Users

Download Referer Privacy Guard Extension for FF files

Not what you're looking for?

SourceForge.net hosts over 100,000 Open Source projects. You may find what you're looking for by searching our site or using our Software Map.

You may also want to consider these similarly-categorized projects:

Project Information

About this project:

This is the Referer Privacy Guard Extension for FF project ("refererprivacyg")

Referer Privacy Guard

Introduction:

We developed this extension while working on a Cross-Site-Request-Forgery (CSRF) research project. Referer headers are very useful in detecting and preventing CSRF, however, many users choose not to send a Referer when they browse because of potential privacy concerns. The Referer field data allows the server to identify the source of a particular client request. The Referer header contains the address of the previous web page from which the current REQUEST was generated. A major side effect is that these back-links expose the browsing history of the user. Such sensitive information could be used to violate user privacy and track them across the web. Moreover, corporate organizations are concerned with storing such confidential information that might get disclosed by the use of referers. However, privacy is not violated by presence/existence of data (like log files). Privacy is breached with the flow of information related to such data. So it doesn't matter WHAT websites the user browses to, it's the ORDER they browse in that matters.

How the extension works:

Referer Privacy Guard sends http requests to random websites pulled from the user's browsing history at a user specified time interval. So if the user sets the interval to be 12000, a request will be sent every 12000 milliseconds, or every 12 seconds. Because the request is sent from the user's browser but they did not actually want to browse to that website at the time, their real browsing pattern is broken up by the requests the extension sends. The garbage (extension generated) requests are sent with AJAX. The Same Origin Policy does not apply to these requests as they are coming from an extension installed in the user's browser.

About SourceForge.net:

SourceForge.net is the world's largest provider of hosting for Open Source software development projects. SourceForge.net provides a variety of services to projects, including a download mirror network, collaborative development tools (like CVS and Subversion), and tools to support discussion and support. These services are provided to projects and their end-users free-of-charge.

About Open Source:

Of benefit to users, Open Source software is licensed so you can download and use the software free-of-charge. The source code for this software is made available free-of-charge, you (or a programmer you hire) can make changes to this software to better meet your needs, and you can release your changed code back to the community passing the benefit on to other users.

The exact license terms used by this project on their project summary page and in the licensing documents included in their downloads.

Developers

Join this project:

To join this project, please contact the project administrators of this project, as shown on the project summary page.

Get the source code:

Source code for this project may be available as downloads or through the CVS or Subversion SCM repository used by the project, as accessible from the project summary page.

If you are a web page developer interested in this project, please consider reaching out to the project admin (per the "Join this project" section, above) to offer your assistance.