[tbb-bugs] #30276 [Applications/Tor Browser]: The referer header should be spoofed in TBB
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 23 22:27:12 UTC 2019
#30276: The referer header should be spoofed in TBB
------------------------------+------------------------------------------
Reporter: randomname213324 | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Critical
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+------------------------------------------
Setting `network.http.referer.spoofSource` in about:config to true sends
the target URL in the referer header. This shouldn't break any websites
and it could only be enabled at the safer or safest security settings.
This would stop websites from seeing what website you were previously on
from the referer header.
The referer can also be trimmed to reduce the amount of information sent.
A list of all security/privacy related referer options can be found here
https://wiki.mozilla.org/Security/Referrer
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30276>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list