Re: scrub-referrer directive?

On Sat, May 28, 2011 at 1:17 AM, Nico Williams <> wrote:
> On Fri, May 27, 2011 at 11:54 PM, Adam Barth <> wrote:
>> Yeah, the sites that leak data in the paper seem like the types that
>> would be helped more by on-by-default protection.  I'm too scared of
>> what would happen if we nuked Referer by default though.  :(
> Well, just what would happen?

Every analytics tool that provides webmasters with statistics about
what sites send them the most traffic, what search terms people use
when reaching their site, etc. would immediately break.  This would
make webmasters very unhappy.

On the other hand, Trac would stop uselessly, annoyingly, and
non-removably highlighting all the places in the page where search
terms appear, when you come from a search engine.  This would make me
happy, so I guess it's a wash.  ;)

Seriously, removing Referer (or making it origin-only) probably isn't
going to actually break very many sites, since it's already not very
reliable.  But it would sure upset a lot of webmasters, because it
provides a lot of useful info.

Received on Sunday, 29 May 2011 14:20:56 UTC