I notice that my ASP.NET web app sometimes gets POST requests with the REFERER being a google.com URL. How is that possible? Is this some kind of hacking attempt?
Here are some of the more interesting HTTP values (I have replaced my real site with “example.com”):
HTTP_REFERER = http://www.google.com/gwt/x/e?wsc=bf&wsi=d9f494c200f04c82&u=http%3A%2F%2Fwww.example.com&ei=65oLUNikApHoxAKykMHqBA&whp=1view_unadapted%3B2http%3A%2F%2Fwww.mysite.com
REQUEST_METHOD = POST
HTTP_COOKIE = ASP.NET_SessionId=eakdubyv3bfj33l0adtyhamc
HTTP_USER_AGENT = KWC-Buckle/ABO1107 UP.Browser/7.2.7.2.551 (GUI) MMP/2.0
CONTENT_LENGTH = 195
CONTENT_TYPE = application/x-www-form-urlencoded
SCRIPT_NAME = /cgi/webloginscript.aspx
SERVER_PORT = 443
SERVER_PORT_SECURE = 1
HTTP_X_WAP_PROFILE = "mms.mycricket.com"
HTTPS = on
EDIT: When I tested the Referer URL using “wget”, I see that google responds with a 302 redirect to http://www.example.com . So could it be that the mobile browser is preforming the redirect but not resetting the referer to http://www.example.com as it should? Then when the user fills in the form and tries to submit it, the referer is still google.com? Buggy mobile browser?
the giveaway is the user agent.
someone is clicking on search results from a mobile device and google is rendering a mobile friendly version of your page.