在Brave中发送XMLHttpRequest时，引荐来源网址是否存在这种行为? [英] Is this behavior with the referrer when sending a XMLHttpRequest in Brave intended?

问题描述

var xhr = new XMLHttpRequest();

xhr.open('GET', 'https://httpbin.org', true);
xhr.send();

在 example.org 上运行上述简单代码时，Chrome devtools中的请求标头显示以下内容:

When running this simple code above from example.org, request headers in Chrome devtools shows this:

Host:httpbin.org
Origin:http://example.org
Referer:http://example.org

在Brave中运行相同的代码时，我得到了:

When running the same code in Brave, I get this:

Host:httpbin.org
Origin:https://example.org
Referer:https://httpbin.org

我觉得引荐来源网址与主机相同，只是一个错误，但也许我缺少了一些东西.我应该举报吗?

I feel that that the referrer being the same that that the host is a bug, but maybe I'm missing something. Should I report this?

推荐答案

此行为是预期的.

当"3rd party cookie block"打开时，我们会欺骗跨域引用.

We spoof cross-origin referer when '3rd party cookie block' is on.

来源

这篇关于在Brave中发送XMLHttpRequest时，引荐来源网址是否存在这种行为?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！