WebKit nightlies support HTML5 noreferrer link relation
Posted by Nate Chapin on Thursday, November 19th, 2009 at 10:18 amWebKit nightlies now support the HTML5 noreferrer link relation, a neat little feature that allows web developers to prevent browsers from sending the Referrer: header when navigating either <a> or <area> elements. Just add noreferrer in the rel attribute of a link like so:
<a href="www.example.com" rel="noreferrer">noreferrer!</a>
When example.com receives the HTTP request generated by clicking this link, the HTTP Referer field will be empty, as if the user had navigated from about:blank.
When rel=”noreferrer” is used in conjunction with target=”_blank”, WebKit will also set the window.opener attribute to null. This usage is interpreted as a request from the web page author that any scripts on the destination page should be run in a new context, even if the destination page would normally be considered to be of the same origin.
The noreferrer link relation is one of many link relations defined in the HTML5 spec, and the first to be implemented in WebKit. We hope it will make life a little easier for web developers who have concerns about user privacy and security.
November 19th, 2009 at 2:42 pm
Now this is something that is quite handy. Looking forward to development again (at least more than we were) now that the X/HTML path has been clarified somewhat.
November 19th, 2009 at 8:27 pm
Can you guys put a progress bar on the site showing WebKit’s progress in implementing CSS3 and HTML5? Or just a list somewhere of supported features?
November 20th, 2009 at 1:33 am
It’ll be interesting to see what this does to anti-hotlinking scripts which cover hyperlinks as well as image embedding. I hope they don’t overreact and make it so that direct, copy-pasted links are useless.
November 21st, 2009 at 4:00 pm
What… you didn’t propagate the misspelling?
In all serious, I’m surprised that the HTML5 spec didn’t just declare rel=”noreferer” an accepted variant of rel=”noreferrer.” Seems the variation is practically guaranteed to cause some confused web developers (especially non-native English speakers).