error 400: missing TARGET parameter
Since upgrading FF to 59.02 (I'm running a 64-bit version), I'm getting "ERROR 400: Missing TARGET Parameter" when hitting a link that should redirect to another host URL. This only occurs with "never keep history" set in the privacy settings. All FF versions up to 58.02 worked fine with "never keep history". Why does FF59.02 suddenly break the headers when using url redirection ?
Выбранное решение
Hmm, here's a guess:
Firefox conceals some referring page information when you use a link from one site to another site in a private window. In particular, it shortens the HTTP_REFERER header to the host name. Or in other words, if you click a link on this page:
https://example.com/page.html
that goes to another site (cross-site link):
- Regular window sends: https://example.com/page.html
- Private window sends: https://example.com/
If you want to override this and have private windows send the same referring page address as regular windows:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
(2) In the search box above the list, type or paste refer and pause while the list is filtered
(3) Double-click the network.http.referer.defaultPolicy.pbmode preference to display a dialog where you can enter the desired value (in this case 3), then click OK
- 0 = never send referring page address
- 1 = send full address within the same site, no address to other sites
- 2 = send full address within the same site, send host name ONLY to other sites* (private window default)
- 3 = send full address to all sites* (regular window default)
* Except when going from secure HTTPS to insecure HTTP, in which case Firefox does not send a referring address
After the change, these preferences will have the same value:
- network.http.referer.defaultPolicy = 3 -- regular windows
- network.http.referer.defaultPolicy.pbmode = 3 -- private windows
Does that explain/fix what's going on with the problem site?
Прочитайте этот ответ в контексте 👍 1Все ответы (5)
Выбранное решение
Hmm, here's a guess:
Firefox conceals some referring page information when you use a link from one site to another site in a private window. In particular, it shortens the HTTP_REFERER header to the host name. Or in other words, if you click a link on this page:
https://example.com/page.html
that goes to another site (cross-site link):
- Regular window sends: https://example.com/page.html
- Private window sends: https://example.com/
If you want to override this and have private windows send the same referring page address as regular windows:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
(2) In the search box above the list, type or paste refer and pause while the list is filtered
(3) Double-click the network.http.referer.defaultPolicy.pbmode preference to display a dialog where you can enter the desired value (in this case 3), then click OK
- 0 = never send referring page address
- 1 = send full address within the same site, no address to other sites
- 2 = send full address within the same site, send host name ONLY to other sites* (private window default)
- 3 = send full address to all sites* (regular window default)
* Except when going from secure HTTPS to insecure HTTP, in which case Firefox does not send a referring address
After the change, these preferences will have the same value:
- network.http.referer.defaultPolicy = 3 -- regular windows
- network.http.referer.defaultPolicy.pbmode = 3 -- private windows
Does that explain/fix what's going on with the problem site?
wauw, this does solve the problem for FF59.02. But is this a new setting in 59.02 ? as the problem didn't occur up until FF 58.02
it looks like in 59.02 the private windows setting is new and this makes a difference in behavior. Comparing 58.02 and 59.02, I see the following difference in this area : FF 58.02 has network.http.referer.userControlPolicy = 3 FF 59.02 the above was replaced by 2 settings : network.http.referer.defaultPolicy = 3 (regular windows) network.http.referer.defaultPolicy.pbmode = 2 (private windows)
Wouldn't it be more elegant to avoid the behavior to change when adding this type of new settings ?
See:
- bug 587523 - Protect path of HTTP Referer Header when in Private Browsing [59]
(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)
Thank you for the extra information. This was very helpful