2010-05-25T09:12:59+01:00

https for searching?

So we have an SSL version of a quite decent search engine. This should, besides the client-server encryption which is obvious, also hide a referrer. I've tested it right away:

click from http://www.google.cz/

192.168.240.133 - - [25/May/2010:09:11:42 +0200] "GET / HTTP/1.0" 200 41844 "http://www.google.cz/url?sa=t&source=web&ct=res&cd=16&ved=0CFUQFjAP&url=http%3A%2F%2Fkutej.net%2F&rct=j&q=kutej&ei=iHj7S436JsGtOMfE5P8B&usg=AFQjCNEIRhHXy7b_DsiM6c28l0wx3vOcVg&sig2=_cYOxkj7loeHmqhdNH6cUA" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100501 Iceweasel/3.5.9 (like Firefox/3.5.9)"

click from https://www.google.com/

192.168.240.133 - - [25/May/2010:09:12:21 +0200] "GET / HTTP/1.0" 200 41844 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100501 Iceweasel/3.5.9 (like Firefox/3.5.9)"

"http://www.google.cz/url?sa=t&source=web&ct=res&cd=16&ved=0CFUQFjAP&url=http%3A%2F%2Fkutej.net%2F&rct=j&q=kutej&ei=iHj7S436JsGtOMfE5P8B&usg=AFQjCNEIRhHXy7b_DsiM6c28l0wx3vOcVg&sig2=_cYOxkj7loeHmqhdNH6cUA"
vs
"-"

So when hiding, use SSL! :-)

Another headache for webmasters, where are all this people coming from?

comments powered by Disqus