util::get_referrer (public)

 util::get_referrer [ -relative ] [ -trusted ]

Defined in packages/acs-tcl/tcl/utilities-procs.tcl

Switches:
-relative (optional, boolean)
return the refer without protocol and host
-trusted (optional, boolean)
Returns:
referrer from the request headers.

Testcases:
No testcase defined.
Source code:
    set url [ns_set iget [ns_conn headers] Referer]
    #
    # Don't return untrusted header field when -trusted was
    # specified. An attacker might to sneak in e.g. a JavaScript URL.
    #
    if { $trusted_p && [util::external_url_p $url]} {
        ns_log warning "someone tried to sneak in an untrusted referrer '$url'"
        set url ""
    }
    if {$relative_p} {
        # In case the referrer URL has a protocol and host remove it
        regexp {^[a-z]+://[^/]+(/.*)$} $url . url
    }
    return $url
XQL Not present:
PostgreSQL, Oracle
Generic XQL file:
packages/acs-tcl/tcl/utilities-procs.xql

[ hide source ] | [ make this the default ]
Show another procedure: