[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev HTTP_REFERER missing when posting from CGI
|
From: |
David Woolley |
|
Subject: |
Re: lynx-dev HTTP_REFERER missing when posting from CGI |
|
Date: |
Mon, 31 Dec 2001 11:26:46 +0000 (GMT) |
> repost the data, THEN it sends an http_referer, but only the base
> part, not the query string.
Suppressing the query string is a policy issue. From the Lynx point of
view, I believe it is simply that it might contain passwords, but, it
is also worth noting that if you look at sample output from web log analysis
products you will see that people analyze the query strings, when the
referer is a search engine, to find the keywords used. This, and the general
ability to do click trailing, including cross site click trailing, mean that
a significant number of people consider Referer to be an invasion of
privacy.
Because of the privacy issues, you should not write sites that depend on
Referer. They will not only break for Lynx, but also for people who install
proxies that deliberately introduce a bogus Referer.
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden