Firefox: Preventing data leaks by stripping path information in HTTP Referrers


#1

https://blog.mozilla.org/security/2018/01/31/preventing-data-leaks-by-stripping-path-information-in-http-referrers/

At first I thought they’ll do that in general, but it’s only in private mode - still a good thing I think!?


#2

I agree, sounds like a good thing in the next version of Firefox! However, as I read on, it seems one might want to not just rely on the default behaviour (emphasis mine):

In Firefox Regular and Private Browsing Mode, if a site specifically sets a more restrictive or more liberal Referrer Policy than the browser default, the browser will honor the websites request since the site author is intentionally changing the value.

So, perhaps a visit to about:config is needed to stop sites from silently reverting the default… There’s documentation here
https://wiki.mozilla.org/Security/Referrer that I have not yet read.