When aes.js security was exempt for cloudflare integrated website I was able to get the actual referer header for my website but after recent change to aes.js security cloudflare is no more exempt I can’t get actual referer for my site. I always get the same page url as referer. Though I get correct referer after __test cookie is set by aes.js but still I miss it for almost all requests that comes from search engines.
Is there any way I get back the correct referer header?
Unfortunately, I do not think that it’s possible to retrieve the original referrer header.
When you make a request with Javascript, the page you’re being redirected to will see the redirecting page as the referrer. So if your website is https://example.com, then the page at Example Domain will see https://example.com as the referrer.
Unfortunately, there is no way to change this behavior with Javascript, and there is no way to do a kind of redirect that does preserve the referrer that would with with how the security system works.
I wish some one who implemented this security system will some how fix it some other day.
I can’t stop you from wishing that. But I don’t think that will happen any time soon.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.