|
|
|
|
|
|
by jsheard
155 days ago
|
|
|
Browsers have clamped down on that somewhat by enforcing stricter referrer policies by default if the originating server doesn't specify one. It used to be a total free for all where everyone could always see the full referring URL, then it was changed to completely blank the referrer on secure-to-insecure transitions, then it was changed again to also blank the path on cross-origin transitions so only the referring origin is revealed. |
|
|