MozillaZine

Send Referrer Info

Discussion of general topics about Mozilla Firefox
Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 19th, 2009, 8:27 pm

I wasn't aware we no longer had the option 'not' to send referrer info, until I ran a browser test on PC Flank. I have no idea how to configure my firewall, Online Armour, to block referrer info.

If I recall, there once was a setting for this in Firefox's preference. I don't understand the compatibility issue referenced in article re about:config entries. Why is this no longer an option?

I had no setting at all for this, when there's s'posedly a default setting: network. http. sendRefererHeader

Also, is that referer or referrer (correct sp.) ? There are two different spellings in the article.

James
Moderator

User avatar
 
Posts: 25492
Joined: June 18th, 2003, 3:07 pm
Location: Made in Canada

Post Posted June 19th, 2009, 8:32 pm

It is network.http.sendRefererHeader without the spaces. The spaces were put in the Preferences in the about:config entries article so the lines would wrap better when the Preference was longer.

http://kb.mozillazine.org/network.http.sendRefererHeader
network.http.sendRefererHeader
0 = Never send the Referer header or set document.referrer.
1 = Send the Referer header when clicking on a link, and set document.referrer for the following page.
2 = Send the Referer header when clicking on a link or loading an image, and set document.referrer for the following page. (Default)

Right-click the network.http.sendRefererHeader preference and select Modify and put in the number of the behaviour you want.
(*.mozillaZine.org is not Mozilla!)
The Complaint Department at Mozilla (current complaints) (<It is not a real complaint site but for jokes/testing of bugzilla).
The Complaint department link is borked until unknown time.

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 19th, 2009, 8:45 pm

Of course, I should know better. Thanks for clarifying.

However, my main issue is why is there no longer an option to block referrer info.

I assume this is the setting for that: network.http.sendSecureXSiteReferrer

I recall there being a setting at one time. I'm not programmer, so bug info doesn't help me much. If there's simple explanation,. I'd appreciate knowing it.

Scarlettrunner20

User avatar
 
Posts: 847
Joined: February 13th, 2003, 5:06 pm

Post Posted June 21st, 2009, 7:11 am

Use the Proxomitron. It blocks referrer information. I think Fx 1.5 blocks it but since Proxo does, I haven't paid too much attention. I'll have to check. Most of the negative privacy changes with Fx started with 2.0 and that is one reason I have kept 1.5 all this time. I don't need to do all kinds of stuff to it to make it respect privacy like I do with Fx3. I've had it running a very long time now on my host machine with the SAME profile...but it's about to die finally...at least the profile is going really bad...so, I can't check it now...I'm on a virtual machine at the moment.

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 21st, 2009, 11:43 pm

Thanks for your suggestion, good thought. However, I'd really prefer to be able to do that in Firefox again. I'm sure there was an setting in Options in FF 2, at least. I just didn't realized it had changed and surely wouldn't have expected it to.

Since nobody's answered my question, I'll assume it's a deep, dark secret for some reason. Would someone please tell me, if this is the entry that applies then?

network.http.sendSecureXSiteReferrer ?

Or is it the other one? And, what problems will I have, if I change the default setting?

Thanks

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 21st, 2009, 11:45 pm

Quote from PC Flank Browser test:

Browser privacy check

The test checked if your web browser reveals any private information while you visit Web sites. Usually such information is: the last site visited, your locale and who your Internet Service Provider is.
At Risk!

Attention! Your browser is not private. Privacy is 50%
While visiting web sites your browser sends information about previous sites you have visited.

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 22nd, 2009, 12:55 am

OK, I thought James was only setting me straight on this statement I made earlier...

"I had no setting at all for this, when there's s'posedly a default setting:
network. http. sendRefererHeader

Anyhow, the best way to find out, is to try it. Default is 2, so I set it to 0....
network.http.sendRefererHeader

I still would like to know why there's no longer a setting for it in Options, as there was previously? Plus, why isn't it blocked by default any longer?

Browser privacy check on PC Flank:

Referrer check
Safe While visiting web sites your browser does not reveal private information (called 'referrer') about previous sites you have visited.

Recommendation
Your browser (or firewall) set to block referrer so there is no risk to your privacy.

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 22nd, 2009, 1:12 am

I don't mean to spam the forum with posts, but I just want to add... I'm really disappointed about this privacy issue, since (for one thing) I assumed it was a done deal. It was in the past, so I took it for granted.

Plus, I've been a strong advocate for Firefox a number of years. I've persuaded an unknown number of users (some very clueless) to switch from IE to Firefox on support forums I volunteer on.

