HTML Standard Tracker

Filter

File a bug

SVNBugCommentTime (UTC)
1119Introducing the rel=noreferer proposal, and other referer header changes.2007-11-03 08:44
@@ -1027,28 +1027,30 @@
     search for ::GetDomain ::SetDomain
     http://trac.webkit.org/projects/webkit/browser/trunk/WebCore/dom/Document.cpp
     search for ::domain ::setDomain
   -->
 
 
   <p>The <dfn
   title="dom-document-referrer"><code>referrer</code></dfn> attribute
   must return either the URI of the page which <span
   title="navigate">navigated</span> the <span>browsing context</span>
-  to the current document (if any), or the empty string (if there is
-  no such originating page, or if the UA has been configured not to
-  report referrers).</p>
+  to the current document (if any), or the empty string if there is no
+  such originating page, or if the UA has been configured not to
+  report referrers, or if the navigation was initiated for a
+  <span>hyperlink</span> with a <code
+  title="rel-noreferer">noreferer</code> keyword.</p>
 
   <p class="note">In the case of HTTP, the <code
   title="dom-document-referrer">referrer</code> DOM attribute will
-  match the <code>Referer</code> (sic) header that was sent when
-  fetching the current page.</p>
+  match the <code title="">Referer</code> (sic) header that was sent
+  when fetching the current page.</p>
 
 
   <p>The <dfn title="dom-document-cookie"><code>cookie</code></dfn>
   attribute must, on getting, return the same string as the value of
   the <code title="">Cookie</code> HTTP header it would include if
   fetching the resource indicated by <span>the document's
   address</span> over HTTP, as per RFC 2109 section 4.3.4. <a
   href="#refsRFC2109">[RFC2109]</a></p>
 
   <p>On setting, the <code title="dom-document-cookie">cookie</code>
@@ -28752,24 +28754,25 @@ interface <dfn>SQLStatementErrorCallback</dfn> {
   title="attr-hyperlink-ping">ping</code> attribute's value, strip
   leading and trailing <span title="space character">spaces</span>,
   split the value on sequences of spaces, treat each resulting part as
   a URI (resolving relative URIs according to element's base URI) and
   then should send a request to each of the resulting URIs. This may
   be done in parallel with the primary request, and is independent of
   the result of that request.</p>
 
   <p>User agents should allow the user to adjust this behaviour, for
   example in conjunction with a setting that disables the sending of
-  HTTP Referrer headers. Based on the user's preferences, UAs may
-  either <span>ignore</span> the <code title="attr-hyperlink-ping">ping</code>
-  attribute altogether, or selectively ignore URIs in the list
-  (e.g. ignoring any third-party URIs).</p>
+  HTTP <coe title="">Referer</code> headers. Based on the user's
+  preferences, UAs may either <span>ignore</span> the <code
+  title="attr-hyperlink-ping">ping</code> attribute altogether, or
+  selectively ignore URIs in the list (e.g. ignoring any third-party
+  URIs).</p>
 
   <p>For URIs that are HTTP URIs, the requests must be performed using
   the POST method (with an empty entity body in the request). User
   agents must ignore any entity bodies returned in the responses, but
   must, unless otherwise specified by the user, honour the HTTP
   headers &mdash; in particular, HTTP cookie headers. <a
   href="#refsRFC2965">[RFC2965]</a></p>
 
   <p class="note">To save bandwidth, implementors might wish to
   consider omitting optional headers such as <code>Accept</code> from
@@ -28949,20 +28952,27 @@ interface <dfn>SQLStatementErrorCallback</dfn> {
     </tr>
 
     <tr>
      <td><code title="rel-nofollow">nofollow</code></td> <!-- most used <a rel> value (and sixth most used is "external nofollow") -->
      <td><em>not allowed</em></td>
      <td><span>Hyperlink</span></td>
      <td>Indicates that the current document's original author or publisher does not endorse the referenced document.</td>
     </tr>
 
     <tr>
+     <td><code title="rel-noreferer">noreferer</code></td>
+     <td><em>not allowed</em></td>
+     <td><span>Hyperlink</span></td>
+     <td>Requires that the user agent not send an HTTP <code title="">Referer</code> header if the user follows the hyperlink.</td>
+    </tr>
+
+    <tr>
      <td><code title="rel-pingback">pingback</code></td>
      <td><span title="external resource link">External Resource</span></td>
      <td><em>not allowed</em></td>
      <td>Gives the address of the pingback server that handles pingbacks to the current document.</td>
     </tr>
 
     <tr>
      <td><code title="rel-prefetch">prefetch</code></td>
      <td><span title="external resource link">External Resource</span></td>
      <td><em>not allowed</em></td>
@@ -29347,20 +29357,35 @@ at the first element with the given ID must be treated as if it was cloned and r
   <h5>Link type "<dfn title="rel-nofollow"><code>nofollow</code></dfn>"</h5>
 
   <p>The <code title="rel-nofollow">nofollow</code> keyword may be
   used with <code>a</code> and <code>area</code> elements.</p>
 
   <p>The <code title="rel-nofollow">nofollow</code> keyword indicates
   that the link is not endorsed by the original author or publisher of
   the page.</p>
 
 
+  <h5>Link type "<dfn title="rel-noreferer"><code>noreferer</code></dfn>"</h5>
+
+  <p>The <code title="rel-noreferer">noreferer</code> keyword may be
+  used with <code>a</code> and <code>area</code> elements.</p>
+
+  <p>If a user agent follows a link defined by an <code>a</code> or
+  <code>area</code> element that has the <code
+  title="rel-noreferer">noreferer</code> keyword, the user agent must
+  not include a <code title="">Referer</code> HTTP header (or
+  equivalent for other protocols) in the request.</p>
+
+  <p class="note">The HTTP header is misspelt for historical reasons;
+  this keyword is misspelt for consistency.</p>
+
+
   <h5>Link type "<dfn title="rel-pingback"><code>pingback</code></dfn>"</h5>
 
   <p>The <code title="rel-pingback">pingback</code> keyword may be
   used with <code>link</code> elements, for which it creates an <span
   title="external resource link">external resource link</span>.</p>
 
   <p>For the semantics of the <code
   title="rel-pingback">pingback</code> keyword, see the Pingback 1.0
   specification. <a href="#refsPINGBACK">[PINGBACK]</a></p>
 

|