unless your browser's adding headers to note what site you're clicking that link on, which uh stop using chrome I guess
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like "https://hexbear.net")
Edit: This is true only if the site you're on doesn't set a different referrer policy! And Lemmy does set a safer referrer policy, see below
You're right! I'm on Firefox and I just figured out how to test it and it seems Lemmy's web UI thing sets the referrer policy to same-origin which means no referrer information is sent when navigating to a different domain.
But my copy of Firefox's default referrer policy is set to strict-origin-when-cross-origin so it would have sent "https://hexbear.net" if the referrer policy was not set.
My bad, I should have checked first to be sure. I would hate to be a web developer lol
As far as I know, all major browsers (Firefox, Safari, Chrome) at least send the host you came from in the referrer header (like "https://hexbear.net")
Edit: This is true only if the site you're on doesn't set a different referrer policy! And Lemmy does set a safer referrer policy, see below
Weird, I tested it by clicking the lemmy.ml link and didn't see a referer header in the request headers.
You're right! I'm on Firefox and I just figured out how to test it and it seems Lemmy's web UI thing sets the referrer policy to
same-originwhich means no referrer information is sent when navigating to a different domain.But my copy of Firefox's default referrer policy is set to
strict-origin-when-cross-originso it would have sent "https://hexbear.net" if the referrer policy was not set.My bad, I should have checked first to be sure. I would hate to be a web developer lol
Just a nightmare interaction of various RFCs and their consequences.