Prevent leaking trackable pageview stats to CDNs by default #2391
Labels
Comments
|
This seems like a good thing to do, and should be a pretty easy change, if anyone wants to PR it. |
(I'd PR but I didn't have much time lately, so decided to go issue first in case anyone manages to get to this first) EDIT: ok well in the end it didn't take that long lol. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a kinda continuation of my previous comment here: #2159 (comment) from #2159 .
It would be great if the generated HTML didn't send referrer URLs in headers, thus preventing the CDNs the default access to (very easily trackable) user page load stats by default. In turn, this would allow much better compliance with various privacy protection guidelines, incl. GDPR.
For the beginning, I think that just pasting a
referrerpolicy="no-referrer"into all<link>tags that point to external CDNs would be more than sufficient. See https://developer.mozilla.org/en-US/docs/Web/HTML/Element/link#referrerpolicy for details there.Thanks!
The text was updated successfully, but these errors were encountered: