Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

error 400: missing TARGET parameter

  • 5 replies
  • 1 has this problem
  • 23 views
  • Last reply by Stuer

Stuer
Stuer
more options

Since upgrading FF to 59.02 (I'm running a 64-bit version), I'm getting "ERROR 400: Missing TARGET Parameter" when hitting a link that should redirect to another host URL. This only occurs with "never keep history" set in the privacy settings. All FF versions up to 58.02 worked fine with "never keep history". Why does FF59.02 suddenly break the headers when using url redirection ?

Since upgrading FF to 59.02 (I'm running a 64-bit version), I'm getting "ERROR 400: Missing TARGET Parameter" when hitting a link that should redirect to another host URL. This only occurs with "never keep history" set in the privacy settings. All FF versions up to 58.02 worked fine with "never keep history". Why does FF59.02 suddenly break the headers when using url redirection ?

Chosen solution

Hmm, here's a guess:

Firefox conceals some referring page information when you use a link from one site to another site in a private window. In particular, it shortens the HTTP_REFERER header to the host name. Or in other words, if you click a link on this page:

https://example.com/page.html

that goes to another site (cross-site link):

  • Regular window sends: https://example.com/page.html
  • Private window sends: https://example.com/

If you want to override this and have private windows send the same referring page address as regular windows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste refer and pause while the list is filtered

(3) Double-click the network.http.referer.defaultPolicy.pbmode preference to display a dialog where you can enter the desired value (in this case 3), then click OK

  • 0 = never send referring page address
  • 1 = send full address within the same site, no address to other sites
  • 2 = send full address within the same site, send host name ONLY to other sites* (private window default)
  • 3 = send full address to all sites* (regular window default)

* Except when going from secure HTTPS to insecure HTTP, in which case Firefox does not send a referring address

After the change, these preferences will have the same value:

  • network.http.referer.defaultPolicy = 3 -- regular windows
  • network.http.referer.defaultPolicy.pbmode = 3 -- private windows

Does that explain/fix what's going on with the problem site?

Read this answer in context 👍 1

All Replies (5)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Chosen Solution

Hmm, here's a guess:

Firefox conceals some referring page information when you use a link from one site to another site in a private window. In particular, it shortens the HTTP_REFERER header to the host name. Or in other words, if you click a link on this page:

https://example.com/page.html

that goes to another site (cross-site link):

  • Regular window sends: https://example.com/page.html
  • Private window sends: https://example.com/

If you want to override this and have private windows send the same referring page address as regular windows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste refer and pause while the list is filtered

(3) Double-click the network.http.referer.defaultPolicy.pbmode preference to display a dialog where you can enter the desired value (in this case 3), then click OK

  • 0 = never send referring page address
  • 1 = send full address within the same site, no address to other sites
  • 2 = send full address within the same site, send host name ONLY to other sites* (private window default)
  • 3 = send full address to all sites* (regular window default)

* Except when going from secure HTTPS to insecure HTTP, in which case Firefox does not send a referring address

After the change, these preferences will have the same value:

  • network.http.referer.defaultPolicy = 3 -- regular windows
  • network.http.referer.defaultPolicy.pbmode = 3 -- private windows

Does that explain/fix what's going on with the problem site?

Stuer
Stuer Question owner
more options

wauw, this does solve the problem for FF59.02. But is this a new setting in 59.02 ? as the problem didn't occur up until FF 58.02

Stuer
Stuer Question owner
more options

it looks like in 59.02 the private windows setting is new and this makes a difference in behavior. Comparing 58.02 and 59.02, I see the following difference in this area : FF 58.02 has network.http.referer.userControlPolicy = 3 FF 59.02 the above was replaced by 2 settings : network.http.referer.defaultPolicy = 3 (regular windows) network.http.referer.defaultPolicy.pbmode = 2 (private windows)

Wouldn't it be more elegant to avoid the behavior to change when adding this type of new settings ?

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

See:

  • bug 587523 - Protect path of HTTP Referer Header when in Private Browsing [59]

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

Stuer
Stuer Question owner
more options

Thank you for the extra information. This was very helpful