Rated 4.3 out of 5
4.3 Stars out of 5
- by Firefox user 10735608, 6 years agoRated 4 out of 5Since Firefox 28 there are three new items in about:config:
network.http.referer.XOriginPolicy: 0=always send, 1=send if base domains match, 2=send if hosts match
network.http.referer.spoofSource: false=real referer, true=spoof referer (use target URI as referer)
network.http.referer.trimmingPolicy: 0=send full URI, 1=scheme+host+port+path, 2=scheme+host+port
Referrer processing is done in this order. Thus, setting XOriginPolicy to 2 makes spoofSource and trimmingPolicy useless if going from a.example.com to b.example.com, since no referrer would be send anyway due to the XOriginPolicy.
If using the three new I'd suggest to set the old network.http.sendRefererHeader to 2 (default, always send referrer).
- by aSILENTfire, 7 years agoRated 3 out of 5Not available for your platform. FF 25.0.1 (latest), Win8 (64)
This is an essential function and should be widely available. Please make this compatible or point me in the direction of something that is.
- by stevie10999, 7 years agoRated 5 out of 5The automatic downloading of the whitelist without user intervention is ok for most but not all. Removing the link in the options stops the download. How can the whitelist.txt be an option or manually setup? Where is it stored? Is it deleted when the browser closes, and then needs to get downloaded again? Other than what is mentioned about the whitelist.txt, the addon works as mentioned.
Reply: Ok, thanks!It's already an option, if you remove the link from the addon's preference page it won't be reinstated unless you write the URL of your whitelist in that box.
It's not stored anywhere, it's just downloaded and set temporarily in the internal state of the addon, it gets downloaded every 24 hours or every time you enable the addon.
- by bwProductions, 7 years agoRated 5 out of 5A minimalistic add-on that does what it says on the tin. Excellent. My only suggestion would be to include an auto-updating rulelist to auto-whitelist major websites that, inevitably, have resulted (and will continue to result) in negative reviews here on AMO. It's important to have a custom whitelist field for fringe cases, but end-users really shouldn't have to whitelist things like disqus.com and api.solvemedia.com on their own.
- by ehoagland66, 7 years agoRated 3 out of 5I've always said that security and privacy are a good thing... up until it interferes with your own access to content.
3 stars for effort. The addon is a good idea in theory.
This addon interferes with viewing content that is served from third-party hosting servers--both enterprise level, and discount alike), such as image hosting, flash media, and video streaming server hosting companies, to name a few, that won't serve the content without a receiving a referrer url from the site that is paying for the hosting to support their portal. This is typically to keep down bandwidth increases resulting from link proliferation due to other services (such as Google Search, for instance.)
This add-on interferes with a lot of sites on the web.If you are multimedia oriented, and spend much of your time looking at video, image sites (like Wallbase.cc), or listening to streaming music, then this add-on is not for you.
If you spend most of your time scanning news websites, reading articles, writing blogs, and doing research, then this add-on is probably a good idea for you, especially if your involved in controversy like 9/11 Truth, research into US banking and Wall Street frauds, and any other type of conspiracy or government cover-up studies.
* Update: The developer brings up a good point... the addon apparently allows you to "white-list" sites. I didn't check for that. :)As any other privacy addon you have to whitelist what you want to happen, and you can do that with this addon too.
It's like saying NoScript and RequestPolicy are bad because they break websites out of the box, you have to configure them, this is true for Smart Referer too.
- by Sea Eagle, 7 years agoRated 4 out of 5I was wondering why a lot of video sites were giving me "video not found" or notices that I needed to visit the video site to play the video (even though I was already there). After I disabled this add-on I was able to view videos on those sites without any problems. Perhaps a whitelist function might be needed in future releases? It was only after I posted this initial review that I found out there were instruction s on preventing this problem on the add-ons home page.
- by Alexander Dietrich, 7 years agoRated 5 out of 5After blocking tracking URLs and cookies, controlling information leakage through Referer headers is another important privacy measure. And this extension makes it pretty much install-and-forget!
