The solution outlined below is believed to be obsolete & ineffective, but retained for historical interest. Phorm have changed their method of operation to hi-jack image requests. You should encrypt your web communications using SSL.

Catch 22; Test for Phorm Cookie Stripping

Many people have suggested this solution to me, and I'm grateful for their ideas.

This is a pure server side solution to detect Phorm.

The server side code deliberately sets a bogus Webwise UID cookie (assuming Phorm will attempt to hide their phorged cookie by stripping it from server requests).

A second tell tale cookie is set, using an ever-changing name and value.

If neither cookie is returned, the user has blocked cookies for the site.

If the tell tale cookie is returned, but does not compute, the connection is being corrupted.

If the tell tale cookie is returned, but not the Webwise cookie, you know Phorm is active on the connection.

Updated 16 November, enhanced webwise uid generation code, added default opt out value for uid


Include the following code into every one of your pages;

      <p>My Page</p>

Download Catch 22 Code Here

Download Catch 22 Zip Archive. (or view as a text file here).

MD5Sum: 3d03324fe6ef0c8a2260e2f61f580ffe