Logg inn
Førehandsvising Auto Referer

Auto Referer av GarryW

Tilgjengeleg på Firefox for Android™

Control HTTP referer to protect privacy and not break web. And this is the addon (maybe the only one?) that deals with the 'document.referrer' bug

Du treng Firefox for å bruke denne utvidinga
Last ned Firefox og få utvidinga
Last ned fil
307
Brukarar
8
Vurderingar
4 stjerner
5
5
4
1
3
0
2
1
1
1
Om denne utvidinga
Control HTTP referer to protect privacy and not break web.

Notice: Due to browser bug on javascript document.referrer on Firefox 69+ (1601496, 1601743) (also on Chrome), using a regular referer controlling addon you can get 70% of expected protection until they fix that bug.

So, we've implemented a workaround to improve protection to 85%. Please enable workaround in addon settings (Firefox only currently).

Referer policy:
  1. For webs' top frame (i.e. clicking link, navigating, redirecting etc.):
    1. If origin and target url have same domain, allow trimmed referer
    2. If origin and target url have different domain, no referer
  2. For in-page resources (images, videos, js, css etc.), allow trimmed referer (this is the key to not break most webs, also a balance between privacy and experience)
  3. Trim referer: Any referer should be no more than http(s)://domain-name:port/ (like Firefox's native about:config setting network.http.referer.trimmingPolicy = 2).
  4. Not allow referer that not starts with "http" or "https". (Please feedback if you find something broken due to this)
  5. No referer when downgrade from HTTPS/WSS to HTTP/WS
We believe that can protect privacy enough and won't break web.

document.referrer bug workaround
This addon doesn't use content script. Content script hiding document.referrer is not 100% reliable.
We use this workaround to kill document.referrer:
Cancel all cross-domain navigating requests and make freshnew ones, like directly hit (currently only implemented for GET method, other methods remain as is)


Fallback operation
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
  • this one tab
  • this one tab and new tabs opened by this tab
  • this one window (Firefox only)
  • globally
(above can be set as keyboard shortcuts)
there's showy toolbar button badge indicating disabling status.

Allowlist
We currently have built-in allowlist (hard-coded. user-define allowlist not yet implemented), for the purpose of not breaking some websites. Some companies have many different websites with different domains. Some of their functionality are based on redirecting between their websites. Some of them check referer.

User can view the allowlist in addon options. Click and expand the list to see. Or view the up-to-date built-in allowlist here: https://github.com/garywill/autoReferer/blob/master/whitelist.js

Disclaimer
This open souce addon comes with no warranty. Use on you own risk!
Vurder opplevinga di
Kva synest du om Auto Referer?

Stjernevurdering lagra

LøyveLes meir

Dette tillegget treng å:

  • Få tilgang til nettlesarfaner
  • Tilgang tiil dataa dine frå alle nettsider
Meir informasjon
Lenker for tillegg
Versjon
0.8.51
Storleik
35,74 KB
Sist oppdatert
9 månader sidan (1. aug. 2024)
Liknande kategoriar
Lisens
GNU General Public License v2.0 only
Versjonshistorikk
Etikettar
Rapporter dette tillegget
Legg til i samling
Fleire utvidingar av GarryW