Not sure why everything online wants to spy on you nowadays...

Can't live without it!
Thanks developer.

FlickR recently started preventing me logging in. Disabling Smart Referer resolved the issue. It's a shame, as it's been a reassuring add-on, but now unusable for me.

Since Firefox 28 there are three new items in about:config:

network.http.referer.XOriginPolicy: 0=always send, 1=send if base domains match, 2=send if hosts match
network.http.referer.spoofSource: false=real referer, true=spoof referer (use target URI as referer)
network.http.referer.trimmingPolicy: 0=send full URI, 1=scheme+host+port+path, 2=scheme+host+port

Referrer processing is done in this order. Thus, setting XOriginPolicy to 2 makes spoofSource and trimmingPolicy useless if going from a.example.com to b.example.com, since no referrer would be send anyway due to the XOriginPolicy.

If using the three new I'd suggest to set the old network.http.sendRefererHeader to 2 (default, always send referrer).

See https://bugzilla.mozilla.org/show_bug.cgi?id=822869

Just what I was looking for. The default whitelist is quite helpful too!

Not available for your platform. FF 25.0.1 (latest), Win8 (64)
This is an essential function and should be widely available. Please make this compatible or point me in the direction of something that is.

Firefox should include this addon by default, it's simple and effective!!! Thank you for taking the time to make this! Five stars all the way!

It works, but when I make a change to the preferences, it seems that I need to restart the browser before the changes can take effect.

I need my own local whitelist like in RefControl

The automatic downloading of the whitelist without user intervention is ok for most but not all. Removing the link in the options stops the download. How can the whitelist.txt be an option or manually setup? Where is it stored? Is it deleted when the browser closes, and then needs to get downloaded again? Other than what is mentioned about the whitelist.txt, the addon works as mentioned.

Reply: Ok, thanks!

amazing! this should be integrated in firefox

A minimalistic add-on that does what it says on the tin. Excellent. My only suggestion would be to include an auto-updating rulelist to auto-whitelist major websites that, inevitably, have resulted (and will continue to result) in negative reviews here on AMO. It's important to have a custom whitelist field for fringe cases, but end-users really shouldn't have to whitelist things like disqus.com and api.solvemedia.com on their own.

I've always said that security and privacy are a good thing... up until it interferes with your own access to content.

3 stars for effort. The addon is a good idea in theory.

This addon interferes with viewing content that is served from third-party hosting servers--both enterprise level, and discount alike), such as image hosting, flash media, and video streaming server hosting companies, to name a few, that won't serve the content without a receiving a referrer url from the site that is paying for the hosting to support their portal. This is typically to keep down bandwidth increases resulting from link proliferation due to other services (such as Google Search, for instance.)

This add-on interferes with a lot of sites on the web.If you are multimedia oriented, and spend much of your time looking at video, image sites (like Wallbase.cc), or listening to streaming music, then this add-on is not for you.

If you spend most of your time scanning news websites, reading articles, writing blogs, and doing research, then this add-on is probably a good idea for you, especially if your involved in controversy like 9/11 Truth, research into US banking and Wall Street frauds, and any other type of conspiracy or government cover-up studies.

* Update: The developer brings up a good point... the addon apparently allows you to "white-list" sites. I didn't check for that. :)

I was wondering why a lot of video sites were giving me "video not found" or notices that I needed to visit the video site to play the video (even though I was already there). After I disabled this add-on I was able to view videos on those sites without any problems. Perhaps a whitelist function might be needed in future releases? It was only after I posted this initial review that I found out there were instruction s on preventing this problem on the add-ons home page.

After blocking tracking URLs and cookies, controlling information leakage through Referer headers is another important privacy measure. And this extension makes it pretty much install-and-forget!

Coming here from the "change referer button" add-on, and breathing a sigh of relief. Now I can have a whitelist so disqus actually works. And I can use my own referer, which is handy. The "dumb referer" used by Change Referer Button was causing websites to not load properly, unless turn off referer spoofing, which renders the tool useless.

Review Update: my only complaint against this addon was that it didn't offer a GUI, but since this has changed with version 0.0.8*, I have nothing to complain about thus far.

Very nice addon, keep it up. :)

*) For other users: The new version is still marked as experimental until it gets reviewed by Mozilla but can be had from "complete version history" link at the bottom of the page, if anyone is interested.

