MozillaZine

Network.http.sendRefererHeader

From MozillaZine Knowledge Base

(Difference between revisions)
Revision as of 19:37, 29 January 2006
Np (Talk | contribs)
(security)
<-- Previous diff
Current revision
Unarmed (Talk | contribs)
(Pref controls document.referrer, too (thanks nosuchuser))
Line 2: Line 2:
==Background== ==Background==
-[[HTTP]] is the application-layer protocol that most web pages are transferred with. As part of HTTP, requests can include a "Referer" ''(sic)'' header that tells the server which page the user was on that initiated the request. Servers use this information to track users' paths through the site and possibly provide additional features. This preference controls when to send the Referer header.+[http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol HTTP] is the application-layer protocol with which most web pages are transferred. As part of HTTP, requests can include a [http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.36 "Referer" ''(sic)'' header] that tells the server which page the user was on that initiated the request. Servers use this information to track users' paths through the site and possibly provide additional features.
 + 
 +Additionally, in JavaScript, the current page’s referrer is exposed in the DOM through <code>[http://developer.mozilla.org/en/docs/DOM:document.referrer document.referrer]</code>. Scripts running on the page can consult this property to see the same information that was sent in the Referer header.
 + 
 +This preference controls when to send the Referer header and set <code>document.referrer</code>.
==Possible values and their effects== ==Possible values and their effects==
===0=== ===0===
-Never send the Referer header.+Never send the Referer header or set <code>document.referrer</code>.
 + 
===1=== ===1===
-Send the Referer header when clicking on a link.+Send the Referer header when clicking on a link, and set <code>document.referrer</code> for the following page.
 + 
===2=== ===2===
-Send the Referer header when clicking on a link or loading an image. (Default)+Send the Referer header when clicking on a link or loading an image, and set <code>document.referrer</code> for the following page. (Default)
==Caveats== ==Caveats==
Line 32: Line 38:
==Related bugs== ==Related bugs==
-* [https://bugzilla.mozilla.org/show_bug.cgi?id=1582 <nowiki>Bug 1582 - [NECKO][webshell] Send HTTP Referer field to server, "network.sendRefererHeader"</nowiki>]+* [https://bugzilla.mozilla.org/show_bug.cgi?id=1582 Bug 1582 - &#91;NECKO&#93;&#91;webshell&#93; Send HTTP Referer field to server, "network.sendRefererHeader"]
* [https://bugzilla.mozilla.org/show_bug.cgi?id=76866 Bug 76866 - http spews many "private" events before any real data events] * [https://bugzilla.mozilla.org/show_bug.cgi?id=76866 Bug 76866 - http spews many "private" events before any real data events]

Current revision

Contents

Background

HTTP is the application-layer protocol with which most web pages are transferred. As part of HTTP, requests can include a "Referer" (sic) header that tells the server which page the user was on that initiated the request. Servers use this information to track users' paths through the site and possibly provide additional features.

Additionally, in JavaScript, the current page’s referrer is exposed in the DOM through document.referrer. Scripts running on the page can consult this property to see the same information that was sent in the Referer header.

This preference controls when to send the Referer header and set document.referrer.

Possible values and their effects

0

Never send the Referer header or set document.referrer.

1

Send the Referer header when clicking on a link, and set document.referrer for the following page.

2

Send the Referer header when clicking on a link or loading an image, and set document.referrer for the following page. (Default)

Caveats

  • Disabling Referer headers may cause some functionality on some sites to no longer work.

Recommended settings

Those concerned with privacy can set this to 0, realizing that this may adversely affect some sites. Those wanting to ensure compatibility should leave it at the default.

First checked in

2001-05-11 by Darin Fisher

Has an effect in

  • Netscape (all versions since 6.1)
  • Mozilla Suite (all versions since 0.9)
  • Mozilla Phoenix (all versions)
  • Mozilla Firebird (all versions)
  • Mozilla Firefox (all versions)
  • SeaMonkey (all versions)
  • Camino (all versions)
  • Minimo (all versions)

Related bugs

Related preferences