At 11:26a +0000 12/31/2001, David Woolley didst inscribe upon an electronic papyrus:
>Suppressing the query string is a policy issue. But why doesn't the lynx.cfg setting have any effect? I think that is a bug! >From the Lynx point of view, I believe it is simply that it might >contain passwords, but, it is also worth noting that if you look at >sample output from web log analysis products you will see that >people analyze the query strings, when the referer is a search >engine, to find the keywords used. This, and the general ability to >do click trailing, including cross site click trailing, mean that a >significant number of people consider Referer to be an invasion of >privacy. With that attitude, Lynx should summarily reject all third-party cookies. It doesn't, and neither should it summarily reject the referer query string. >Because of the privacy issues, you should not write sites that >depend on Referer. They will not only break for Lynx, but also for >people who install proxies that deliberately introduce a bogus >Referer. So I have to write some kind of expiring-token thing then? ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to [EMAIL PROTECTED]
