在iframe中加载外部网站,但不发送HTTP_REFERER [英] Load external website in iframe but without sending HTTP_REFERER
问题描述
是否可以在iframe中加载外部网站,但不发送HTTP_REFERER?我只是不想被追踪.
Is it possible to load an external website in iframe but without sending HTTP_REFERER ? I just don't want be tracked.
如果有可能,那么如何以及是否没有办法使用divs或其他方法解决?
If it is possible then how and if not then is there any workaround using divs or anything else ?
对于具有外部链接jQuery("a").attr('rel','noreferrer');的锚标签,它可以工作,但是对于iframe,我无法使其起作用.
For anchor tag with external link jQuery("a").attr('rel','noreferrer'); is working, but for iframe I've failed to make it work.
是否有任何脚本(js或jQuery)使其起作用?
Is there any script( js or jQuery ) to make it work ?
推荐答案
这是一个非常简单的解决方案.
在文档<head>标记中使用此标记,就可以了:D
Here's a very simple solution.
Use this in you document <head> tag and you are good to go :D
<meta name="referrer" content="none">
元引荐来源代码标记位于HTML的<head>部分中,
并引用五种状态之一,这些状态控制浏览器如何从您的站点发送引荐来源信息.
The meta referrer tag is placed in the <head> section of your HTML,
and references one of five states, which control how browsers send referrer information from your site.
五个状态是:
-
无:从不传递引荐数据
None: Never pass referral data
降级时无:将引荐来源信息发送到安全的HTTPS站点,但不发送不安全的HTTP站点
None When Downgrade: Sends referrer information to secure HTTPS sites, but not insecure HTTP sites
仅起源:发送去除了完整URL的方案,主机和端口(基本上是子域)作为引荐来源网址,即moz.com/example.html只会发送moz.com
Origin Only: Sends the scheme, host, and port (basically, the subdomain) stripped of the full URL as a referrer, i.e. moz.com/example.html would simply send moz.com
Origin跨源时:当目标具有相同的方案,主机和端口(即子域)(无论是HTTP还是HTTPS)时,发送完整的URL作为引荐来源,同时将仅源引荐信息发送到外部网站. (注意:官方规格中有错字.以后的版本应为"origin-when-cross-origin")
Origin When Cross-Origin: Sends the full URL as the referrer when the target has the same scheme, host, and port (i.e. subdomain) regardless if it's HTTP or HTTPS, while sending origin-only referral information to external sites. (note: There is a typo in the official spec. Future versions should be "origin-when-cross-origin")
不安全的URL:始终将URL字符串作为引荐来源传递.请注意,如果URL中包含任何敏感信息,这不是最安全的选择.默认情况下,URL片段,用户名和密码会自动删除.
Unsafe URL: Always passes the URL string as a referrer. Note if you have any sensitive information contained in your URL, this isn't the safest option. By default, URL fragments, username, and password are automatically stripped out.
参考: https://developer.mozilla.org/zh-CN/docs/Web/HTML/Element/meta
这篇关于在iframe中加载外部网站,但不发送HTTP_REFERER的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
