[whatwg] Referer header sent with <a ping>?
darinf at gmail.com
Sun Feb 3 10:45:14 PST 2008
On Feb 2, 2008 9:59 PM, dolphinling <lists at dolphinling.net> wrote:
> Ian Hickson wrote:
> > On Fri, 1 Feb 2008, Julian Reschke wrote:
> >> Ian Hickson wrote:
> >>> What do people think of this idea:
> >>> We make "Referer" always have the value "PING".
> >> Referer takes a relative reference, or a URI. Not a good idea.
> > Interesting.
> > I see two ways forward here. One would be to redefine Referer to remove
> > the relative URI thing, since, to my knowledge at least, nobody uses it.
> > The other is that we can define the magic value to be "#PING" instead,
> > since that's a non-conforming Referer value right now.
> > Would that work for people? dolphinling? Darin?
> If (X-)Ping-From/Ping-To are present, why is a referer needed at all? I'd
> just leave it out. If not, #PING works for me.
It's true that the Ping-From/To headers carry the important information, but
I suspect that sending a Referer header is nice for servers that happen to
receive unsolicited pings. Server logs will likely store the value of the
Referer header, and this way, site admins can see why they are receiving
these funny POST messages.
Julian, "#PING" seems like a reasonable choice since it will not collide
with any pre-existing Referer header values. I think that's what Ian had in
mind by writing "non-conforming".
> Cookies and authentication headers I'm ambivalent about; no one's made a
> persuasive case either way for them, and I haven't looked myself.
> >>> We add two headers, "X-Ping-From" which has the value of the page that
> >>> had the link, and "X-Ping-To" which has the value of the page that is
> >>> being opened.
> (sorry for the double copy, Hixie, forgot to CC the list the first time)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the whatwg