a couple of patches: referer and image_off
Hi there, - Added a text placeholder: "[IMG]" for img_off mode. - Added a http_referer preference. See details in dillorc2. This couple plays well together. When in img_off mode, non loaded images will show "[IMG]" (or original alt text), and the partial referer helps with getting images from sites that don't allow external sources.
From the updated dillorc2:
# Set the HTTP Referer information (WARNING: affects privacy) * # We use the same URI, not the refering page (to avoid cross-site tracking). # none : No referer at all (full privacy). # host : Default value. Send same URI's hostname (no sensible info is sent). # path : same URI is sent (NO PRIVACY). http_referer=host Note: please read the "*"-marked line twice. ;) -- Cheers Jorge.-
Jorge wrote:
From the updated dillorc2:
# Set the HTTP Referer information (WARNING: affects privacy) * # We use the same URI, not the refering page (to avoid cross-site tracking). # none : No referer at all (full privacy). # host : Default value. Send same URI's hostname (no sensible info is sent). # path : same URI is sent (NO PRIVACY). http_referer=host
What do you mean by "NO PRIVACY"?
On Fri, Feb 01, 2008 at 12:39:41AM +0000, place wrote:
Jorge wrote:
From the updated dillorc2:
# Set the HTTP Referer information (WARNING: affects privacy) * # We use the same URI, not the refering page (to avoid cross-site tracking). # none : No referer at all (full privacy). # host : Default value. Send same URI's hostname (no sensible info is sent). # path : same URI is sent (NO PRIVACY). http_referer=host
What do you mean by "NO PRIVACY"?
I meant that if we send the referring page's path, there would be no privacy. Later I changed the referer approach by using the same URI, which worked surprisingly well on tests, and this new approach obsoleted the comments. Note that "path" is not sending the same URI, it strips the query and fragment parts. In brief, using the same URI, the three options offer good privacy (because no new information is sent), and if we ever enable using the referring page, the old comments apply. i.e. Using Same URI: # none : No referer at all (nothing is sent) # host : Default value. Send same URI's hostname (no new info is sent). # path : same URI is sent (no new info is sent). Using referring page (not implemented): # none : No referer at all (nothing is sent) # host : Default value. Send URI's hostname (referring hostname is known). # path : referring URI is sent (NO PRIVACY, fine grained tracking # of the pages/sites you visit). Using referring page only if hostname matches (not implemented): # none : No referer at all (nothing is sent) # host : Default value. Send URI's hostname (no new info is sent). # path : referring URI is sent (NO PRIVACY, fine-grained per-site # tracking of the pages you visit). I'll fix the comments (of implemented part) upon finishing this thread. Thanks for the question. -- Cheers Jorge.-
linebreaks... diff -pur dillo2/src/IO/http.c dillo2-cur/src/IO/http.c --- dillo2/src/IO/http.c 2008-01-31 23:55:04.000000000 +0000 +++ dillo2-cur/src/IO/http.c 2008-02-01 01:40:08.000000000 +0000 @@ -158,11 +158,11 @@ static char *Http_get_referer(const Dill if (!strcmp(prefs.http_referer, "host")) { referer = dStrconcat("Referer: ", URL_SCHEME(url), "://", - URL_AUTHORITY(url), "/", NULL); + URL_AUTHORITY(url), "/\r\n", NULL); } else if (!strcmp(prefs.http_referer, "path")) { referer = dStrconcat("Referer: ", URL_SCHEME(url), "://", URL_AUTHORITY(url), - URL_PATH_(url) ? URL_PATH(url) : "/", NULL); + URL_PATH_(url) ? URL_PATH(url) : "/", "\r\n", NULL); } if (!referer) referer = strdup("");
participants (2)
-
jcid@dillo.org -
place@gobigwest.com