- by Trianine, 7 years agoRated 5 out of 5Coming here from the "change referer button" add-on, and breathing a sigh of relief. Now I can have a whitelist so disqus actually works. And I can use my own referer, which is handy. The "dumb referer" used by Change Referer Button was causing websites to not load properly, unless turn off referer spoofing, which renders the tool useless.
- by TGWarez, 7 years agoRated 5 out of 5Review Update: my only complaint against this addon was that it didn't offer a GUI, but since this has changed with version 0.0.8*, I have nothing to complain about thus far.
Very nice addon, keep it up. :)
*) For other users: The new version is still marked as experimental until it gets reviewed by Mozilla but can be had from "complete version history" link at the bottom of the page, if anyone is interested.
[scraped]A simple/minimal GUI for...but nice addon nevertheless.[/scraped]I added an interface to change the settings, you'll find it in the preferences page in the addon manager.
Although this means bumping the minimum version to Firefox 7.0.
If you could bump the stars or add anything else you don't like after the new version is reviewed it would be nice.
- by Occ, 7 years agoRated 5 out of 5Been using this for several months now, and I'd mostly forgotten about it. That's a good thing for an extension like this, in my opinion. I like the additional privacy, and a website I visit is blacklisted from a popular imagehost for silly reasons, which this bypasses. Somewhat ironically, I've noticed it breaks Github in addition to Disqus. Updating the whitelist results in both sites working fine now.Thanks for this useful, minimal add-on.
RE Github: on the Github site the verify email address function wasn't working, and neither was the network graph (would just sit there with the loading animation), until I added it to the same whitelist as Disqus. So really just some minor things were acting strange.
- by expn626, 8 years agoRated 5 out of 5Great add-on! I'll tell you why; it is simple and "just works"! With the recently added white-list support (which i only have needed for disqus thus far) it is close to perfect for its purpose. One thing though, i wish the strict mode would be disabled per default because many bigger sites use content-servers on a sub-domain and if they require referrer then there will be problems. This way ppl trying it out won't just discard it right away because they run into problems with the default options. Also it would be nice with a link to a test page (test by subdomain, domain, and so on) that reports back what referrer it got, so you can see if it works or not, then you could check if you break it by typing in invalid white-list regular expressions and such..Thanks for a great add-on!
Late update/reply to meh (Aug 1, 2013): I read the description of self-referrer -it seems to be appropriate as the default mode, which it is now. Regarding the test-page: I think the new, easier, white-list feature you now have available (wildcards, not reg-exp) is sufficient to weed out most errors. The rest should be test-able by checking the pages in the white-list (example: Disqus). Also I realized anyone can make their own test-page by posting a link to an HTTP header check page like http://xhaus.com/headers in some random forum, then just click the link to see the results! :)You know what? I agree with disabling strict mode by default.
Do you think it would be worth to set as default "self" mode too? It uses as referer the URL you're going to.
About the test page, I can provide a simple .php to put up locally, to test it I usually fill the /etc/hosts with the fake domains I want to test on and change the set of links on the .php page.
Putting it online would be harder because it would require a local DNS server to do the required magic and I don't have the resources to get a VPS for it.
Something I could do about it is a simple JS page on my website where you can test your whitelists against a set of domains.
- by Alek, 8 years agoRated 4 out of 5I appreciate the no-restart nature of this extension, but I believe RefControl is still superior because of a toolbar button allowing easy disabling/enabling and access to per-site rules.
Four stars for a well executed extension, but no five because of the lack of any gui.
EDIT: The developer replied to my review before I edited to remove a silly mistake I'd made, which is what he references in #2. The lack of GUI is by design to prevent people who don't know what they're doing from modifying the extension's behavior. He mentions a way to create a button using Custom Buttons, but the created button will not inform the user via a pressed state or icon change of the enabled/disabled status of Smart Referer. RefControl users who do not create a lot of per-site rules may find Smart Referer to be a simpler solution for them.1. There are other addons that are made for that particular reason, if you look at the homepage you will see how to achieve that with Custom Buttons.
