Geeks for your information News Browsers News & Tips v
Firefox 87 to limit the referrer for all cross-origin requests
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Firefox 87 to limit the referrer for all cross-origin requests
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 12,899
Threads: 8,879
Thanks Received: 8,764 in 6,923 posts
Thanks Given: 9,657
Joined: 12 September 18
#1
Information  22 March 21, 14:45
Quote:
[Image: firefox-87-limits-referrer.jpeg]

Mozilla announced plans to trim the referrer that the Firefox web browse sends when requests are made for all cross-origin requests today to improve privacy.

Requests made by the web browser, e.g. to load a webpage, image, CSS stylesheet, or advertisement, includes the referrer. The referrer is usually the URL that users see in the browser's address bar.

Up until now, Firefox and most other browsers, trimmed the referrer only when requests were made from secure sites, e.g. those using HTTPS, to non-secure sites, e.g. those using HTTP.

The URL may provide information to the servers the requests are made to that go beyond the domain name of a site. It may reveal the article title or page a user accessed, and may also include sensitive information such as search queries.

From Firefox 87 on, Mozilla will trim the referrer automatically for all cross-origin requests, e.g. requests from Site A (example.com) to Site B (secondexample.com).

Site B does not known the exact page the request originated anymore from, and other information, such as search queries, are not leaked either anymore to the site.

Instead of submitting the entire referrer, e.g. only the domain name is submitted.  In technical terms, Firefox is moving from the referrer policy "no-referrer-when-downgrade" to "strict-origin-when-cross-origin".
 
Quote:Starting with Firefox 87, we set the default Referrer Policy to ‘strict-origin-when-cross-origin’ which will trim user sensitive information accessible in the URL. As illustrated in the example above, this new stricter referrer policy will not only trim information for requests going from HTTPS to HTTP, but will also trim path and query information for all cross-origin requests. With that update Firefox will apply the new default Referrer Policy to all navigational requests, redirected requests, and subresource (image, style, script) requests, thereby providing a significantly more private browsing experience.

The change is made silently in the background for all users of Firefox 87 or newer. Firefox 87 will be released on March 23, 2021 to the public.
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
VPN brand brings transparent toilet to t...
VPN provider Surfs...Rotem — 15:57
Movies! Movies!
Godzilla x Kong: T...jAcos — 13:44
Microsoft is testing Game Pass ads on th...
Look, another adve...harlan4096 — 11:23
Notepad++ 8.6.7
Notepad++ 8.6.7: ...harlan4096 — 09:23
GFYI [Official] Ashampoo Snap 16 Giveaw...
Thank you and congra...mjcn19 — 03:33

[-]
Birthdays
Today's Birthdays
avatar (43)tiojusop
avatar (40)Damiennug
avatar (38)acoraxe
Upcoming Birthdays
avatar (26)akiratoriyama
avatar (46)Jerrycix
avatar (38)awedoli
avatar (80)WinRARHowTo
avatar (37)axuben
avatar (38)ihijudu
avatar (47)contjrat
avatar (42)knigiJow
avatar (44)1stOnecal
avatar (48)Mirzojap
avatar (34)idilysaju
avatar (38)GregoryRog
avatar (43)mediumog
avatar (38)odukoromu
avatar (44)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>