Changeset 2076 for draft-ietf-httpbis
- Timestamp:
- 01/01/13 02:20:22 (10 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p2-semantics.html
r2075 r2076 2086 2086 is a privacy concern if the referring resource's identifier reveals personal information (such as an account name) or a resource 2087 2087 that is supposed to be confidential (such as behind a firewall or internal to a secured service). Most general-purpose user 2088 agents do not send the Referer header field when the referring resource is a local "file" or "data" URI. A user agent <em class="bcp14">SHOULD NOT</em> send a <a href="#header.referer" class="smpl">Referer</a> header field in a (non-secure)HTTP request if the referring page was received with a secure protocol. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 9.4</a> for additional security considerations.2088 agents do not send the Referer header field when the referring resource is a local "file" or "data" URI. A user agent <em class="bcp14">SHOULD NOT</em> send a <a href="#header.referer" class="smpl">Referer</a> header field in an unsecured HTTP request if the referring page was received with a secure protocol. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 9.4</a> for additional security considerations. 2089 2089 </p> 2090 2090 <p id="rfc.section.5.5.2.p.8">Some intermediaries have been known to indiscriminately remove Referer header fields from outgoing requests. This has the -
draft-ietf-httpbis/latest/p2-semantics.xml
r2075 r2076 2412 2412 user agents do not send the Referer header field when the referring 2413 2413 resource is a local "file" or "data" URI. A user agent &SHOULD-NOT; send a 2414 <x:ref>Referer</x:ref> header field in a (non-secure)HTTP request if the2414 <x:ref>Referer</x:ref> header field in an unsecured HTTP request if the 2415 2415 referring page was received with a secure protocol. 2416 2416 See <xref target="encoding.sensitive.information.in.uris"/> for additional
Note: See TracChangeset
for help on using the changeset viewer.