当从HTTPS页面跳转到HTTP页面时,HTTP Referer字段通常不会被传递,导致大数据埋点丢失来源信息,影响业务数据采集。虽然可通过设置HTML meta标签让浏览器携带Referer,但这并非所有浏览器都支持的标准行为。Referer主要用于告知服务器用户是从哪个页面来的,但在某些情况下,如鼠标拖拽、Flash链接及HTTPS到HTTP的跳转,Referer可能会丢失或不被发送。
HTTP协议规定:
Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3
15.1.3 Encoding Sensitive Information in URI's
Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent. For example, a browser client could have a toggle switch for browsing openly/anonymously, which would respectively enable/disable the sending of Referer and From information.
Clients SHOULD NOT include a Referer header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.
最低0.47元/天 解锁文章
4566
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
