alt Hacker NewsI was replying to
> All the big products put an intermediary for that reason
Surely whoever maintains the big products can add headers if they want?
And this is about people who care enough about not showing up in Referer headers to do something about it rather than people in general not understanding the full spec .
Replies
giancarlostoro • last Tuesday at 8:04 PM
The other problem is if you're too big like Google, you cannot assume everyone will honor this, which is why they do these redirects.
➕ show 1 reply
I worked on these big web products before and the answer then was that no, you couldn't trust it to be honored and it would have been considered a privacy incident so better off just having the redirect and having no risk. You can't trust the useragents for example.
Not sure if the reliability of the intentional mechanism has improved enough where this is just legacy or if there's entirely new reasons for it in 2026.