I have a client website that is managed by client team and post clicking on login it comes to the site which is managed by us. Till now, we were extracting the referer URL from the request header and using it to take further actions, but currently due to some changes in the Chrome browser and Edge browser policy we are unable to get the complete referer URL. It works fine in Firefox and Internet Explorer. This is probably because of the browser policy which is restricting the complete referer URL to be send when sec-fetch-site is cross-site. Please help me with some easy code level ways (Java/JSP/Javascript) to extract the complete URL. I tried exploring few links but none helped me resolving this.
How to get full referer URL in Chrome when sec-fetch-site is cross-site
1.3k Views Asked by Ankit At
1
There are 1 best solutions below
Related Questions in JAVASCRIPT
- Using Puppeteer to scrape a public API only when the data changes
- inline SVG text (js)
- An array of images and a for loop display the buttons. How to assign each button to open its own block by name?
- Storing the preferred font-size in localStorage
- Simple movie API request not showing up in the console log
- Authenticate Flask rest API
- Deploying sveltekit app with gunjs on vercel throws cannot find module './lib/text-encoding'
- How to request administrator rights?
- mp4 embedded videos within github pages website not loading
- Scrimba tutorial was working, suddenly stopped even trying the default
- In Datatables, start value resets to 0, when column sorting
- How do I link two models in mongoose?
- parameter values only being sent to certain columns in google sheet?
- Run main several times of wasm in browser
- Variable inside a Variable, not updating
Related Questions in GOOGLE-CHROME
- How to tweak the security policy of Chrome, in order to run "unsafe" snippets in the console?
- Is it possible to manipuate 3rd party Chrome Extensions Network Reqeuests?
- undetected_chromedriver urllib.error.URLError
- Load testing k6 browser + docker
- Editor texto estilo WYSIWYG
- NodeJS crashing chrome browser
- Difficulty Accessing HTTP URLs/IP Addresses Due to Browser Redirecting to HTTPS: Seeking Solutions
- Chrome extension MV3: persistent service worker die after wake up from hibernation
- Attempting to Bundle a Require Command For a Chrome Extension
- Launch URL from C# and detect when browser is closed
- Python selenium scrap data from dynamic website table
- Google Chrome is consuming a lot of CPU on a video call?
- Component drawing error React App on Android + Chrome
- Chrome Selenium CDP Bidi API - Next Commands sended to Target Session have no effect while the initial one does work
- Devtools not working when i try to inspect elements for selenium python it goes to previous page
Related Questions in JSP
- Unable to compile the class for JSP in tomcat 8.5.95
- Liberty doesn't compile JSP
- Why ${message} appear as it is in View and not the real message passed in Spring MVC controller
- How can i connect my 4 objects in my jsp file so it can run perfectly
- An error occurred: Cannot run program "C:\Users\ford\AppData\Local\Programs\Python\Python311\python.exe": CreateProcess error=5, Access is denied
- Issue with dropdown menu in the jsp page(cannot import the choice in the db)
- java.lang.ClassNotFoundException: org.apache.jsp.WEB_002dINF.jsp.ImportTab_jsp
- javascript function changes when used with jsp
- Database ConnectionError
- Where should i place my index.jsp and index.jsp1 for my app to run in tomcat app
- How to fix checkmarx reflected XSS attack in JSP page?
- JSP: "object cannot be resolved to a variable" when used in nested tag
- How to use JSTL in JSP: jakarta.servlet.ServletException: java.lang.NoClassDefFoundError: javax/servlet/jsp/tagext/TagLibraryValidator
- How to setup jsp Pages on a Webserver
- File uploaded from jsp is not making it to servlet
Related Questions in REFERRER-POLICY
- strict-origin-when-cross-origin to subdomain
- Trying to set X-Frame and CSP to display another websites login page but connection refused
- How to change document.referrer when having server side redirect?
- Setting no-referrer no-opener and no-follow using htaccess
- third-party JavaScript access to document.location when a restrictive Referrer-Policy is set?
- Firefox iframe referrer is trimmed despite referrerpolicy="unsafe-url"
- How to resolve Strict Origin Error at angular app
- Hide referrer on iframe Firefox
- How can I add referrer tag to my React JS website?
- How to get parent URL in JS without using document.referrer
- Asp.Net Core API CORS policy error (+308 status code)
- cors: strict-origin-when-cross-origin: react + nginx + elasticsearch
- How to get referrer policy as strict-origin-when-cross-origin in node js
- How to deal with strict-origin-when-cross-origin error in Vue3 app?
- Angular interceptor request failed because of strict-origin-when-cross-origin
Related Questions in SEC-FETCH-SITE
- Why is Sec-Fetch-Site: cross-site when redirecting to same-site
- an unexpected request with sec-fetch-mode: none, who triggered it?
- Sec-Fetch-Site: cross-site but it’s the same site
- request() empty in Laravel
- Sec-Fetch-Mode, Sec-Fetch-Dest, Sec-Fetch-Site in request header creating CORS issue
- What does the sec-fetch-site header mean? Why is the Origin header undefined?
- How to get full referer URL in Chrome when sec-fetch-site is cross-site
- Deny Fetch API requests on server side (PHP or Apache) from Opera address bar
- Sec-Fetch-Mode and blocked CORS
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Mozilla Firefox and Internet Explorer use a referrer policy called ‘no-referrer-when-downgrade’. Earlier Chrome also used the same policy but it has now shifted to ‘strict-origin-when-cross-origin’ which restricts the referrer URL to only include the domain of the URL. The resolution to make it work it for Chrome browser as well is to set the policy to ‘no-referrer-when-downgrade’ in the page where your request begins from i.e. the initial page (which in your case is the client managed one), which will help send the complete details and the browser’s default policy won’t be applied. You may refer to below link for better understanding of these changed policies:
https://www.w3.org/TR/referrer-policy/