IMozilla iyitshintshile indlela evelisa ngayo i-HTTP Referer header kwiFirefox 87, ecwangciselwe ukukhululwa ngomso. Ukuze uthintele ukuvuza okunokuthi kwenzeke kwedatha eyimfihlo, ngokuzenzekelayo xa uhamba ukuya kwezinye iisayithi, i-Referer HTTP header ayiyi kubandakanya i-URL epheleleyo yomthombo apho utshintsho lwenziwe khona, kodwa kuphela i-domain. Umendo kunye neparameters zesicelo ziyakunqunyulwa. Ezo. endaweni ka-βReferer: https://www.example.com/path/?argumentsβ, βUmbhekisi: https://www.example.com/β uya kuthunyelwa. Ukuqala ngeFirefox 59, oku kucocwa kwenziwa kwimowudi yokukhangela yabucala, kwaye ngoku kuya kwandiswa kwimowudi ephambili.
Ukuziphatha okutsha kuya kunceda ukukhusela ukuhanjiswa kwedatha engadingekile yomsebenzisi kwiinethiwekhi zentengiso kunye nezinye izixhobo zangaphandle. Njengomzekelo, ezinye iindawo zonyango zinikezelwa, kwinkqubo yokubonisa intengiso apho abantu besithathu banokufumana ulwazi oluyimfihlo, olufana nobudala besigulane kunye nokuxilongwa. Ngelo xesha, ukususa iinkcukacha kuMbhexeshi kunokuchaphazela kakubi ukuqokelelwa kwezibalo malunga nokutshintshwa kwabanikazi besayithi, abangeke bakwazi ukucacisa ngokuchanekileyo idilesi yephepha elidlulileyo, umzekelo, ukuqonda ukuba yeyiphi inqaku utshintsho olwenziweyo. ukusuka. Isenokuphazamisa nokusebenza kwezinye iinkqubo zokuvelisa umxholo oguqukayo ocalula izitshixo ezikhokelele ekutshintsheni kwi-injini yokukhangela.
Ukulawula ukucwangciswa kwe-Referer, i-Referrer-Policy HTTP header inikezelwe, apho abanini sayithi banokubhala ngaphezulu ukuziphatha okungagqibekanga kwiinguqu kwisayithi yabo kwaye babuyisele ulwazi olupheleleyo kuMbheki. Okwangoku, umgaqo-nkqubo ongagqibekanga uthi "akukho-referrer-xa-downgrade", apho uMbhexeshi akathunyelwanga xa ehla kwi-HTTPS ukuya kwi-HTTP, kodwa ithunyelwa kwifomu epheleleyo xa ukhuphela izixhobo kwi-HTTPS. Ukuqala ngeFirefox 87, umgaqo-nkqubo othi "imvelaphi engqongqo-xa-imvelaphi" iya kusebenza, okuthetha ukusika iindlela kunye neeparamitha xa uthumela isicelo kwezinye iinginginya xa ufikelela nge-HTTPS, ukususa uMdluliseli xa utshintshela kwi-HTTPS ukuya. HTTP, kunye nokudlulisa iReferensi epheleleyo yotshintsho lwangaphakathi ngaphakathi kwendawo enye.
Utshintsho luya kusebenza kwizicelo eziqhelekileyo zokukhangela (izixhumanisi ezilandelayo), ukuqondisa kwakhona ngokuzenzekelayo, kwaye xa ulayisha izixhobo zangaphandle (imifanekiso, i-CSS, izikripthi). Kwi-Chrome, ukutshintshela okungagqibekanga kwi "strict-origin-when-cross-origin" kwaphunyezwa ehlotyeni elidlulileyo.
umthombo: opennet.ru