[whatwg] <meta name="referrer">

Adam Barth w3c at adambarth.com
Tue Oct 25 16:22:14 PDT 2011

I've written a spec for <meta name="referrer"> and moved the
registration the "Proposals that don't meet the requirements for a
registration" to the "Registered Extensions" section of

Let me know if you have any feedback:


Please find below the use cases and examples from the spec.  (Details
are, of course, in the spec itself.)


= Use Cases =

An author might wish to control the Referer header omitted by a
document for a number of reasons.

== Privacy ==

A social networking site has a profile page for each of its users, and
users add hyperlinks from their profile page to their favorite bands.
The social networking site might not wish to leak the user's profile
URL to the band web sites when other users follow those hyperlinks
(because the profile URLs might reveal the identity of the owner of
the profile).

Some social networking sites, however, might wish to inform the band
web sites that the links originated from the social networking site
but not reveal which specific user's profile contained the links.

== Security ==

A web application uses HTTPS and a URL-based session identifier. The
web application might wish to link to HTTPS resources on other web
sites without leaking the user's session identifier in the URL.

== Trackback ==

A blog hosted over HTTPS might wish to link to a blog hosted over HTTP
and receive trackback links.

= Examples =

This meta element instructs the user agent to omit the Referer header
in all HTTP requests that originate from the document containing the

<meta name="referrer" content="never">

This meta element instructs the user agent to include the document's
origin in the Referer header rather than the full URL of the document:

<meta name="referrer" content="origin">

Note: The user agent will include the origin string in the Referer
header even for links from HTTPS to HTTP resources.

More information about the whatwg mailing list