Can one disable the HTTP referrer for only when one is going to a third-party domain?
I feel that the HTTP referrer is a breach of my privacy and I understand that some browsers for this very reason allow users to disable its sending. But as completely disabling it (as I know one can do in the about:config settings) breaks some websites. I would like to know if one can configure it so that it is only disabled for when you are going to a website which is a third-party one?
I am running Firefox 47.
Modified by user1251572
Chosen solution
The Big Fat Fox said
But as completely disabling it (as I know one can do in the about:config settings) breaks some websites. I would like to know if one can configure it so that it is only disabled for when you are going to a website which is a third-party one?
There is a newer preference you could experiment with:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste referer and pause while the list is filtered
(3) Double-click the network.http.referer.XOriginPolicy preference and enter the desired value:
0 => no restrictions (default) 1 => base domain must match (send from a.example.com to b.example.com) 2 => full host name must match (only b.example.com to b.example.com)
So with the default setting, the referrer should be listed on the following page, but with 1 or 2 it should not:
https://www.jeffersonscher.com/res/jstest.php
Read this answer in context 👍 1All Replies (4)
There is also network.http.referer.spoofSource
// false: use real referrer // true: spoof with URI of the current request bool userSpoofReferrerSource = gHttpHandler->SpoofReferrerSource();
Chosen Solution
The Big Fat Fox said
But as completely disabling it (as I know one can do in the about:config settings) breaks some websites. I would like to know if one can configure it so that it is only disabled for when you are going to a website which is a third-party one?
There is a newer preference you could experiment with:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste referer and pause while the list is filtered
(3) Double-click the network.http.referer.XOriginPolicy preference and enter the desired value:
0 => no restrictions (default) 1 => base domain must match (send from a.example.com to b.example.com) 2 => full host name must match (only b.example.com to b.example.com)
So with the default setting, the referrer should be listed on the following page, but with 1 or 2 it should not:
Modified by jscher2000 - Support Volunteer
I have looked and the default value appears to actually be `0`... So should I just minus `1` from each of the values to get what I need and you listed or...?
Oops, yes, somehow I got everything off by one. I'll fix my post.