On Tue, Sep 15, 2009 at 07:21:32PM +0000, corvid wrote:
Johannes wrote:
Hm... With "same_host" many sites no longer work because they seem to use redirects (e.g. heise.de -> www.heise.de) And once I have entered heise.de, www.heise.de doesn't work either.
I have also found same_host not to have any value.
Generally, is it really a problem if we load url's from other hosts/domains?
Sites have no right to redirect me to unrelated sites, and sites have no right to subject me to images from unrelated sites.
I tend to agree. With your patch I noticed that many popular sites contain 1x1 images from some statistics gathering companies. However I think these images do not really leak additional information as the sites could report your IP address behind the scenes as well. Cheers, Johannes