Referer[sic] Abuse

by Charles Miller on October 14, 2002

From RFC 2616

The Referer[sic] request-header field allows the client to specify, for the server's benefit, the address (URI) of the resource from which the Request-URI was obtained (the "referrer", although the header field is misspelled.) The Referer request-header allows a server to generate lists of back-links to resources for interest, logging, optimized caching, etc. It also allows obsolete or mistyped links to be traced for maintenance. The Referer field MUST NOT be sent if the Request-URI was obtained from a source that does not have its own URI, such as input from the user keyboard.

Could authors of news aggregators please stop putting the URL of their product page in the referer header? It is in no way the “resource from which the Request-URI was obtained” and as such It's a clear violation of the RFC. The place to identify the client is the User-Agent header.

Previously: Book Idea

Next: Meat. They're made out of meat.