Avatar

Proposal for a small privacy enhancement for the users (Features)

by Auge ⌂ @, Saturday, October 07, 2017, 16:22 (12 days ago)

Hello

Nowadays several big internet companies are tracking the websites one visits, products, one is interested in and so on. It is very hard to not spread this informations to every one known and unknown third party.

Beside browser plugins one can use to minimise ones footstep (i.e. adblockers like uBlock 0, script blockers like NoScript) I found a relatively new meta element that prevents the browser to send the referrer when one follows an external link on a page.

to send absolutely no referrer:

<meta name="referrer" content="no-referrer">

to send no referrer in case of an external link:

<meta name="referrer" content="same-origin">

I found it in the results of a web service named webkoll, that requests a given URL and checks for HTTPS support, first and third party requests i.e. for cookies, web fonts, scripts and so on. Absolute horrible on some pages!

To show examples of different behaviours of websites I'll link the results of the project forum as example #1 and for comparision the results of the website of the german newspaper Frankfurter Allgemeine Zeitung as example #2. The linked results of my requests are stored for one week, starting with october the 7th, 2017.

example #1

- 3 cookies
- 0 third party requests
- to 0 different third parties

example #2

- 36 cookies
- 85 third party requests
- to 41 different third parties

Even it is impossible to stay untracked, I think, it is only fair to the users of a website (and so for the users of a forum) to take the possible, even the small steps. To make the forum accessible (only) via HTTPS is the task for the operator of a forum and nowadays IMHO it should be mandatory to do so, when it's technically possible. To keep the origin of a request hidden is possible with the above mentioned meta element, the browser support is wide enough.

I want to propose the inclusion of <meta name="referrer" content="same-origin"> into the default template. It would make the digital footstep of the users of a forum a bit smaller. It's not for the security of the forum and not for the privacy of the forum operator in the first step (but it can be). It's a primary method to protect the origin of requests of the forum users.

But I want not to forget, that this protection would be foiled by included scripts and plugins of advertising companies, tech giants and social medias like google, facebook and so on.

Any thoughts, pros, contras?

Further readings:

- W3C draft
- introduction on scotthelme.co.uk

Tschö, Auge

--
further development of mlf1


Complete thread:

 RSS Feed of thread

powered by my little forum