[scraped]A simple/minimal GUI for...but nice addon nevertheless.[/scraped]

Been using this for several months now, and I'd mostly forgotten about it. That's a good thing for an extension like this, in my opinion. I like the additional privacy, and a website I visit is blacklisted from a popular imagehost for silly reasons, which this bypasses. Somewhat ironically, I've noticed it breaks Github in addition to Disqus. Updating the whitelist results in both sites working fine now.Thanks for this useful, minimal add-on.

RE Github: on the Github site the verify email address function wasn't working, and neither was the network graph (would just sit there with the loading animation), until I added it to the same whitelist as Disqus. So really just some minor things were acting strange.

Great add-on! I'll tell you why; it is simple and "just works"! With the recently added white-list support (which i only have needed for disqus thus far) it is close to perfect for its purpose. One thing though, i wish the strict mode would be disabled per default because many bigger sites use content-servers on a sub-domain and if they require referrer then there will be problems. This way ppl trying it out won't just discard it right away because they run into problems with the default options. Also it would be nice with a link to a test page (test by subdomain, domain, and so on) that reports back what referrer it got, so you can see if it works or not, then you could check if you break it by typing in invalid white-list regular expressions and such..Thanks for a great add-on!

Late update/reply to meh (Aug 1, 2013): I read the description of self-referrer -it seems to be appropriate as the default mode, which it is now. Regarding the test-page: I think the new, easier, white-list feature you now have available (wildcards, not reg-exp) is sufficient to weed out most errors. The rest should be test-able by checking the pages in the white-list (example: Disqus). Also I realized anyone can make their own test-page by posting a link to an HTTP header check page like http://xhaus.com/headers in some random forum, then just click the link to see the results! :)

I appreciate the no-restart nature of this extension, but I believe RefControl is still superior because of a toolbar button allowing easy disabling/enabling and access to per-site rules.

Four stars for a well executed extension, but no five because of the lack of any gui.

EDIT: The developer replied to my review before I edited to remove a silly mistake I'd made, which is what he references in #2. The lack of GUI is by design to prevent people who don't know what they're doing from modifying the extension's behavior. He mentions a way to create a button using Custom Buttons, but the created button will not inform the user via a pressed state or icon change of the enabled/disabled status of Smart Referer. RefControl users who do not create a lot of per-site rules may find Smart Referer to be a simpler solution for them.

I like the concept, as I don't like webistes tracking where I have been...
I had previously been using RefControl 0.8.xx
But through my testing, found it was interfering with Disqus comment system.
Thought I would give this one a go.
But no, Disqus sections of pages still fail to show any comments when Smart-Referer is running.
Tried the suggestion of setting Smart-Referer to loose (?) not strict via FF about:config. So it is now set extensions.smart-referer.strict to 'False'.
But that did not change fact that Disqus comment sections fail to show any comments.
Only when I have turned off (Disabled) Smart-Referer (and RefControl) do Disqus comments display.
(In my eval testing, I would only be testing with one or other of these referral controls, not both at same time.)

Other point that I would suggest, is: There seems no way to know that Smart-Referer is working (assuming I don't care about Disqus issue). So a way to show that Smart-Referer is working would be nice.

As well as a way for it to work that also allows Disqus comments to function.

Thanks. :)

I really like the concept behind this add-on and overall it seems to work really well, but it is not without flaw. In less than 24 hours I've already found one site that does not like it.

With the add-on enabled, I cannot reply to topics on 4chan. Since linking to a previous page, from the same domain, this should not happen... and after disabling Smart Referer, the problem resolves itself.

So it seems like Smart Referer could use a little more tweaking or whitelist support. Beyond that, it seems like a great add-on and I'm looking forward to future releases.

Just works, I'm sure webadmins hate stuff like this though hehe.
Thanks.

Works well, I have only one problem: why the hell it isn't included in Firefox's core, enabled by default?

The plugin should state more exactly what it does.
It seems like it sends the referrer only when requesting resources with the same domain name. AND it considers SUB-DOMAINS to be the SAME domain.

I'm using Firefox 11.0 on Mac OS X 10.8 (dev preview 2) and the plugin seems to work well.

Thanks a lot!

update: Thanks for your response, meh! I think that's a good way to handle it.