Product
HTTP Interceptor

A Power HTTP Interceptor to Intercept, Record, Debug & Modify HTTP Requests

API Client

A lightweight and secure API Client for faster API Development & Testing

API Mocking

Build frontend faster without waiting for backend.

Solutions
Frontend Web/Mobile Developers

Requestly improves front-end workflows with local JS testing, mocking, and SessionBook debugging.

For QA engineers

QA engineers love Requestly for its features and ease of use, allowing easy edge case testing.

Support Engineer

Support engineers value Requestly for debugging, demoing, and overriding GTM and Adobe scripts.

Backend Developers

Requestly helps in improving back-end development workflows, by enabling testing.

Pricing
Resources
Pricing
Blog
Case Studies
Status
Github
Release Note
Student Programme
🎉 Requestly joins BrowserStack to build the future of application testing. Read more

HTTP Headers

Referer

HTTP Header

The HTTP Referer request header contains the absolute or partial address from which a resource has been requested.
The Referer header allows a server to identify referring pages that visitors are coming from or where requested resources are being used.
This information can be utilized for analytics, logging, optimized caching, and other purposes.

When clicking a link, the Referer contains the URL of the page that includes that link.
When requesting resources from another domain, the Referer shows the URL of the page that used the requested resource.

The Referer header can include an origin, path, and query string, but it may exclude URL fragments (such as #section) or username:password data.
The data included in the Referer header is controlled by the request’s referrer policy. For detailed information and examples, consult the Referrer-Policy documentation.

Additionally, the Referer should be sent in requests following a Refresh response or similar methods like <meta http-equiv=”refresh” content=”…”>) that trigger navigation to a new page, provided it aligns with the referrer policy.

Warning:
This header can have significant implications for user security and privacy.
Refer to Referer header: privacy and security concerns for more information and ways to mitigate potential issues.

Syntax

Syntax

http
Referer: <url>

Directives

Directives

<url>

An address of the web page that makes the request, which can be full or partial. When specifying URLs, fragments such as #section and user information like username:password (found in URLs like https://username:[email protected]/foo/bar/) are typically excluded. The origin, path, and query string can be included depending on the referrer policy.

Example

Examples

http
Referer: https://developer.mozilla.org/en-US/docs/Web/JavaScript
Referer: https://example.com/page?q=123
Referer: https://example.com/

How to Modify Header using Requestly

Requestly is a powerful Chrome extension that allows you to modify HTTP headers, including the Referer header. This is especially useful for testing how your web server or application behaves when requests come from different sources. Steps to Modify the Referer Header:

  1. Install and open the Requestly Chrome extension. You can find it on the Chrome Web Store.
  2. Create a new rule: Click on “Create Rule” and choose “Modify Headers” from the list of available rule types.
  3. Add a new header modification:
    • Under “Action”, select “Add” or “Override”.
    • In the “Header Name” field, enter Referer.
    • In the “Header Value” field, enter the URL you want to set as the referrer (e.g., https://example.com).
  4. Set the URL condition: Specify the URL or pattern where this header change should apply (e.g., https://your-api.com/*).
  5. Save the rule.

Once set up, Requestly will substitute the Referer header in all matching requests, allowing you to simulate requests from different sources or test security rules based on referrer validation.

Modifying the Referer header can help you test how your website or API handles requests from different origins. It is also useful for debugging issues related to privacy, analytics, or access control based on where the request is coming from.