Auto Referer
Overview
Auto Referer is a Chrome extension developed by Garywill.
According to the data from Chrome web store, current version of Auto Referer is 0.8.25, updated on 2023-01-29.
149 users have installed this extension.
No user have rated this extension yet.
developer website: garywill.github.io
Control referer to protect privacy and not break web
Control HTTP Referer to protect privacy and not break web. Open source at https://github.com/garywill/autoReferer
Referer policy:
1. For webs' top frame (i.e. clicking link, navigating, redirecting etc.):
1). If origin and target url have same domain, allow trimmed referer
2). If origin and target url have different domain, no referer
2. For in-page resources (images, videos, js, css etc.), allow trimmed referer (this is **the key to not break** most webs, also a balance between privacy and experience)
3. Trim referer: Any referer should be no more than `http(s)://domain-name:port/`
4. Not allow referer that not starts with "http" or "https". (Please feedback if you find something broken due to this)
5. No referer when downgrade from HTTPS/WSS to HTTP/WS
We believe that can protect privacy enough and won't break web.
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
- this one tab
- this one tab and new tabs opened by this tab
- this one window (Firefox only)
- globally
(above can be set as keyboard shortcuts)
there's showy toolbar button badge indicating disabling status.
## Notice
Due to browser bug on javascript `document.referrer` , using a regular referer controlling addon you can get 70% of expected protection until they fix that bug.
So, we've implemented a workaround to improve protection to 85%. Please enable workaround in addon settings .
This addon doesn't use content script. Content script hiding `document.referrer` is not 100% reliable.
Instead, we use this workaround to kill `document.referrer`:
Cancel all cross-domain navigating requests and make freshnew ones, like directly hit (currently only implemented for GET method and main frame, other methods and sub-frames remain as is)
## Allowlist
Currently it has hard-coded allowlist.
## Disclaimer
This open souce addon comes with no warranty. Use on you own risk!