Menu

#6 Default Referer Header

closed-fixed
None
5
2002-10-22
2002-10-14
No

I'm simultaneously spamming Radio, AmphetaDesk and
NetNewsWire with this report. It's a minor annoyance I
have with something that seems to have become a defacto
standard among news aggregators.

The default Referer header being sent by AmphetaDesk is
a violation of a "MUST NOT" condition of RFC2616. The
place for advertising the user-agent is in the
User-Agent header, putting it in the referer log as
well is a trifle rude.

The referer should be left blank by default, although
it would still be useful to allow users to set it
manually if they want to point to a page that
identifies them personally, or lists their
subscriptions, things that might almost pass as a valid
referer.

Discussion

  • Morbus Iff

    Morbus Iff - 2002-10-22
    • status: open --> closed-fixed
     
  • Morbus Iff

    Morbus Iff - 2002-10-22

    Logged In: YES
    user_id=69804

    Whilst the current version of AmphetaDesk did allow users to
    change Referers to whatever they wanted, there was no
    front-end to it, as I couldn't think of a decent way of
    explaining it without throwing up "security" warning signals
    for the ignorant ("you're selling user information!? NooOO!").

    As for having a default HTTP Referer, yes, that's true in
    AmphetaDesk. My understanding of the history is such that a)
    Radio started with just the plain old referer. b) there was
    some sort of community discussion thingy, and the Radio
    people added a query string to the original referer, which
    was the user's hosted Radio site, c) AmphetaDesk added the
    ability to modify the Referer, but gave it a starting
    default of the AmphetaDesk website. I'm not sure when or why
    behind the implementations of Aggie and NNWL.

    Regardless, the AmphetaDesk CVS now defaults to NO HTTP
    Referer, and gives people an opportunity to customize it via
    the "My Settings" page.

     
  • Morbus Iff

    Morbus Iff - 2002-10-22
    • assigned_to: nobody --> morbus
     

Log in to post a comment.