#30276 closed enhancement (duplicate)

The referer header should be spoofed in TBB

Reported by: randomname213324 Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Critical Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Setting network.http.referer.spoofSource in about:config to true sends the target URL in the referer header. This shouldn't break any websites and it could only be enabled at the safer or safest security settings.

This would stop websites from seeing what website you were previously on from the referer header.

The referer can also be trimmed to reduce the amount of information sent.

A list of all security/privacy related referer options can be found here https://wiki.mozilla.org/Security/Referrer

Child Tickets

Change History (1)

comment:1 Changed 18 months ago by gk

Resolution: duplicate
Status: newclosed

Duplicate of #17228.

Note: See TracTickets for help on using tickets.