W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: Sending Referer [#144]

From: Julian Reschke <julian.reschke@gmx.de>
Date: Mon, 01 Jun 2009 21:14:42 +0200
Message-ID: <4A2428A2.6080205@gmx.de>
To: Adam Barth <w3c@adambarth.com>
CC: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Adam Barth wrote:
> On Mon, Jun 1, 2009 at 11:40 AM, Adam Barth <w3c@adambarth.com> wrote:
>> With regards to the 'null' value, we should try to pick a value that's
>> friendly to regular expressions (i.e., avoids . / [ and similar
>> characters) because many web application firewalls (who would use this
>> value) express their rules in terms of regular expressions.
> One possible value we could use is
> about:blank
> There is an I-D kicking around somewhere that defines the about
> scheme.  The author might be amenable to allowing about:blank to be
> used here (e.g., as a "placeholder" URI when no other URI is
> appropriate).
> Another possibility is to use something like
> about:noreferrer
> and define about:noreferrer to return a resource that describes what
> the value means in the Referer header (e.g., the relevant requirements
> from HTTPbis).

That will be tricky to use, as it would be a downref to a Proposed 
Standard (*). HTTPbis will be (at least) one step ahead on the standards 

BR, Julian

(*) Optimistically.
Received on Monday, 1 June 2009 19:15:27 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC