Confirmed users
908
edits
Security/Referrer: Difference between revisions
→Existing functionality: add defaultPolicy and defaultPolicy.pbmode prefs
(→Further work: new default in PBM has landed) |
(→Existing functionality: add defaultPolicy and defaultPolicy.pbmode prefs) |
||
| Line 27: | Line 27: | ||
* <tt>network.http.referer.spoofSource</tt> | * <tt>network.http.referer.spoofSource</tt> | ||
** true = send the target URL as the referrer | ** true = send the target URL as the referrer | ||
* <tt>network.http.referer. | * <tt>network.http.referer.defaultPolicy</tt> | ||
** set the default referrer policy (which can be overriden by the site) | ** set the default referrer policy (which can be overriden by the site) | ||
** values: | ** values: | ||
| Line 34: | Line 34: | ||
*** 2 = strict-origin-when-cross-origin | *** 2 = strict-origin-when-cross-origin | ||
*** 3 = (default) no-referrer-when-downgrade | *** 3 = (default) no-referrer-when-downgrade | ||
* <tt>network.http.referer.defaultPolicy.pbmode</tt> | |||
** same as above but only for Private Browsing | |||
* <tt>network.http.sendSecureXSiteReferrer</tt> | * <tt>network.http.sendSecureXSiteReferrer</tt> | ||
** false = don't send referrer when going from one HTTPS origin to another (but HTTP is ok) | ** false = don't send referrer when going from one HTTPS origin to another (but HTTP is ok) | ||