Mozilla yasintha momwe imapangira mutu wa HTTP Referer mu Firefox 87, yomwe ikuyenera kutulutsidwa mawa. Kuti mulepheretse kutulutsa kwachinsinsi kwa data yachinsinsi, mwachisawawa mukamayendayenda kumalo ena, mutu wa Referer HTTP sudzaphatikizapo ulalo wathunthu wa gwero lomwe kusinthako kudapangidwa, koma malo okhawo. Njira ndi zopempha zidzadulidwa. Iwo. m'malo mwa "Referer: https://www.example.com/path/?arguments", "Referer: https://www.example.com/" idzatumizidwa. Kuyambira ndi Firefox 59, kuyeretsa uku kudachitika mwachinsinsi, ndipo tsopano kukulitsidwa kumayendedwe akulu.
Khalidwe latsopanoli lidzathandiza kupewa kusamutsa deta yosafunikira ya ogwiritsa ntchito ku maukonde otsatsa ndi zinthu zina zakunja. Mwachitsanzo, malo ena azachipatala amaperekedwa, posonyeza kutsatsa komwe anthu ena angapeze zinsinsi, monga msinkhu wa wodwalayo ndi matenda ake. Panthawi imodzimodziyo, kuchotsa zambiri kuchokera kwa Referer kungasokoneze kusonkhanitsa kwa ziwerengero za kusintha kwa eni malo, omwe tsopano sangathe kudziwa molondola adiresi ya tsamba lapitalo, mwachitsanzo, kumvetsetsa kuti kusinthaku kunapangidwa. kuchokera. Zitha kusokonezanso magwiridwe antchito azinthu zina zosinthika zomwe zimasintha makiyi omwe adayambitsa kusintha kuchokera pakusaka.
Kuti muwongolere zochunidwa za Referer, mutu wa Referrer-Policy HTTP umaperekedwa, womwe eni ake amasamba amatha kusokoneza machitidwe osakhazikika pakusintha kuchokera patsamba lawo ndikubweza chidziwitso chonse kwa Referer. Pakalipano, ndondomeko yosasinthika ndi "no-referrer-when-downgrade", kumene Woperekayo samatumizidwa pamene akutsika kuchokera ku HTTPS kupita ku HTTP, koma amatumizidwa mu mawonekedwe athunthu pamene akutsitsa zothandizira pa HTTPS. Kuyambira ndi Firefox 87, ndondomeko ya "strict-origin-when-cross-origin" idzayamba kugwira ntchito, zomwe zikutanthauza kudula njira ndi magawo pamene mutumiza pempho kwa makamu ena pamene mukulowa kudzera pa HTTPS, kuchotsa Wotsutsa pamene akusintha kuchokera ku HTTPS kupita ku HTTPS. HTTP, ndikudutsa Referer wathunthu pazosintha zamkati mkati mwa tsamba limodzi.
Kusinthaku kumagwiranso ntchito pazofunsira zanthawi zonse (maulalo otsatirawa), kulondoleranso zokha, komanso mukatsegula zinthu zakunja (zithunzi, CSS, zolemba). Mu Chrome, kusintha kosasintha kwa "origin-origin-when-cross-origin" kudakhazikitsidwa chilimwe chatha.
Source: opennet.ru