On Fri, Nov 16, 2012 at 5:41 PM, Nick <suckless-...@njw.me.uk> wrote: > On Fri, Nov 16, 2012 at 05:22:01PM +0100, Hiltjo Posthuma wrote: > >> For privacy reasons it's probably best to only pass the referrer >> if the target download uri is from the same site. > > Not sure about this. We happily pass the referrer around everywhere > else. Privoxy allows referrer stripping (and I have used it for > that), I'd be inclined to keep such stuff away from the browser > itself. And some sites would no doubt care about referrer, but be on > a different domain (edge / cloud / mirror / whatever they're called). >
Yeah, thinking about this some more I agree. Besides, you can compare the referrer and download uri anyway in a wrapper download script. So surf shouldnt need to check this.
