page. In this case:
If the user will never be restored again, you should use RedirectPermanent so the browser can go directly to /user/does-not-exist in subsequent requests even if the URL points to /user/{userid}.
If the user may be restored in the future, you should use a regular Redirect.
RedirectPermanent is 301 and Redirect is 302 status code
They send different response codes to the browser. 301 is a permanent redirect, 302 a temp one. The end effect is the same, but if the client wants to index links (the most common client that does this will be search engines) then a permanent redirect tells the client to update its records to ignore the old link and start using the new one. A temp redirect tells the client that the page is redirecting for now, but not to delete the old link from its indexing database
Hi I am looking to create an htaccess redirect that takes
http://www.example.com/cooluser/profile#_=_ to http://www.example.com/cooluser/members/profile/
where /cooluser/ is dynamic and unique to the user that is logged in.
This is a buddypress installation.
Any help would be appreciated!
The URL's hash fragment (the part after #) is never sent to the server. The redirection needs to be done client-side, and can't be done in .htaccess.