Firefox 59 will strip referrer information from URLs while the user is in Private Browsing mode. The measure is meant to safeguard users from accidental data leaks of sensitive information.
Referrer information is a crucial part of how the web and browsers work, but not something that a casual, non-technical user would be aware of.
Referrer info is the information transmitted by a browser when the user clicks on a link. For example, if a user clicks a link for Website 2 on Website 1, the webmaster of Website 2 will know that the new user who landed on his site came from Website 1.
This happens because HTTP requests come with a field named “Referrer Value” that store the origin of an HTTP request.
Referrer info known to cause accidental data leaks
“Referrer Value” is a crucial element for how the web works, being what helps webmasters understand their traffic, and is what helps web analytics companies study the traffic flow between Internet sites.
But “Referrer Value” has also been known to cause issues. For example, in January 2015, the Electronic Frontier Foundation (EFF) discovered that HealthCare.gov had embedded crucial patient information inside URLs. Any user accessing their site and then navigating away to a new link would accidentally expose their details via the “Referrer Value” that often got logged on other sites and web analytics services.
For example, a Referrer Value would contain highly sensitive data such as:
Referer: https://www.healthcare.gov/see-plans/85601/results/?county=04019&age=40&smoker=1&pregnant=1&zip=85601&state=AZ&income=35000Mozilla to strip URL paths in Firefox Private Browsing mode
To fight such scenarios, Mozilla announced this week plans to strip URL paths to the bare bone domain while the user is using Firefox in Private Browser mode.
This means that starting with Firefox 59, scheduled for release in mid-March, the Referrer Value for the above example would become:
Referer: https://www.healthcare.gov/Mozilla says the URL path stripping will be active only in Private Browsing mode, but not the default Firefox browsing state. This is because the organization assumes that users utilizing Private Browsing are looking for privacy while surfing the web and the organization plans to honor this intent.
No plans to strip referrer URL paths in Normal Browsing mode
Further, Mozilla also doesn’t plan to strip referrer information in Normal Browsing mode because such data is crucial to web analytics and this kind of change would cause more harm than good.
“This change prevents site authors from accidentally leaking user data to third parties when their users choose Private Browsing Mode. We made this change only after first ensuring that this would have minimal to no effect on web usability,” said Mozilla privacy engineer Luke Crouch.
But Firefox —even in Private Browsing mode— will ignore this policy in two situations. First is when the website owner uses the W3C Referrer Policy standard to set a custom referrer policy for his website; and second, when users change default referrer options in Firefox, at the browser-level.