Changes between Initial Version and Version 39 of Ticket #127


Ignore:
Timestamp:
2013-05-28T17:42:25Z (11 years ago)
Author:
warner
Comment:

I just learned that there's an HTML meta tag specifically to control Referer leakage, and that it's already implemented in a couple of browsers (chrome now, FF in progress, but alas not IE):

The FF bugzilla discussion also mentions some per-link options.

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #127

    • Property Status changed from new to assigned
    • Property Summary changed from smaller XSRF attack still possible to Cap URLs leaked via HTTP Referer header
    • Property Priority changed from minor to major
    • Property Owner set to davidsarah
    • Property Version changed from 0.5.1 to 0.7.0
    • Property Milestone changed from undecided to 1.10.0
    • Property Keywords confidentiality integrity preservation capleak research added