My app is written in Ruby on a Sinatra framework. One of the functions in my app displays javascript code. That javascript code is called by remote websites. In Ruby, I need to know the full URL of the remote website calling the javascript code so that I can make changes to the javascript code. I have tried retrieving the request.referrer and request.env["HTTP_REFERER"] but they only seem to retrieve the schema and domain of the referring domain. How do I get the full referring URL?
For reference, here is the Sinatra file that I am using to test this:
require 'sinatra'
get %r{/test} do
debug = {:referrer => request.referrer, :http_referer => request.env["HTTP_REFERER"], :path_info => request.path_info, :query_string => request.query_string, :host => request.host, :url => request.url, :path => request.path}
STDERR.puts debug.inspect
erb "test"
end
If this Sinatra file was hosted at http://www.server.com, you should be able to access this function by going to http://www.server.com/test
Then, if there was a remote website at http://www.remote.com/url-with-test-code.html with the following HTML:
<!DOCTYPE html>
<html>
<body>
<script src="http://www.server.com/test">
test
</body>
</html>
For this example, this is the results I am seeing:
{:referrer=>"https://www.remote.com/", :http_referer=>"https://www.remote.com/", :path_info=>"/test", :query_string=>"", :host=>"www.server.com", :url=>"https://www.server.com/test", :path=>"/test"}
But I would expect the "referrer" key to be "https://www.remote.com/url-with-test-code.html"
The issue is due to the browser's referrer policy. This StackOverflow answer gives more detail:
Many browsers have started to default to a stricter referrer policy (
strict-origin-when-cross-origin) when making a cross-domain request instead of the old default (no-referrer-when-downgrade). This will most often result in truncated urls, but occasionally means that the referrer will not be set at all (no-referrer).