Header Modification

[hustla]

OK what i want to do is spoof the referer on a redirect

I tryed this
header("Location: www.something.com")
header("Referer: www.something2.com")

but what happens is it loses the referer after the redirect i sniffed it with etheral see below

Hypertext Transfer Protocol
    GET /members/links/pluginfeeds.php?ekgsso HTTP/1.1\r\n
        Request Method: GET
        Request URI: /members/links/pluginfeeds.php?ekgsso
        Request Version: HTTP/1.1
    Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*\r\n
    Referer: http://192.168.1.102/\r\n
    Accept-Language: en-us\r\n
    UA-CPU: x86\r\n
    Accept-Encoding: gzip, deflate\r\n
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)\r\n
    Connection: Keep-Alive\r\n
    Host: www.featuredmemarea.com\r\n
    \r\n

As you can see from above 192.168.1.102 is me not what i specifed in the php header.
Is their anyway to create a GET header like above except where i modify the referer in php. Thanks

[hvle]

try setting the referer before location:

header("Referer: www.something2.com");
header("Location: www.something.com");

Just a wild guess.

[hustla]

yea i've tried that. i really dont think their is a way to do this. i could get the server to spoof the get request but i want the clients get header to modified. let me know guys

[hvle]

you should read about Curl

[hustla]

found a way using java script and the httprequest object but thats it. would rather not use that.

[gewthen]

The http referer is supplied by the browser, not the server. Because php is server side you can do nothing about it. Javascript will work (not reliably though) because it is run in the client side which supplies the referer field in the request.

[hustla]

thats what i figured. guess i will go the java script way.Unfortantly in firefox you can't even spoof the referer unless you install a plugin. ohh well good old i.e security.