Closed GoogleCodeExporter closed 8 years ago
Yep, that would be awesome, but websites have zero control over the referer
header they send for security reasons. There is literally nothing I can do
about it, you can't even manipulate it with Javascript. Sadly,
http://dis.4chan.org/derefer.php doesn't work anymore, otherwise I could link
to there.
You have to deal with it clientside. I'm using RefControl with Firefox with
<Forge> set for 4chan.org.
Original comment by eksopl
on 26 Jul 2010 at 9:28
It is possible. You can make a redirect.php that will send to when you click an
image. There it will contain <meta http-equiv='refresh' content='0;
url=http://images.4chan.org/board/imageurl.jpg'> ... and then you have the
image referrer-less!
Original comment by losPeni...@gmail.com
on 26 Jul 2010 at 9:37
Honto-ni desu ka?!!
Meta refreshes don't send referers? Seriously? I'm going to have to test this.
Original comment by eksopl
on 26 Jul 2010 at 10:39
Nope.avi, they do not. At least, I am pretty sure... that's what most of those
"anon redirect sites" use.
Original comment by losPeni...@gmail.com
on 26 Jul 2010 at 10:52
[deleted comment]
Done.
Using the actual image link and ref="noreferrer" for Webkit based browsers
(Chrome, Safari). Also sending the original link for Opera because it doesn't
support either method.
Using a refresh redirect for other browsers. Works on Firefox. Should work in
IE, but I have no way of testing it.
Opera users will have to suck and set it manually:
If you're using Opera and really want to be able to click on images in
Easymodo, go to Preferences -> Advanced. Pick "Content" from the list on the
left, then push the "Manage Site Preferences…" button. Click on the "Add…"
button, type in "4chan.org" under "Site." Then go to the "Network" tab, uncheck
"Send referrer information." Hit "OK," "Close," "OK." You're done!
Report broken browsers (other than Opera) in here. Or if you have a working
method for Opera, I'm all ears.
Original comment by eksopl
on 9 Oct 2010 at 5:03
It might not be practical, but I believe switching to https would do the trick.
"Clients SHOULD NOT include a Referer[sic] header field in a (non-secure) HTTP
request if the referring page was transferred with a secure protocol." RFC 2616
§ 15.1.3
Original comment by t.lain...@gmail.com
on 6 Jan 2011 at 5:44
Original issue reported on code.google.com by
losPeni...@gmail.com
on 24 Jul 2010 at 11:38