The Referer request header contains the address of the page making the request. When following a link, this would be the url of the page containing the link. When making AJAX requests to another domain, this would be your page's url. The Referer header allows servers to identify where people are visiting them from and may use that data for analytics, logging, or optimized caching, for example.

Important: Although this header has many innocent uses it can have undesirable consequences for user security and privacy. See Referer header: privacy and security concerns for more information and mitigations.

Note that referer is actually a misspelling of the word "referrer". See HTTP referer on Wikipedia for more details.

A Referer header is not sent by browsers if:

  • The referring resource is a local "file" or "data" URI.
  • An unsecured HTTP request is used and the referring page was received with a secure protocol (HTTPS).


Referer: <url>


An absolute or partial address of the previous web page from which a link to the currently requested page was followed. URL fragments (i.e. "#section") and userinfo (i.e. "username:password" in "https://username:[email protected]/foo/bar/") are not included.


Referer: https://developer.mozilla.org/en-US/docs/Web/JavaScript


Specification Title
RFC 7231, section 5.5.2: Referer Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content

Browser compatibilityUpdate compatibility data on GitHub

Chrome Edge Firefox Internet Explorer Opera Safari
Referer Yes 12 Yes Yes Yes Yes
Length limited to 4096 bytes 77 79 70 No 64 No
Android webview Chrome for Android Firefox for Android Opera for Android Safari on iOS Samsung Internet
Referer Yes Yes Yes Yes Yes Yes
Length limited to 4096 bytes 77 77 No 55 No No

See also

© 2005–2020 Mozilla and individual contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.