Question about HTTP Referers

[XPY]

Hello everybody. I have a basic question about HTTP referers:
If i post an embedded picture in a forum, and the picture is hosted on another server, will the owner of this server know where i have posted the picture, or does he just get the ip-addresses of the people which download the picture?

[LowWaterMark]

It depends entirely upon those who are viewing the image from your embedded link on the forum. If their browsers and privacy software are configured to allow the free passing of referrers, then the server hosting the image will have source URL in their webserver logs. If some forum users are configured to block referrers, then no referrers will be logged on the image hosting server.

Of course, as you mentioned, the image hosting server will see the IP addresses of all connections pulling copies of their image, so be advised that you are not doing those forum users any great "privacy favor" by linking them to a third-party server to display images. Also, be sure that the server hosting the image(s) don't have a usage policy against that. You are causing their server resources and bandwidth to be used in order to display those images to the forum users.

[XPY]

I thought the image hoster would only get the referer information, if the person who downloads the image also visits an html, php, ... file (of the image server).

I mean, it is possible that a jpeg file is able to "capture" referer informations? There isn't a script required to do that?

[Jim Verard]

http://www.danasoft.com/sig/TheSurcouf.jpg

[XPY]

Hi jim! Nice pic, but i can't see any referer infos on it.

[LowWaterMark]

Quote:

Originally Posted by XPY

I thought the image hoster would only get the referer information, if the person who downloads the image also visits an html, php, ... file (of the image server).

No, referrers are passed for every object pulled from a webserver, assuming the browser and security software are allowing referrers. You don't need to hit an HTML or PHP file on the hoster's webserver.

Quote:

Originally Posted by XPY

I mean, it is possible that a jpeg file is able to "capture" referer informations? There isn't a script required to do that?

The referrers are not captured by the object being accessed. They are logged by the webserver software regardless of the type of file being served. You don't need to execute a script or program of any type at the hosting server for all the logging to happen.

[XPY]

LowWaterMark +Jim Verard, thank you very much for the help!

[Jim Verard]

Regarding the referrer issue, check this thread:

(post # 165 ):

http://www.wilderssecurity.com/showt...=176514&page=7

(post # 178 ):

http://www.wilderssecurity.com/showt...=176514&page=8

I am using XeroBank to gain access to internet, and PrefBar is configured to not allow any referrers.

I need a confirmation here.

If I understand correct, you are sending one referrer if you click on some remote link (for example, someone's signature which leads you to another website).

Let's say that LowWaterMark have this signature on Microsoft board:

Visit Wilders Security

So, every one who clicked on his signature in order to access Wilders Sec. has sent a referrer and LowWaterMark knows some folks are accessing his board from Microsoft. Right?

In my case, I am blocking referrers by using PrefBar - Sent Referrer (leave this option unmarked). My TOR IP will be recorded by LowWaterMark server? What kind of information he will receive from me? Nothing?

I ask the same question for remote images. Wilders JPG logo placed on the same MS board, while I am seeing this picture.

[LowWaterMark]

Quote:

Originally Posted by Jim Verard

If I understand correct, you are sending one referrer if you click on some remote link (for example, someone's signature which leads you to another website).

Let's say that LowWaterMark have this signature on Microsoft board:

Visit Wilders Security

So, every one who clicked on his signature in order to access Wilders Sec. has sent a referrer and LowWaterMark knows some folks are accessing his board from Microsoft. Right?

Yes, that is almost always true. Since the majority of people do not block referrers, almost everyone clicking a link to wilderssecurity.com from any other forum or website out on the Internet, will pass the referrer field to the webserver here. So, the URL of the webpage they were on when they clicked such a link will be passed.

Quote:

Originally Posted by Jim Verard

In my case, I am blocking referrers by using PrefBar - Sent Referrer (leave this option unmarked). My TOR IP will be recorded by LowWaterMark server? What kind of information he will receive from me? Nothing?

If you are properly configured using that proxy service, then it should only be the TOR IP address that accesses the server here. No private IP address information should be included when using an anonymous proxy service. With referrer blocked, that field should be blank - although some referrer blocking software actually insert something specific into that field. Outpost Firewall often inserts: "Field blocked by Outpost Firewall (http://www.agnitum.com)" into the referrer field.

There's one other field to consider: User Agent. If that isn't blocked or a bogus one put into place, then information like this will be included for a Windows XP user running the latest Firefox version: "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7"

Quote:

Originally Posted by Jim Verard

I ask the same question for remote images. Wilders JPG logo placed on the same MS board, while I am seeing this picture.

If IMG tags are used to embedded a remote hosted image on a forum or website, the same information is passed. The only difference is that the people viewing that thread or webpage don't have to click on a link to have that access happen. In your example, if someone IMG tags the Wilders logo in a thread on some other forum, everyone that views that thread, and who haven't somehow disabled the automatic rendering of third-party hosted images, will access the Wilders webserver to get the image, and will pass the same information as if they had manually clicked a URL to here from that same page.

Note that I recently disabled the rendering of remote images via IMG tags here at Wilders because of the issue of privacy and tracking possibilities:

Sticky: Third-party hosted image linking disabled