[patch] Don’t send HTTP referrer headers to keep installations a little more private

Development-related discussion, including bundled plugins
Hoo-man
Bear Rating Trainee
Bear Rating Trainee
Posts: 1
Joined: 01 Jun 2016, 15:23

[patch] Don’t send HTTP referrer headers to keep installations a little more private

Postby Hoo-man » 01 Jun 2016, 15:32

Sets a Referrer Policy that suppresses the HTTP referer (sic) header when clicking on links from Tiny Tiny RSS to external websites. Totally coincidentally, by excluding this header TT-RSS will also bypasses some anti-image hotlinking systmes that looks for this header from non-whitelisted origins. *cough*

The tiny tiny attached patch will thus slightly boost privacy of private Tiny Tiny RSS installations and bypass some image hotlinking countermeasures.
Attachments
no-referrer.git.patch
(838 Bytes) Downloaded 124 times

User avatar
fox
^ me reading your posts ^
Posts: 6318
Joined: 27 Aug 2005, 22:53
Location: Saint-Petersburg, Russia
Contact:

Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private

Postby fox » 01 Jun 2016, 16:19

this makes sense, i guess

evildarkarchon
Bear Rating Trainee
Bear Rating Trainee
Posts: 1
Joined: 03 Jun 2016, 11:24

Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private

Postby evildarkarchon » 03 Jun 2016, 11:41

Chrome doesn't seem to recognize "none" as a valid referrer policy, it ignores the meta tag and goes with its default. The full error message (which includes its list of valid referrer policies) is in the image i attached.
Attachments
2016-06-03 01_22_13-(6) Tiny Tiny RSS.png
2016-06-03 01_22_13-(6) Tiny Tiny RSS.png (8.89 KiB) Viewed 4358 times

User avatar
fox
^ me reading your posts ^
Posts: 6318
Joined: 27 Aug 2005, 22:53
Location: Saint-Petersburg, Russia
Contact:

Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private

Postby fox » 03 Jun 2016, 12:06

yeah "none" is not in the draft, probably should be set to no-referrer


Return to “Development”

Who is online

Users browsing this forum: No registered users and 4 guests