Sets a Referrer Policy that suppresses the HTTP referer (sic) header when clicking on links from Tiny Tiny RSS to external websites. Totally coincidentally, by excluding this header TT-RSS will also bypasses some anti-image hotlinking systmes that looks for this header from non-whitelisted origins. *cough*
The tiny tiny attached patch will thus slightly boost privacy of private Tiny Tiny RSS installations and bypass some image hotlinking countermeasures.
[patch] Don’t send HTTP referrer headers to keep installations a little more private
[patch] Don’t send HTTP referrer headers to keep installations a little more private
- Attachments
-
- no-referrer.git.patch
- (838 Bytes) Downloaded 156 times
- fox
- ^ me reading your posts ^
- Posts: 6318
- Joined: 27 Aug 2005, 22:53
- Location: Saint-Petersburg, Russia
- Contact:
Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private
this makes sense, i guess
-
- Bear Rating Trainee
- Posts: 1
- Joined: 03 Jun 2016, 11:24
Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private
Chrome doesn't seem to recognize "none" as a valid referrer policy, it ignores the meta tag and goes with its default. The full error message (which includes its list of valid referrer policies) is in the image i attached.
- Attachments
-
- 2016-06-03 01_22_13-(6) Tiny Tiny RSS.png (8.89 KiB) Viewed 4969 times
- fox
- ^ me reading your posts ^
- Posts: 6318
- Joined: 27 Aug 2005, 22:53
- Location: Saint-Petersburg, Russia
- Contact:
Re: [patch] Don’t send HTTP referrer headers to keep installations a little more private
yeah "none" is not in the draft, probably should be set to no-referrer
Who is online
Users browsing this forum: No registered users and 11 guests