Using HTTP redirection

  The first approach we describe for achieving the interaction of Figure 2 uses the ``redirect'' feature of the HTTP protocol. When a browser requests a URL from a web server, the server can return an HTTP redirection status code in the range 300-399 (e.g., 301 Moved Permanently), which indicates to the browser that it should look for the page at another URL. This other URL is specified in the Location HTTP header. Upon receiving a response with status code 301 Moved Permanently, the browser finds the Location header and immediately issues a request for the URL specified in that field.

Given this mechanism, one way for site A to monitor the number of clicks through pageA.html to pageB.html is to craft pageA.html so that its link purportedly to pageB.html is really a link to a ``dummy'' URL on site A. If site A is configured to redirect requests for this dummy URL to pageB.html on site B, then A can easily monitor clicks through pageA.html to pageB.html by monitoring the number of requests for the dummy URL. The resulting web transaction proceeds as shown in Figure 2: after receiving pageA.html, the user clicks on the link purportedly to pageB.html, which causes the dummy URL on site A to be requested (message 2). A returns an HTTP redirect header with the Location field set to the URL of pageB.html, which causes the browser to retrieve pageB.html (messages 3,4). The number of requests for the dummy URL is an indicator of the number of clicks through pageA.html to pageB.html.

One practical obstacle to this approach as described so far is that it employs a reconfiguration of the web server on site A, which may not be possible if the participant in the click-through program does not have the authority to reconfigure the web server on site A. It is possible to effect this redirection without reconfiguring the web server by using CGI programming. On many web servers, a CGI script that returns a properly formatted Location header will cause a redirection to the URL named in that header. So, if the dummy URL on site A is the URL for a CGI script that outputs a Location header set to the URL of pageB.html, then this achieves the exchange of Figure 2. This exchange can also be achieved by using a no parse header (NPH) script, which is a CGI script that is allowed to entirely control the HTTP headers in the response sent back to the browser. An NPH script that explicitly returns a redirection status code and Location header can also be used to effect the desired redirection.

It is worth noting that some obvious HTML-only approaches to effecting this redirection do not suffice because they cause the HTTP Referrer field to be blanked in the request to B, thereby precluding A from getting credit for the click-through. One such approach is to craft pageA.html so that its link purportedly to pageB.html is really a link to an HTML page on site A that immediately ``refreshes'' the user's browser to pageB.html using HTML's <meta> tag (see [MK97, Section 14.2]). Using this approach with NC4 and IE4, the Referrer field that B received was empty.