Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

Learn More

Limit cross-origin referers | network.http.referer.XOriginPolicy

  • 7 réponses
  • 0 a ce problème
  • 29 vues
  • Dernière réponse par zeroknight

more options

Could anyone explain what exactly this setting does, what it means, what it is?

Could anyone explain what exactly this setting does, what it means, what it is?

Solution choisie

The link you open doesn't change. Sending a request includes a lot of extra data in the HTTP request headers and one of this data is the referrer (URL of the page with the link you clicked).

You can check out at the browserspy website how websites see your browser, see HTTP_REFERER

See also the Network Monitor.

Lire cette réponse dans son contexte 👍 1

Toutes les réponses (7)

more options

See the comments in the source code.

0=always send, 1=send iff base domains match, 2=send iff hosts match.

Cela vous a-t-il été utile ?

more options

cor-el said

See the comments in the source code. 0=always send, 1=send iff base domains match, 2=send iff hosts match.

Thanks for that links, it's a useful source for sure. However while i now know the given values for the preference i still have absolutely no idea what it does.

Cela vous a-t-il été utile ?

more options

This is about sending the referrer when you open an external link on a webpage, so that website knows on what website you clicked this link, i.e. can track you. This pref allows to suppress the referrer in cross-site cases, so the website doesn't know where you came from.

Cela vous a-t-il été utile ?

more options

You're saying, i'm on a website, on this site i klick a link that connects me to another website, while this happens the link that goes to the target website might normally look like this example.com but since i didn't normally access it and instead accessed it from another site it now looks like this example.com/tracking-id-example. As a result the website i connected to knows from where i came (the previous website). Does this happen only when i klick on the link directly on the website or also if i use the open link in a new tab option? If i got anything wrong let me know. And thanks. Any downside of enabling this pref? dependin on the parameter?

Cela vous a-t-il été utile ?

more options

Solution choisie

The link you open doesn't change. Sending a request includes a lot of extra data in the HTTP request headers and one of this data is the referrer (URL of the page with the link you clicked).

You can check out at the browserspy website how websites see your browser, see HTTP_REFERER

See also the Network Monitor.

Modifié le par cor-el

Cela vous a-t-il été utile ?

more options

That's some really interesting stuff, thanks.

Sad that the browserspy website uses googleanalytics, is there a similar site that doesn't track you? The networkmonitor is also astonishing even when i mostly have no idea what im looking at. I copied the browserspy url and wiped all cookies/cache/history, reopened my browser and directly accessed the site but the http referer still shows the request came from support.mozilla.org but it didn't i accessed it directly. Coping text doesn't include data other than the text does it?! Then i wiped again everything and manually entered the url, still shows mozilla support as referer, why is that?

Cela vous a-t-il été utile ?

more options

Referrers are stored in the tab session, clearing history manually does not clear the session so the tab still remembers how you got there. This ensures the tab loads the same as it did originally, otherwise it could fail to load. Altering referrers can break sites since they are often used to combat hotlinking and bots.

Cela vous a-t-il été utile ?

Poser une question

Vous devez vous identifier avec votre compte pour répondre aux messages. Veuillez poser une nouvelle question, si vous n’avez pas encore de compte.