Referer spoofing
   HOME

TheInfoList



Click Here for Items Related To - Referer spoofing
OR:
Referer spoofing on:   [Wikipedia]   [Google]   [Amazon]

In
HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide We ...
networking Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematic ...
, typically on the
World Wide Web The World Wide Web (WWW), commonly known as the Web, is an information system enabling documents and other web resources to be accessed over the Internet. Documents and downloadable media are made available to the network through web ...
, referer spoofing (based on a canonised misspelling of "referrer") sends incorrect
referer In HTTP, "" (a misspelling of Referrer) is an optional HTTP header field that identifies the address of the web page (i.e., the URI or IRI), from which the resource has been requested. By checking the referrer, the server providing the new web ...
information in an
HTTP request The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, w ...
in order to prevent a
website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and W ...
from obtaining accurate data on the identity of the web page previously visited by the user.


Overview

Referer spoofing is typically done for
data privacy Information privacy is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, contextual information norms, and the legal and political issues surrounding them. It is also known as data pr ...
reasons, in
testing An examination (exam or evaluation) or test is an educational assessment intended to measure a test-taker's knowledge, skill, aptitude, physical fitness, or classification in many other topics (e.g., beliefs). A test may be administered verba ...
, or in order to request information (without genuine authority) which some
web server A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initia ...
s may only supply in response to requests with specific HTTP referers. To improve their
privacy Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of ...
, individual browser
users Ancient Egyptian roles * User (ancient Egyptian official), an ancient Egyptian nomarch (governor) of the Eighth Dynasty * Useramen, an ancient Egyptian vizier also called "User" Other uses * User (computing), a person (or software) using an ...
may replace accurate referer data with inaccurate data, though many simply suppress their browser's sending of any referer data. Sending no referrer information is not technically spoofing, though sometimes also described as such. In software, systems and networks testing, and sometimes
penetration testing A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment ...
, referer spoofing is often just part of a larger procedure of transmitting both accurate and inaccurate as well as expected and unexpected input to the HTTPD system being tested and observing the results. While many websites are configured to gather referer information and serve different content depending on the referer information obtained, exclusively relying on HTTP referer information for
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...
and
authorization Authorization or authorisation (see spelling differences) is the function of specifying access rights/privileges to resources, which is related to general information security and computer security, and to access control in particular. More fo ...
purposes is not a genuine
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
measure. HTTP referer information is freely alterable and interceptable, and is not a
password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
, though some poorly configured systems treat it as such.


Application

Some websites, especially many image hosting sites, use referer information to secure their materials: only browsers arriving from their web pages are served images. Additionally a site may want users to click through pages with advertisements before directly being able to access a downloadable file — using the referring page or referring site information can help a site redirect unauthorized users to the landing page the site would like to use. If attackers acquire knowledge of these approved referrers, which is often trivial because many sites follow a common template, they can use that information combined with this to
exploit Exploit means to take advantage of something (a person, situation, etc.) for one's own end, especially unethically or unjustifiably. Exploit can mean: *Exploitation of natural resources *Exploit (computer security) * Video game exploit *Exploitat ...
and gain access to the materials. Spoofing often allows access to a site's content where the site's web server is configured to block browsers that do not send referer headers. Website owners may do this to disallow
hotlink Inline linking (also known as hotlinking, leeching, piggy-backing, direct linking, offsite image grabs) is the use of a linked object, often an image, on one site by a web page belonging to a second site. One site is said to have an inline li ...
ing. It can also be used to defeat referer checking controls that are used to mitigate
Cross-Site Request Forgery Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced ''sea-surf'') or XSRF, is a type of malicious exploit of a website or web application where unauthorized commands are submit ...
attacks.


Tools

Several software tools exist to facilitate referer spoofing in web browsers. Some are extensions to popular browsers such as
Mozilla Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current an ...
or
Internet Explorer Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical web browsers developed by Microsoft which was used in the Windows line of operating systems (in ...
, which may provide facilities to customise and manage referrer URLs for each website the user visits. Other tools include
proxy server In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Instead of connecting directly to a server that can fulfill a reques ...
s, to which an individual configures their browser to send all HTTP requests. The proxy then forwards different headers to the intended website, usually removing or modifying the referer header. Such proxies may also present privacy issues for users, as they may log the user's activity.


See also

*


Notes

{{Scams and confidence tricks Deception Internet fraud Internet privacy Web security exploits he:Referer#הונאת Referer