I have a site that is on https. I am going to be linking to a site that is not on https, just http, and they are going to customize their page based on the referrer, but they say that you can't get the referrer if you come from https. Is this true? If it's not true, is there a special way to get the referrer if the referrer is on https?
Some browsers don't set the referrer when calling HTTP from HTTPS. Some people also turn off referrer completely in their browser or firewall for privacy reasons. As a field under user control the referrer field should not be used for any essential processing in any case.
so what is the best way for our external site this is on http to know that the user came from our https site? We are using a form that sends a hidden variable right now, but we ran in to FireFox throwing up a warning message to the user that they are leaving a secure site, and when they hit the "ok" button, you don't get the new window with the partner (http) site.