latest changes & additions at link to short briefings documents link to document abstracts link to list of useful data tables quotations at, with source document where relevant economics and money zone at - government swindles and how to transfer money on the net latest news headlines at abelard's news and comment zone socialism, sociology, supporting documents described France zone at - another France Energy - beyond fossil fuels visit abelard's gallery click for abelard's child education zone about abelard and

back to abelard's front page


net technology

your images from the net are not displaying?
by the auroran sunset

New translation, the Magna Carta

site map



web technology zone at


unfound net images
“private headers”
  TCP/IP handshakes
  referrer headers

unfound images

A number of people have complained that they cannot see the images at the website, that instead they see a red ‘x’ or another symbol for unfound images.

First of all, this is not a problem with the server, but a problem with the setup of the user’s, that is your, computer. In all the cases we have encountered so far, the user in question was using a ZoneAlarm personal firewall which was set to block what ZoneAlarm calls “private headers”. That option appears to cause the communication system between your web-browser and standard web servers to break.

So-called “private headers” are not in any way related to security or privacy, but are just another example of security companies using vague and ominous sounding words to alarm unwary customers into paying for useless, and often counterproductive, wares.

What follows is a fairly technical and involved explanation of “private headers”, why they are necessary and why they are not relevant to your computer’s security or to your privacy.

You do not need to read or follow this explanation in order to fix your problem with images from (or elsewhere) not showing:
for that,
simply unblock “private headers” in your ZoneAlarm to return to index on


“private headers”

When you click on a link in your browser (Mozilla Firefox, Microsoft Explorer, Opera, etc.) a number of things happen in order to make it possible for you to see the page you have asked for by clicking.

First, your browser tells your computer to set up a TCP/IP (Transaction Control Protocol/Internet Protocol) connection with the computer that stores that web page you want to read. The computer that stores the web page is called a “server” and is said to be “hosting” the pages.

TCP/IP handshakes

Setting up a TCP/IP connection takes three messages going between your computer and the server. Techies call this set of messages a “TCP/IP handshake”. One of its main purposes is to make sure that both your computer and the server know each others’ IP address, the unique address used to find computers on the internet. There is no way to get data from the internet without someone finding out your IP address. It is possible to use an anonymising service, but all that means is that the anonymiser knows your IP address rather than the server whose data you want.

After the TCP/IP connection is made, your computer and the server start to talk on the HTTP (Hyper-Text Transfer Protocol) level. Essentially, your computer sends to the server a message saying, “I want the file with this name, my address is this, I came from this web page” and a few other lesser bits of information. Each of these bits of information is called a “header”.

The server then checks the headers you have sent, and if it decides your information is kosher, it sends you the page or image you want. There are also various acknowledgment messages, so that it usually takes a total of seven messages - including setting up the TCP/IP connection - between your computer and the server to get (download) one file.

The HTTP communication system is what is known as “transaction-less” in techie-speak. That means that there is no memory in the HTTP system. If you ask for one document and then a second, HTTP does not have any intrinsic way to tell the server that the two requests are related. This has advantages and disadvantages. It makes the web system extreme flexible and resistant to failure, but can be inconvenient. To compensate for this inconvenience, a new header was invented, called the “referrer header”.click to return to index on


referrer headers

The referrer header tells the server from which page your request came.
There are three possibilities:

  1. You type an address into the address bar of your browser and click enter. As you have not come from anywhere, the referrer header should be blank.

  2. On a page somewhere on the internet - with a site address of Address1 - you click on a link. As you have come directly from Address1, the referrer header will contain Address1.

  3. You ask for a page - with a site address of Address2 - that contains images, or other files. All of these files - the text page and the images ‘contained’ in it - are separate and so the server must be asked for them separately. Your browser, seeing that the downloaded web page needs these images, asks for them. The referrer header in those requests will contain the address Address2.

Only in the second case is there any possible privacy intrusion, albeit very minor. Minor because the only information the server will have about you is your IP address, what page on their server you wanted to see and what page you came from. This does not tell them who you are. It does not tell them anything else about your browsing habits, just who directed you to their site. Of course, if you have somewhere told them who you are, they can make the connection; but you have not told any site that you do not trust who you are, have you???

In the first case, there is obviously no problem because there is no referrer header at all. In the third case, there is no problem because the referring page is one the server already knows that you wanted to read - you just asked the server for it!

It is these referrer headers that the ZoneAlarm-ists are apparently calling “personal” to return to index on



To understand how referrer headers relate to the original red x problem, you have to understand little about “leaching” and how website owners deal with it.

Leaching is a form of theft - a website displays an image or another large file, which is actually located on another person’s server, on one of their own pages. When a user looks that page, the user sees the image as if it is part of the website they are looking at, but it is the server on which the file lives that does the work and pays the cost.

Running a server costs money. Most of that money is for buying “bandwidth”. This money is paid according to the amount of data sent to users (visitors to that website), usually paid monthly. A leacher causes the image owner to pay for the leacher to receive the benefit from the image owner’s work, called from the leacher’s website by the leacher’s web-visitors, in hits and customers/money from those hits. Leaching is often referred to as “stealing bandwidth”.

Fortunately, there is a 100% effective method to stop leaching. You (as an image owner) tell your server not give images, or other big files, to anyone who does not have a referrer header for a page within your own website. Thus if a user asks for one of your pages, they can call down that page and all its images without any problem, because your pages are obviously on your own website. If the user asks for an image directly, or via someone else’s site, your server tells them to go away and their browser shows them a red x.

Unfortunately, ZoneAlarm is apparently more concerned with creating fear of non-existent threats than with not damaging the functioning of your computer, and so removes all referrer headers, even those that are for the same site as the file being requested.

As stated above, the solution to this problem is simple and harmless:
unblock “private headers” in your Zonealarm software. You also might consider politely informing ZoneAlarm of your opinion of their behaviour.

You could also consider using a different firewall. There is more about firewalls in Software for to return to index on


This document was kindly contributed to by the auroran sunset.

advertising disclaimer

You are here: your images from the net are not displaying? by the auroran sunset < technology < Home

about abelard memory, paranoia & paradigms francis galton france zone   memory & intelligence loud music & hearing damage children & tv violence

spacing line at


  information abstracts briefings   news headlines news archives latest

email abelard at

© abelard, 2005, 26 october

all rights reserved

the web address for this page is

prints as 2 A4 pages (on my printer and set-up)