Library code snippets

Spoofing the Referrer using HttpWebRequest

  • Comments (7)
  • PDF
  • AddThis
By Dave Wanta, published on 20 Feb 2005

I noticed the article the other day on your website about "Spoofing the Referer During a Web Request" Immediately after reading it I was wondering if you can do this using ASP.NET, the answer is a resounding "YES, of course!". This works because the http standards allow the client to actually dictate the HTTP_Referer variable.

Here is the code:


Function FetchURL(SomeURL as String, Referer As String) as String
    Dim WebResp as HTTPWebResponse
    Dim HTTPGetRequest as HttpWebRequest
    Dim sr As StreamReader
    dim myString as String
    HTTPGetRequest = DirectCast(WebRequest.Create(SomeURL),HttpWebRequest)
    HTTPGetRequest.KeepAlive = false
    HTTPGetRequest.Referer = Referer
    WebResp = HTTPGetRequest.GetResponse()
    sr = new StreamReader(WebResp.GetResponseStream(), Encoding.ASCII)
    myString = sr.ReadToEnd()
    Return myString
End Function

You can then call this using the following:

Dim PageString As String
PageString = FetchURL("http://www.google.com/","http://www.microsoft.com")

Comments

  1. Ken Hosinski
    03 Apr 2007 at 14:23
    This looks pretty good, but I need Post url variables and upload file to PHP website. Can you help me out?
  2. Jerry Loberg
    12 Jun 2006 at 22:52

    I love this article (post).  This is exactly what I am looking to do, but my entire site is written in classic .asp.  Is there a way to do this in classic ASP?

    I would not be opposed to a link from my .asp that goes to an ASP.NET page that would include the script you created and automatically redirect the user to the page specified in the link.  Kind of a middle processing ground.

    Does this make sense?  If so can anyone help make it happen??  Please let me know your thoughts and abilities on helping me.

    Thank you,
    Jerry


  3. XtremeMaC
    19 Sep 2005 at 23:34

    its not a mistake
    1 is the referrer other one is the site to visit...
    and the function accepts 2 parameters.....

  4. Zach
    13 Apr 2005 at 04:06

    This is a very short and sweet - though activex - method - short enough to fit in a bookmarklet (IE only obviously)


    http://sportsforum.ws/spoof.html

  5. James Crowley
    31 Mar 2005 at 20:31

    Oh dear! I've corrected those now.

  6. trinet
    07 Mar 2005 at 11:08

    1. You have declared a function with one parameter (the URL to fetch), but your example passes two parameters: the URL to fetch, and the HTTP-REFERER.
    2. The function calls WebRequestFactory.Create. This should read WebRequest.Create.
    3. The return type of the Create function is WebRequest. Your code assigns this directly to an HttpWebRequest variable. This will only work in VB.NET with Option Strict turned off. If you must directly access the properties of the derived class, you should include a DirectCast in your assignment statement.
  7. Developer Fusion Bot
    01 Jan 1999 at 00:00

    This thread is for discussions of Spoofing the Referrer using HttpWebRequest.

Leave a comment

Sign in or Join us (it's free).

Related tags

vb.net
Dave Wanta

Related articles

Ask a question

Related discussion

Related podcasts

  • xpert to Expert: Inside Concurrent Basic (CB)

    "Concurrent Basic extends Visual Basic with stylish asynchronous concurrency constructs derived from the join calculus. Our design advances earlier MSRC work on Polyphonic C#, Comega and the Joins Library. Unlike its C# based predecessors, CB adopts a simple event-like syntax familiar to VB progr...

Languages

Web Development

Frameworks & Architecture

Other major sections

Cancel
Want to stay in touch with what's going on? Follow us on twitter!