Thank you for your swift response.
I still seem to have an issue. I don’t seem to get any referer headers after the redirect. This is a slightly massaged output from curl (Mostly removing the many Exipre lines and replacing the URL and IP addresses):
curl -vvvvL https://www.oldsite.co.uk/
* Expire in 0 ms for 6 (transfer 0x559cab3545c0)
* Trying
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x559cab3545c0)
* Connected to www.oldsite.co.uk port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: OU=Domain Control Validated; CN=.oldsite.co.uk
* start date: Apr 2 16:36:01 2018 GMT
* expire date: Apr 2 16:36:01 2020 GMT
* subjectAltName: host “www.oldsite.co.uk” matched cert’s ".oldsite.co.uk"
* issuer:
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.oldsite.co.uk
> User-Agent: curl/7.64.0
> Accept: /
>
< HTTP/1.1 301 Moved Permanently
< Content-length: 0
< Location: https://www.newsite.co.uk
< Connection: close
<
* Closing connection 0
* Issue another request to this URL: ‘https://www.newsite.co.uk/’
* Expire in 1 ms for 1 (transfer 0x559cab3545c0)
* Expire in 50 ms for 1 (transfer 0x559cab3545c0)
* Trying
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x559cab3545c0)
* Connected to www.newsite.co.uk port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=www.newsite.co.uk
* start date: Aug 15 15:41:03 2018 GMT
* expire date: Sep 30 09:41:02 2020 GMT
* subjectAltName: host “www.newsite.co.uk” matched cert’s “www.newsite.co.uk”
* issuer:
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.newsite.co.uk
> User-Agent: curl/7.64.0
> Accept: /
>
< HTTP/1.1 200 OK
< Date: Mon, 10 Jun 2019 16:02:56 GMT
< Server: Apache-Coyote/1.1
< P3P: policyref="/w3c/p3p.xml", CP="NOI DPS COR CURa ADMa OUR NOR "
< X-Frame-Options: SAMEORIGIN
< Content-Type: text/html;charset=utf-8
< Content-Language: en-GB
< Set-Cookie: JSESSIONID=99235511898EE5ED4802D4605057F38B; Path=/; HttpOnly
< Set-Cookie: qtest_vdp2=old; Expires=Wed, 10-Jul-2019 16:02:56 GMT; Path=/
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< Set-Cookie: VIP1=webserver4; path=/
<
<!DOCTYPE html>
<html lang="en">
<head>
I have looked in the developer tools in Chrome, and I can’t seem to see the referer there either. This was why I started to go down the route of adding a cookie.
As an aside, if you can’t set a cookie in a redirect, why is it an option?