- From: Robert Accettura <robert@accettura.com>
- Date: Sun, 08 Apr 2007 00:14:54 -0400
- To: public-html@w3.org
- Message-ID: <46186C3E.7070605@accettura.com>
This is a very small request. Currently browsers send a HTTP Referer[1] (er Referrer) when you click on a link to another page. While this is often very useful, there are situations where this is less than desirable. For example this exposes the url of an intranet, an has even exposed the session ID's of webmail clients among other url sensitive situations. The typical workaround is a "redirect page". Event his doesn't shield against all situations. Take for example those with their own domain name. If you visit a link in an email read through webmail.yourdomain.com your technically giving a webmaster who cares a good idea who you are. The current best fix for this is to copy/paste the url into your browser. My proposal is simply to spec a rel="noreferral" <a href="http://robert.accettura.com" rel="noreferral">Link</a> so that a website can decide if it's url should be revealed to the linked website. Yes, this is a small thing. Though I think it's necessary to allow for better control of who gets what information. There are times where referrals aren't really appropriate. [1] http://www.w3.org/TR/html401/types.html#type-links -- Robert Accettura robert@accettura.com
Received on Sunday, 8 April 2007 04:15:28 UTC