Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Netscape Referer header considered harmful?
From: ericm () LNE COM (Eric Murray)
Date: Wed, 6 Aug 1997 12:47:49 -0700

Ronald L. Parker writes:
I found something I consider mildly disturbing while browsing my
referer log stats today.  Viewers to our site today have been referred
from the following URLs:


As you can see, this is a cross-platform problem.  What I don't know
is whether these were sent by people just picking the bookmark from
the dropdown or by people using their bookmarks file as a home page.
Not having Communicator myself, and not planning to get it any time
soon, I can't test this.  In any case, file: URLs should be private.

[why leaking Referrer is bad]

Check out my 'cookie jar' program.  It blocks cookies, ads
and Referrer (and it'll lie about User-Agent if you wish).


Eric Murray  Chief Security Scientist  N*Able Technologies  www.nabletech.com
(email:  ericm  at  lne.com   or   nabletech.com)          PGP keyid:E03F65E5

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]