W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

confidentiality and the referer field

From: Hallam-Baker <hallam@ai.mit.edu>
Date: Thu, 26 Jun 1997 14:51:00 -0400 (EDT)
Message-Id: <199706261851.OAA06437@muesli.ai.mit.edu>
To: http-wg@cuckoo.hpl.hp.com
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/3571
A while back I suggested (and mispelt) the referer field. While nobody
seems to be using it for its intended purpose of making links bidirectional
there is a concern over it inadvertently causing information leakage.

Specifically I I have a confidential document P that links to Q I may want
to instruct browsers not to pass on the referer field. It seems to me that
this would be an easy enhancement to add to the spec but what the best
way of transporting this information is I'm not sure.

Incidentally this change would mean that sites would no longe be able to 
control linking to what are being refered to as "internal" pages, forcing
a user to traverse a site direct from the home page. 

Received on Thursday, 26 June 1997 11:53:05 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:20 UTC