Referer sending options in Firefox

Sending Referer header to the target site after every click on a link is basically revealing URL of the referring site. Several sites mention it as a potential privacy concern but as far as I know there is no UI option in common browsers. Firefox since 28 added “hidden” options for this.

This option can be set in Firefox’s about:config page. You can enter it by typing about:config in the address bar and confirming the alert.

These options control Referer handling:

  • network.http.referer.XOriginPolicy: 0=always send, 1=send if base domains match, 2=send if hosts match
  • network.http.referer.spoofSource: false=real referer, true=spoof referer (use target URL as referer)
  • network.http.referer.trimmingPolicy: 0=send full URL, 1=scheme+host+port+path, 2=scheme+host+port

Some sites doesn’t work correctly if Referer is not sent. Therefore optimal options seem to be network.http.referer.spoofSource=true OR network.http.referer.XOriginPolicy=1.

Based on

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *