search

Letractively / fuuka

Automatically exported from code.google.com/p/fuuka
Other
0 stars 0 forks source link

No HTTP Referrer on images when clicked #44

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
On 4chan, all non boards.4chan.org referrers are blocked and replaced with 
http://static.4chan.org/image/4chan-leech.png

I think it would be a nice feature that, by default, you will not send a 
referrer when you click an image on the archived pages.

Thanks.

Original issue reported on code.google.com by losPeni...@gmail.com on 24 Jul 2010 at 11:38

GoogleCodeExporter commented 8 years ago 
Yep, that would be awesome, but websites have zero control over the referer 
header they send for security reasons. There is literally nothing I can do 
about it, you can't even manipulate it with Javascript. Sadly, 
http://dis.4chan.org/derefer.php doesn't work anymore, otherwise I could link 
to there.

You have to deal with it clientside. I'm using RefControl with Firefox with 
<Forge> set for 4chan.org.

Original comment by eksopl on 26 Jul 2010 at 9:28

GoogleCodeExporter commented 8 years ago 
It is possible. You can make a redirect.php that will send to when you click an 
image. There it will contain <meta http-equiv='refresh' content='0; 
url=http://images.4chan.org/board/imageurl.jpg'> ... and then you have the 
image referrer-less!

Original comment by losPeni...@gmail.com on 26 Jul 2010 at 9:37

GoogleCodeExporter commented 8 years ago 
Honto-ni desu ka?!!

Meta refreshes don't send referers? Seriously? I'm going to have to test this.

Original comment by eksopl on 26 Jul 2010 at 10:39

GoogleCodeExporter commented 8 years ago 
Nope.avi, they do not. At least, I am pretty sure... that's what most of those 
"anon redirect sites" use.

Original comment by losPeni...@gmail.com on 26 Jul 2010 at 10:52

GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
Done.

Using the actual image link and ref="noreferrer" for Webkit based browsers 
(Chrome, Safari). Also sending the original link for Opera because it doesn't 
support either method.

Using a refresh redirect for other browsers. Works on Firefox. Should work in 
IE, but I have no way of testing it.

Opera users will have to suck and set it manually:

If you're using Opera and really want to be able to click on images in 
Easymodo, go to Preferences -> Advanced. Pick "Content" from the list on the 
left, then push the "Manage Site Preferences…" button. Click on the "Add…" 
button, type in "4chan.org" under "Site." Then go to the "Network" tab, uncheck 
"Send referrer information." Hit "OK," "Close," "OK." You're done!

Report broken browsers (other than Opera) in here. Or if you have a working 
method for Opera, I'm all ears.

Original comment by eksopl on 9 Oct 2010 at 5:03

GoogleCodeExporter commented 8 years ago 
It might not be practical, but I believe switching to https would do the trick.

"Clients SHOULD NOT include a Referer[sic] header field in a (non-secure) HTTP 
request if the referring page was transferred with a secure protocol." RFC 2616 
§ 15.1.3

Original comment by t.lain...@gmail.com on 6 Jan 2011 at 5:44