TechYoYo

Tech for the Cool

HTML5 to include- rel=”noreferrer”

Posted on | January 3, 2010 | 7 Comments

HTML5 is going to include the tag rel=”noreferrer” . This tag will strip out the referrer information. That is the browser will not detect the referrer page. Mark Pilgrim writes in Dive into HTML5

rel=”noreferrer” “indicates that no referrer information is to be leaked when following the link.” No shipping browser currently supports this, but support was recently added to WebKit nightlies, so it will eventually be showing up in Safari, Google Chrome, and other WebKit-based browsers

It’s only use I think would be for BlackHat forums who will not want the target webmaster to know his source of traffic.

What do you think its use would be? Write in the comments.

Marks Pilgrim has written a book HTML5

SocialTwist Tell-a-Friend
Category: Programming
Tags:

Comments

7 Responses to “HTML5 to include- rel=”noreferrer””

  1. kurtseifried
    January 3rd, 2010 @ 1:49 am

    Pretty obvious. Web stats packages/other internal type sites that create HTML documents that contain links to external sites. This prevents information leakage.

  2. Graham
    January 3rd, 2010 @ 4:13 am

    The only reason I can think of is to allow deep linking to resources that have explicitly disallowed this on the server with referrer checking. Not something that HTML should be implementing IMO…

  3. ARSCHFICKundSPERMA
    January 3rd, 2010 @ 5:16 am

    Whenever it is possible to leak private data to the other site that is refered to. Dating sites like gayromeo need this to hide personal facts about the visitor.

  4. Mick June
    January 3rd, 2010 @ 8:10 am

    We have internal testing and administration for ads. I often test the links to make sure we’ve set it up right. However, I wouldn’t want people seeing the address of these pages in referrer info.

    I’ve turned off referral sending in firefox for this reason. There’s nothing nefarious about it, and it’s a bit silly to think it’s only for ‘Black Hat forums’.

  5. Rob Mueller
    January 3rd, 2010 @ 3:44 pm

    As a webmail provider, I would really like this option.

    Our web interface works even if you disable cookies, but that means it has to put the session id in the URL. That would leak session information when you click on a link to an external site. At the moment we have to use a redirect bouncer (with appropriate security checks), but it would be nice if we could just set an attribute on all links within an email instead. It would be nice on img’s with external src attributes as well.

  6. Ryan V
    January 3rd, 2010 @ 6:43 pm

    Page ranking. Search engines will use the tag to affect page ranking scores. If the website doesn’t want referrer information to be sent the link will be interpreted as worthless in page ranking algorithms.

    Hopefully, the end results will be to make comment spam obsolete. If you force all links in your comments to use noreferrer and so have no page rank value, then there is no incentive for the pervasive and subtle comment spam.

    i.e.
    Name: SomeCrap
    Website: same aggregate link spam site
    Comment: Great article very informative and well researched!

  7. arun kamath
    January 4th, 2010 @ 4:50 am

    We do have ‘rel=nofollow’ for that.

Leave a Reply