W3C home > Mailing lists > Public > public-html@w3.org > April 2007

Re: rel=noreferrer

From: Rick Mans <rickmans@gmail.com>
Date: Sun, 8 Apr 2007 10:43:47 +0200
Message-ID: <de1d4fa90704080143q277390a3t898c7828e74a5980@mail.gmail.com>
To: "Robert Accettura" <robert@accettura.com>
Cc: public-html@w3.org

On 4/8/07, Robert Accettura <robert@accettura.com> wrote:
> This is a very small request.
> Currently browsers send a HTTP Referer[1] (er Referrer) when you click
> on a link to another page.  While this is often very useful, there are
> situations where this is less than desirable.  For example this exposes
> the url of an intranet, an has even exposed the session ID's of webmail
> clients among other url sensitive situations.  The typical workaround is
> a "redirect page".  Event his doesn't shield against all situations.
> Take for example those with their own domain name.  If you visit a link
> in an email read through webmail.yourdomain.com your technically giving
> a webmaster who cares a good idea who you are.  The current best fix for
> this is to copy/paste the url into your browser.
> My proposal is simply to spec a rel="noreferral" <a
> href="http://robert.accettura.com" rel="noreferral">Link</a> so that a
> website can decide if it's url should be revealed to the linked website.
> Yes, this is a small thing.  Though I think it's necessary to allow for
> better control of who gets what information.  There are times where
> referrals aren't really appropriate.
> [1] http://www.w3.org/TR/html401/types.html#type-links

I do not think you should want to change browser behaviour by using
mark-up since mark-ups main goal is to represent data and not to
manipulate browser behaviour (imho).

Received on Sunday, 8 April 2007 08:43:51 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:15:18 UTC