Auto Referer by garywill
Control HTTP referer to protect privacy and not break web. And this is the addon (maybe the only one?) that deals with the 'document.referrer' bug
You'll need Firefox to use this extension
Extension Metadata
About this extension
Control HTTP referer to protect privacy and not break web.
Notice: Due to browser bug on javascript
So, we've implemented a workaround to improve protection to 85%. Please enable workaround in addon settings (Firefox only currently).
Referer policy:
This addon doesn't use content script. Content script hiding
We use this workaround to kill
Cancel all cross-domain navigating requests and make freshnew ones, like directly hit (currently only implemented for GET method, other methods remain as is)
Fallback operation
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
there's showy toolbar button badge indicating disabling status.
Allowlist
Currently it has hard-coded allowlist.
Disclaimer
This open souce addon comes with no warranty. Use on you own risk!
Notice: Due to browser bug on javascript
document.referrer on Firefox 69+ (1601496, 1601743) (also on Chrome), using a regular referer controlling addon you can get 70% of expected protection until they fix that bug. So, we've implemented a workaround to improve protection to 85%. Please enable workaround in addon settings (Firefox only currently).
Referer policy:
- For webs' top frame (i.e. clicking link, navigating, redirecting etc.):
- If origin and target url have same domain, allow trimmed referer
- If origin and target url have different domain, no referer
- For in-page resources (images, videos, js, css etc.), allow trimmed referer (this is the key to not break most webs, also a balance between privacy and experience)
- Trim referer: Any referer should be no more than
http(s)://domain-name:port/(like Firefox's nativeabout:configsettingnetwork.http.referer.trimmingPolicy = 2). - Not allow referer that not starts with "http" or "https". (Please feedback if you find something broken due to this)
- No referer when downgrade from HTTPS/WSS to HTTP/WS
document.referrer bug workaroundThis addon doesn't use content script. Content script hiding
document.referrer is not 100% reliable.We use this workaround to kill
document.referrer: Cancel all cross-domain navigating requests and make freshnew ones, like directly hit (currently only implemented for GET method, other methods remain as is)
Fallback operation
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
- this one tab
- this one tab and new tabs opened by this tab
- this one window (Firefox only)
- globally
there's showy toolbar button badge indicating disabling status.
Allowlist
Currently it has hard-coded allowlist.
Disclaimer
This open souce addon comes with no warranty. Use on you own risk!
Rate your experience
Report this add-on
If you think this add-on violates Mozilla's add-on policies or has security or privacy issues, please report these issues to Mozilla using this form.
Please don't use this form to report bugs or request add-on features; this report will be sent to Mozilla and not to the add-on developer.
PermissionsLearn more
This add-on needs to:
- Access browser tabs
- Access your data for all websites
More information
- Add-on Links
- Version
- 0.8.32
- Size
- 35.18 KB
- Last updated
- 21 days ago (Nov 8, 2023)
- Related Categories
- License
- GNU General Public License v2.0
- Version History
- Tags
Add to collection
Release notes for 0.8.32
change how whitelist work on HTTP header modifying
More extensions by garywill
There are no ratings yet- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet
- There are no ratings yet