Referrer spoofing
From Wikipedia, the free encyclopedia
Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (March 2008)
In computer security, referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.
[edit] Application
Some websites, especially many pornographic paysites, utilize referrer information to secure their materials: only browsers arriving from a specified set of approved login pages are granted access. This facilitates the sharing of materials among a group of cooperating paysites. Additionally a site may want users to click through pages with advertising content before directly being able to access a downloadable file - using the referring page or referring site information can help a site redirect unauthorized users to the landing page the site would like to use.
If attackers acquire knowledge of these approved referrers, which is often trivial because many sites follow a common template,[citation needed] they can use that information combined with this exploit to gain free access to the materials.
Spoofing often allows legitimate access to a site's content where the site's web server is configured to block browsers that do not send referrer headers. Website owners may do this to disallow hotlinking.
It can also be used to defeat referrer checking controls that are used to mitigate Cross-Site Request Forgery attacks.
[edit] Tools
Several software tools exist to facilitate referrer spoofing in web browsers. Some are extensions to popular browsers such as Mozilla Firefox or Internet Explorer, which may provide facilities to customise and manage referrer URLs for each website the user visits.
Other tools include proxy servers, to which an individual configures their browser to send all HTTP requests. The proxy then forwards different headers to the intended website, usually removing or modifying the referrer header. Such proxies may also present privacy issues for users, as they may log the user's activity.
