So to summarize: It doesn't matter wheter you're using IE or Firefox, both browsers don't send the HTTP_REFERER option, is that true?
Then it might really be an issue of your Watchguard Firewall/proxy solution.
I found an article about configuring the outgoing proxy characteristics of this applicance here:
https://www.watchguard.com/support/fireware_howto/83/HTTP_Proxy_OutgoingProxyAction.pdfQuoting the interesting part:
--------------------------
----------
----------
-
Clients use the Referer header to send the address (URI) of the resource from which this request-URI was obtained. In
other words, sometimes when you click on a link, your browser sends information about the site you just came from.
This lets the receiving server gather statistics, optimize caching, trace bad links, and so on. Some users feel it is a
breach of privacy to tell any server what previous site referred the user to visit this site. Some sites do not allow connections
if the Referer field is not present or if the referer is not a certain domain. In addition, many CGI scripts that
run on the web server rely on the Referer header to make sure the HTTP request comes from a previously scripted
event. This is becoming less common as web security professionals realize that the header is easily spoofed. Because
stripping this header causes some connections to break, the rule is disabled by default.
Recommendation:
Keep the defaults unless you are familiar with the header you want to strip and know the consequences if you
strip it. Most request headers the client sends are necessary for the server to know the intentions and the
capabilities of the client.
--------------------------
----------
-------
Could you check this setting on your watchguard firewall?
