Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

이 쓰레드는 보존되었습니다. 만약 도움이 필요하시면 새로운 질문을 올려주세요.

Firefox private browsing trims request referrer headers.

  • 1 답장
  • 1 이 문제를 만남
  • 7 보기
  • 최종 답변자: philipp

matthew.was
matthew.was
more options

A site I develop for checks authenticity by checking a passed value confirming it it valid for a given referring url. The request has a referrer header which in regular windowed firefox is the full url of the requesting site. In private browsing mode the referrer header is only the host part of the url and does not contain the full path. It is the path that is commonly required to verify the site. Is this expected behaviour or a bug?

This has been confirmed both on macOS and Windows 10 using Firefox Quantum 61.0.

A site I develop for checks authenticity by checking a passed value confirming it it valid for a given referring url. The request has a referrer header which in regular windowed firefox is the full url of the requesting site. In private browsing mode the referrer header is only the host part of the url and does not contain the full path. It is the path that is commonly required to verify the site. Is this expected behaviour or a bug? This has been confirmed both on macOS and Windows 10 using Firefox Quantum 61.0.

모든 댓글 (1)

philipp
philipp
  • Moderator
more options

hi, yes that appears to be the intended behaviour accoring to https://blog.mozilla.org/security/2018/01/31/preventing-data-leaks-by-stripping-path-information-in-http-referrers/