2. This is exactly what this addons does, this is not a general refer handling addon, it's specifically made to provide smart referers, which are made for 3rd party requests. RefControl version of smart referers is just a `referer.host == url.host`.
This addon was *never* made to have a GUI or have many options, you should use it as it comes and change behavior only if you know what you're doing.
To be even more clear, Smart Referer is not in competition with RefControl, they are two completely different addons and they do different things.
Nonetheless using both at the same time will break one or the other, if not both.
Thank you for the review.
- by Firefox user 6342721, 8 years agoRated 3 out of 5I like the concept, as I don't like webistes tracking where I have been...
I had previously been using RefControl 0.8.xx
But through my testing, found it was interfering with Disqus comment system.
Thought I would give this one a go.
But no, Disqus sections of pages still fail to show any comments when Smart-Referer is running.
Tried the suggestion of setting Smart-Referer to loose (?) not strict via FF about:config. So it is now set extensions.smart-referer.strict to 'False'.
But that did not change fact that Disqus comment sections fail to show any comments.
Only when I have turned off (Disabled) Smart-Referer (and RefControl) do Disqus comments display.
(In my eval testing, I would only be testing with one or other of these referral controls, not both at same time.)
Other point that I would suggest, is: There seems no way to know that Smart-Referer is working (assuming I don't care about Disqus issue). So a way to show that Smart-Referer is working would be nice.
As well as a way for it to work that also allows Disqus comments to function.
Thanks. :)There is no way of making Disqus work, the issue is that Disqus uses the referer to work and it can be on any website, thus when the requests go the referer is removed because it's going to the disqus domain from another domain. Unless you add all the websites that use Disqus to the whitelist of RefControl, they won't work. You should tell Disqus to fix the issue because it's nothing we or RefControl guys can do.
If it's enabled, it's working, the whole point of the addon is to be minimal and not require any fiddling other than the strict mode in case you need to use websites with weird domain setups.
EDIT: ok, I added whitelist support and tested, it now works with Disqus, check the README here: https://github.com/meh/smart-referer for what to do. Keep in mind it will take some time to be reviewed, in the meantime you can use the package in the download section of the page I posted above.
- by Firefox user 6327041, 8 years agoRated 4 out of 5I really like the concept behind this add-on and overall it seems to work really well, but it is not without flaw. In less than 24 hours I've already found one site that does not like it.
With the add-on enabled, I cannot reply to topics on 4chan. Since linking to a previous page, from the same domain, this should not happen... and after disabling Smart Referer, the problem resolves itself.
So it seems like Smart Referer could use a little more tweaking or whitelist support. Beyond that, it seems like a great add-on and I'm looking forward to future releases.
- by philklaus, 8 years agoRated 5 out of 5The plugin should state more exactly what it does.
It seems like it sends the referrer only when requesting resources with the same domain name. AND it considers SUB-DOMAINS to be the SAME domain.
I'm using Firefox 11.0 on Mac OS X 10.8 (dev preview 2) and the plugin seems to work well.
Thanks a lot!
update: Thanks for your response, meh! I think that's a good way to handle it.About subdomains being considered the same domain, I added an option called `extensions.smart-referer.strict` that when disabled will take as same domain the subdomains, by default it will take subdomains as different domains.
It will be there as soon as the reviewers review it.
- by atomizer, 9 years agoRated 4 out of 5good to go so far - can test here...
maybe needs a toolbar button to toggle state?
i miss another ext which, in addition to the referrer, could also spoof the UA. would be nice to see a more comprehensive header manipulation tool that worked on a per-domain basisAbout the state toggling: I made the extension restartless, so you can use the already present functionality in the add-on manager.
It will be there as soon as the new version is reviewed.