On Mon, Jun 13, 2011 at 3:48 PM, Mike Perry <mikeperry@torproject.org> wrote: > I also realized that Sid's idea has a converse that I thought should > be mentioned. There could be an inheritable attribute that allows > sites to request unrestricted referer transmission in a > default-off/restricted referer situation (like Private Browsing Mode). > The chrome could ask for user permission to transmit unrestricted > referers for this site, but in reality I don't think any UI is needed > from a security sense, because sites can smuggle whatever they want > into URL parameters anyways. > > You then solve the "sites screaming bloody murder" point, and referer > transmission at least becomes more explicit instead of easily confused > with negligence and oversight. I like this, very much. Nico --Received on Monday, 13 June 2011 22:18:12 UTC
This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:19 UTC