Java Script question

[hustla]

Im tring to get java script to spoof a referer via the XMLHTTP object but i cannot get it working properly. 

here is an example that wont work
yahoo is the target and google is the fake referere this is the location of the script http://thisfileshost/spoof2.php


<script type="text/javascript">
var x = new ActiveXObject("Microsoft.XMLHTTP");
x.open("GET\thttp://www.yahoo.com\tHTTP/1.0\r\nHost:\twww.yahoo.com\r\nReferer:\thttp://www.google.com\r\n\r\nGET\thttp://nosuchhost/\tHTTP/1.0\r\nFoobar:","http://thisfileshost/spoof2.php",false);
x.send();
alert(x.responseText);
</script>

not sure what im missing here i get a file not found error 404 

Thanks guys

[akitchin]

...  did you not see the javascript forum?  i'm moving this there.

[hustla]

this is the article i followed

http://www.cgisecurity.com/lib/XmlHTTPRequest.shtml

[hustla]

sorry about that thanks did not see

[hustla]

read a little more and i believe its a proxy issue. is their any other methods you guys know of to spoof the referer without a forward proxy.

[hustla]

Found a much easier solution to spoof a referer via activex althought it does require you to enable the intilize and script control that are marked not safe option in ie settings. Don't know much about active x controls so if you guys know how to convert this small script to a control the user can install so they don't have to enable this option that would be great otherwise i guess i will spend a few hours reading. thanks below is the source. forgive the spelling to lazy to fix.

<SCRIPT language="Javascript">
function spoofit()
{
var target;
var referer;

target = document.getElementById('url').value;
referer = document.getElementById('ref').value;

var header = "Referer: " + referer + "\n\r";
var objIE = new ActiveXObject("InternetExplorer.Application");
objIE.Visible = true;
objIE.Navigate(target, 2, "", "", header);
}
</SCRIPT>