I hope Mozilla doesn't let us down, like some vendors end up doing, after gaining our trust. Comodo comes to mind! That's for another topic/discussion. :( I just hope there's never a reason for the IE diehards to tell us, something like: "told you so!"

Bluefang

User avatar
 
Posts: 7846
Joined: August 10th, 2005, 2:55 pm
Location: Vermont

Post Posted June 22nd, 2009, 6:26 am

I don't recall there ever being any kind of setting other than the network.http.sendRefererHeader preference, and IIRC it has always had the default value of 2.

The reason most [if not all] browsers have this functionality enabled by default is that there are sires which use the referrer to prevent hotlinking and leeching. If you don't send a referrer, these sites won't serve content like images. Browser developers decided (and rightly so IMHO) that it's probably better to have a browser that works as expected than to address the minimal privacy concern that this creates.

And anyways, those who are neurotic about privacy/security will know, or find out, what settings to change, so I don't see it as a problem.
There have always been ghosts in the machine... random segments of code that have grouped together to form unexpected protocols. Unanticipated, these free radicals engender questions of free will, creativity, and even the nature of what we might call the soul...

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 22nd, 2009, 12:47 pm

Bluefang, I'm quite sure there was a setting in FF's Options about sending referrer info., similar to this setting in Opera:

http://i42.tinypic.com/snoqcx.gif

It's nothing to do with paranoia. I take my privacy seriously, as do many other users who are less savvy. It's no website's business, which site I visited last. That's one feature I always appreciated about FF vs. IE.

I'd go so far to say, the only users who couldn't care less are those who are careless about everything on the net.

P.S. I sincerely apologize to the forum. I didn't even consider I may be cross-posting, when I posted that second query (same topic.. duh!) about FF 3.5. :(

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 22nd, 2009, 1:12 pm

Quote; "And anyways, those who are neurotic about privacy/security will know, or find out, what settings to change, so I don't see it as a problem."

I take offense at being labeled neurotic, because I take privacy/security issues seriously.

Bluefang

User avatar
 
Posts: 7846
Joined: August 10th, 2005, 2:55 pm
Location: Vermont

Post Posted June 22nd, 2009, 1:46 pm

Well, I just went on an incredibly nostalgic road-trip and looked in each of the major Firefox versions (3.x, 2.0.0.20, 1.5.0.12, 1.0.8, 0.9, 0.8, 0.7, and for kicks, 0.5 and 0.1). There never was a UI option to control referrers. There may have been in Netscape/Mozilla Suite/SeaMonkey, but never in Firefox.
There have always been ghosts in the machine... random segments of code that have grouped together to form unexpected protocols. Unanticipated, these free radicals engender questions of free will, creativity, and even the nature of what we might call the soul...

Ms. Eagle
 
Posts: 13
Joined: July 16th, 2008, 4:22 am

Post Posted June 22nd, 2009, 3:06 pm

If you say so.. who am I to contradict you. I can't prove otherwise. I've always had that setting applied in FF, so something changed it. It wasn't me. I've used the same profile forever. I know I'm not confusing it with Opera, which I rarely use.

Thanks for your time

Anonymosity
 
Posts: 8141
Joined: May 7th, 2007, 12:07 pm

Post Posted June 22nd, 2009, 4:10 pm

Setting network.http.sendRefererHeader to 1 seems to me to be a good compromise. If you block referers completely, you will run into problems with some sites when trying to navigate between different pages. I did not see any reason why the site serving an image should know where I came from, so I blocked that with that setting. With Windows, I have a great Proxomitron filter for referers which checks the host name of the page to be loaded against the referer host name and if they are different, it changes the referer. If the host names are the same, it does nothing. That filter has never caused any problems for me, and it minimizes snooping on the part of web servers.

Bluefang

User avatar
 
Posts: 7846
Joined: August 10th, 2005, 2:55 pm
Location: Vermont

Post Posted June 22nd, 2009, 4:34 pm

By the way, this topic was discussed for 4 years
https://bugzilla.mozilla.org/show_bug.cgi?id=55477

Also, in perusing bug reports, I came across this extension, which you might like

https://addons.mozilla.org/de/firefox/addon/953
There have always been ghosts in the machine... random segments of code that have grouped together to form unexpected protocols. Unanticipated, these free radicals engender questions of free will, creativity, and even the nature of what we might call the soul...

Return to Firefox General


Who is online

Users browsing this forum: No registered users and 5 guests