1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone used rel="noreferrer" ?

Discussion in 'BlackHat Lounge' started by umerjutt00, Jan 29, 2016.

  1. umerjutt00

    umerjutt00 Jr. VIP Jr. VIP

    Joined:
    Oct 28, 2011
    Messages:
    3,822
    Likes Received:
    2,061
    Occupation:
    Ninja
    I just found this new rel attribute called "noreferrer". When used in a link, it doesn't pass any referer information in the headers. I tried testing it on firefox/Chrome and it works perfectly. I was thinking of using it in promoting CPA offers for referer blanking. However, I am not sure if it will work on all browsers or not.

    Anyone tried this rel attribute? Does it work on all browsers?

    If you have not tested it before, then please open this test page i have made: http://test-noreferer.pen.io/

    Click the link present on it and see what referrer it shows. Post your results here + which browser you used. Thanks :)
     
    • Thanks Thanks x 1
    Last edited: Jan 29, 2016
  2. Lauriat

    Lauriat Power Member

    Joined:
    Oct 23, 2011
    Messages:
    676
    Likes Received:
    210
    What benefit this tag serves?
     
  3. umerjutt00

    umerjutt00 Jr. VIP Jr. VIP

    Joined:
    Oct 28, 2011
    Messages:
    3,822
    Likes Received:
    2,061
    Occupation:
    Ninja
    The HTTP referer (originally a misspelling of referrer) is an HTTP header field that identifies the address of the webpage (i.e. the URI or IRI) that linked to the resource being requested.

    Using this tag, one can hide that referer information. It can be used for promoting CPA offers or in conditions, where you donot want to reveal the source of traffic.
     
  4. judaculla

    judaculla Jr. VIP Jr. VIP

    Joined:
    Oct 11, 2014
    Messages:
    324
    Likes Received:
    118
    Location:
    USA
    I would be curious to know if Google has any particular opinion of the noreferrer tag, I haven't seen anything to make me feel they do.

    I use this tag on 'autoblog' type sites—sites that I just post snippets from other sites—for the attribution link. For example, I'd have 200-300 words of an article followed by a 'Continue Reading' link at the bottom. That continue reading link would link to the original source, and that is where I use the noferrer tag.

    My though processes being—all to avoid getting sued or receiving a C&D letter—is A.) By not passing referring domain info, webmasters from those sites are much less-likely to ever come across my site and B.) If they did, I'm not outright copying, mis-representing, or claiming ownership.

    In my use, it's basically just an extra step to help keep my sites on the DL.

    For affiliate programs that have strict guidelines on the types of sites that offers can be placed on, I can see how it would be useful as well. Although, you'd still get flagged in the system as having x referrals without any referring domain info so it probably wouldn't be too hard to spot.
     
  5. umerjutt00

    umerjutt00 Jr. VIP Jr. VIP

    Joined:
    Oct 28, 2011
    Messages:
    3,822
    Likes Received:
    2,061
    Occupation:
    Ninja
    I tested this rel attribute on different browsers and found it doesn't work all browsers. Like it doesn't work on Microsoft Edge, Internet Explorer, old browsers and even some browsers on mobile. So I ditched the idea of using that.
     
  6. snarky

    snarky Junior Member

    Joined:
    Nov 21, 2009
    Messages:
    104
    Likes Received:
    58
    A sure fire way to blank the referrer is to pass the visitor from an SSL page to a non-SSL page. The original http standards require that no referrer be passed when leaving a secured page.

    So you could use SSL on your money site, redirect them to another page you own (non-secured), and from that site, use a re-director script to push them to the final destination
     
  7. judaculla

    judaculla Jr. VIP Jr. VIP

    Joined:
    Oct 11, 2014
    Messages:
    324
    Likes Received:
    118
    Location:
    USA
    I'd agree that it'd never be the best approach to completely safeguard oneself—should only be seen as extra 'padding' for reducing a footprint further.
     
  8. royserpa

    royserpa Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 28, 2011
    Messages:
    4,964
    Likes Received:
    3,721
    Gender:
    Male
    Occupation:
    Negative Options aka Rebills!
    Location:
    Exploiting Loopholes!
    Home Page:
    For cpa offers spoof the referer, dont hide it. Better for people to see where your traffic comes from (fake referer) than hiding it :p

    It gets you paid still nowadays xD
     
  9. SebWgnr

    SebWgnr Registered Member

    Joined:
    Apr 19, 2016
    Messages:
    75
    Likes Received:
    57
    Home Page: