Re: rel=noreferrer

On 4/8/07, Robert Accettura <robert@accettura.com> wrote:
> This is a very small request.
>
> Currently browsers send a HTTP Referer[1] (er Referrer) when you click
> on a link to another page.  While this is often very useful, there are
> situations where this is less than desirable.  For example this exposes
> the url of an intranet, an has even exposed the session ID's of webmail
> clients among other url sensitive situations.  The typical workaround is
> a "redirect page".  Event his doesn't shield against all situations.
> Take for example those with their own domain name.  If you visit a link
> in an email read through webmail.yourdomain.com your technically giving
> a webmaster who cares a good idea who you are.  The current best fix for
> this is to copy/paste the url into your browser.
>
> My proposal is simply to spec a rel="noreferral" <a
> href="http://robert.accettura.com" rel="noreferral">Link</a> so that a
> website can decide if it's url should be revealed to the linked website.
>
> Yes, this is a small thing.  Though I think it's necessary to allow for
> better control of who gets what information.  There are times where
> referrals aren't really appropriate.
>
> [1] http://www.w3.org/TR/html401/types.html#type-links
>

I do not think you should want to change browser behaviour by using
mark-up since mark-ups main goal is to represent data and not to
manipulate browser behaviour (imho).

--
Rick

Received on Sunday, 8 April 2007 08:43:51 UTC