Erasing the HTTP referers

Name
Email
Subject
Comment *
Verification *
File	Select/drop/paste files here
* = required field	[▶ Show post options & limits] Confused? See the FAQ.

Options	Do not bump (you can also write sage in the email field) Spoiler images (this replaces the thumbnails of your images with question marks)
Password	(For file and post deletion.)
Allowed file types:jpg, jpeg, gif, png, webm, mp4, swf, pdf Max filesize is 8 MB. Max image dimensions are 10000 x 10000. You may upload 5 per post.

File: 1440370771400.png (446.54 KB, 591x709, 591:709, 1440369206687.png)

Erasing the HTTP referers Anonymous 08/23/15 (Sun) 22:59:31 dc3d77 No.683

Kind of an after project but

Is there any way to make it so links opened on this website don't send HTTP refs linking back to it?

Anonymous 08/25/15 (Tue) 00:04:12 a05f90 No.699

Use a service like a https://anon.to/

Anonymous 08/25/15 (Tue) 18:54:52 d08a6d No.704

File: 1440528892409.png (497.46 KB, 768x1063, 768:1063, Ţ̲̘̬͇͔̬̭͛͐ͯa͚̳͔̟͖̮̍̓́ͅnͨ̉̾….png)

>>699

I was thinking something like making every link on certain boards being "indirect"(or whatever you call it, I'm not tech savvy) so it doesn't give out HTTP refs. It could be useful for certain boards(/gamergatehq/ comes into mind, then maybe you could argue it should be turned on in /n/).

Anonymous 08/27/15 (Thu) 23:51:58 000000 No.717

>>683

If you're on https, your browser should not attach any referrers as is. http://www.whatismyreferer.com/

Anonymous 08/27/15 (Thu) 23:52:49 000000 No.718

>>717

Fun fact, btw: That means that the onion service does send referrers.

Anonymous 08/30/15 (Sun) 14:23:25 000000 No.748

Referer headers are sent by the browser, so a site is not the place to fix this. There are extensions to prevent cross-site refs; Smart Referer is an example for Firefox. Completely disabling them breaks too many sites, unfortunately — even Infinity doesn't allow posting without the correct referer.

>>718

Your browser is misconfigured. You should fix that if you value anonymity.

Anonymous 08/30/15 (Sun) 16:17:32 8fc0f2 No.749

>>748

>so a site is not the place to fix this.

Oh well.

Anonymous 08/31/15 (Mon) 21:28:44 0735f8 No.772

>>699

Check how 55chan has it done.

Anonymous 09/04/15 (Fri) 12:00:51 000000 No.798

>>748

>Your browser is misconfigured. You should fix that

That's the default TBB configuration. The value network.http.sendRefererHeader is set to 2. There's an easy add-on ( Toggle Referer ) that places a handy toogle button that does one thing only: change the value to 0 when needed. It's exactly the same as changing the value in about:config. Other referer-related add-ons may misbehave with TBB or overall increase your fingerprinting. So, I would not recommend those.

It's impossible to post without sending the referer ( aka network.http.sendRefererHeader set to 0 ) but you can keep it 0 when clicking random links on 8chan's boards and then toggle it back to 2 when posting.

Anonymous 09/16/15 (Wed) 04:58:51 538a0b No.948

>>683

There's a meta tag for that, but last I checked it isn't implemented in browsers. There might be a CSP header field for it too.

Or just use uMatrix like you should be doing already

Anonymous 09/17/15 (Thu) 02:00:16 475174 No.958

>>948

>https://bugzilla.mozilla.org/show_bug.cgi?id=530396

>Support for <a rel="noreferrer"> functionality

>When rel="noreferrer" is added to a link, the referrer shouldn't be sent. See URL to have a testcase.

>Status: RESOLVED FIXED

> Whiteboard: [parity-webkit]

Anonymous 09/17/15 (Thu) 02:02:54 475174 No.959

>https://www.webkit.org/blog/907/webkit-nightlies-support-html5-noreferrer-link-relation/

>WebKit nightlies now support the HTML5 noreferrer link relation, a neat little feature that allows web developers to prevent browsers from sending the Referrer: header when navigating either <a> or <area> elements. Just add noreferrer in the rel attribute of a link like so:

<a href="www.example.com" rel="noreferrer">noreferrer!</a>

>When example . com receives the HTTP request generated by clicking this link, the HTTP Referer field will be empty, as if the user had navigated from about:blank.

>When rel=”noreferrer” is used in conjunction with target=”_blank”, WebKit will also set the window.opener attribute to null.

>Your post contained either a URL shortener or disallowed word because it is commonly used by automated spammers.

wtf

Anonymous 09/17/15 (Thu) 02:06:09 475174 No.960

>>959

https://w3c.github.io/webappsec/specs/referrer-policy/

Anonymous 09/17/15 (Thu) 02:14:45 dfc572 No.961

>>959

Extremely informative. Thank you very much.