[tahoe-lafs-trac-stream] [Tahoe-LAFS] #127: Cap URLs leaked via HTTP Referer header
Tahoe-LAFS
trac at tahoe-lafs.org
Wed Jan 21 19:01:22 UTC 2015
#127: Cap URLs leaked via HTTP Referer header
-------------------------+-------------------------------------------------
Reporter: warner | Owner: davidsarah
Type: defect | Status: assigned
Priority: major | Milestone: soon
Component: code- | Version: 0.7.0
frontend-web | Keywords: confidentiality integrity
Resolution: | preservation capleak research websec
Launchpad Bug: |
-------------------------+-------------------------------------------------
Comment (by warner):
There's a new "meta referrer" header that's been proposed, which would
allow websites to tell browsers to leave things out of the Referer header,
or to omit it entirely. https://blog.mozilla.org/security/2015/01/21/meta-
referrer/ . Still early, but if it gains momentum, we should turn it on.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/127#comment:43>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list