Short URL: http://html5.org/r/1119
| SVN | Bug | Comment | Time (UTC) |
|---|---|---|---|
| 1119 | Introducing the rel=noreferer proposal, and other referer header changes. | 2007-11-03 08:44 |
Index: source
===================================================================
--- source (revision 1118)
+++ source (revision 1119)
@@ -1034,14 +1034,16 @@
title="dom-document-referrer"><code>referrer</code></dfn> attribute
must return either the URI of the page which <span
title="navigate">navigated</span> the <span>browsing context</span>
- to the current document (if any), or the empty string (if there is
- no such originating page, or if the UA has been configured not to
- report referrers).</p>
+ to the current document (if any), or the empty string if there is no
+ such originating page, or if the UA has been configured not to
+ report referrers, or if the navigation was initiated for a
+ <span>hyperlink</span> with a <code
+ title="rel-noreferer">noreferer</code> keyword.</p>
<p class="note">In the case of HTTP, the <code
title="dom-document-referrer">referrer</code> DOM attribute will
- match the <code>Referer</code> (sic) header that was sent when
- fetching the current page.</p>
+ match the <code title="">Referer</code> (sic) header that was sent
+ when fetching the current page.</p>
<p>The <dfn title="dom-document-cookie"><code>cookie</code></dfn>
@@ -28759,10 +28761,11 @@
<p>User agents should allow the user to adjust this behaviour, for
example in conjunction with a setting that disables the sending of
- HTTP Referrer headers. Based on the user's preferences, UAs may
- either <span>ignore</span> the <code title="attr-hyperlink-ping">ping</code>
- attribute altogether, or selectively ignore URIs in the list
- (e.g. ignoring any third-party URIs).</p>
+ HTTP <coe title="">Referer</code> headers. Based on the user's
+ preferences, UAs may either <span>ignore</span> the <code
+ title="attr-hyperlink-ping">ping</code> attribute altogether, or
+ selectively ignore URIs in the list (e.g. ignoring any third-party
+ URIs).</p>
<p>For URIs that are HTTP URIs, the requests must be performed using
the POST method (with an empty entity body in the request). User
@@ -28956,6 +28959,13 @@
</tr>
<tr>
+ <td><code title="rel-noreferer">noreferer</code></td>
+ <td><em>not allowed</em></td>
+ <td><span>Hyperlink</span></td>
+ <td>Requires that the user agent not send an HTTP <code title="">Referer</code> header if the user follows the hyperlink.</td>
+ </tr>
+
+ <tr>
<td><code title="rel-pingback">pingback</code></td>
<td><span title="external resource link">External Resource</span></td>
<td><em>not allowed</em></td>
@@ -29354,6 +29364,21 @@
the page.</p>
+ <h5>Link type "<dfn title="rel-noreferer"><code>noreferer</code></dfn>"</h5>
+
+ <p>The <code title="rel-noreferer">noreferer</code> keyword may be
+ used with <code>a</code> and <code>area</code> elements.</p>
+
+ <p>If a user agent follows a link defined by an <code>a</code> or
+ <code>area</code> element that has the <code
+ title="rel-noreferer">noreferer</code> keyword, the user agent must
+ not include a <code title="">Referer</code> HTTP header (or
+ equivalent for other protocols) in the request.</p>
+
+ <p class="note">The HTTP header is misspelt for historical reasons;
+ this keyword is misspelt for consistency.</p>
+
+
<h5>Link type "<dfn title="rel-pingback"><code>pingback</code></dfn>"</h5>
<p>The <code title="rel-pingback">pingback</code> keyword may be