The HTTPreferer (a misspelling of referrer[1]) is an optional HTTP header field that identifies the address of the webpage (i.e., the URI or IRI), which is linked to the resource being requested. By checking the referrer, the new webpage can see where the request originated.
- '/r9k/ - ROBOT9001' is a board for hanging out and posting greentext stories.
- In 2004, our very own DamageInc created the first 4chan extension as a Firefox add-on. Now, we've implemented these features directly into the site, open sourced it, and invite the community to contribute code and feedback. In addition, we offer a read-only JSON API that you can read more about here.
I'm on firefox/greasemonkey once the script is installed, you'll start seeing a play button next to every /gif/ post. It will probably work on coomer threads too. Once playing you can switch to another tab. If you scroll the playing tab down, browser will stop the current webm and you'll have to resume it. Download 1Blocker X: iOS. Firefox Focus (Android, iOS) (Image credit: Firefox) Firefox Focus is another addition to Mozilla's family of browsers. This one's a privacy-oriented version of.
In the most common situation, this means that when a user clicks a hyperlink in a web browser, the browser sends a request to the server holding the destination webpage. The request may include the referer field, which indicates the last page the user was on (the one where they clicked the link).
Referer logging is used to allow websites and web servers to identify where people are visiting them from, for promotional or statistical purposes.[2] This entails a loss of privacy for the user and may introduce a security risk.
The default behaviour of referer leaking puts websites at risk of privacy and security breaches.[3] To mitigate security risks, browsers have been steadily reducing the amount of information sent in referer. As of March 2021, by default Chrome,[4] Chromium-based Edge, Firefox,[5] Safari[citation needed] default to sending only the origin in cross-origin requests.
Etymology[edit]
The misspelling of referrer was introduced in the original proposal by computer scientist Phillip Hallam-Baker to incorporate the field into the HTTP specification.[6] The misspelling was set in stone by the time of its incorporation into the Request for Comments standards document RFC 1945; document co-author Roy Fielding has remarked that neither 'referrer' nor the misspelling 'referer' were recognized by the standard Unix spell checker of the period.[7] 'Referer' has since become a widely used spelling in the industry when discussing HTTP referrers; usage of the misspelling is not universal, though, as the correct spelling 'referrer' is used in some web specifications such as the Referrer-Policy
HTTP header or the Document Object Model.
Details[edit]
When visiting a web page, the referrer or referring page is the URL of the previous webpage from which a link was followed.
More generally, a referrer is the URL of a previous item which led to this request. The referrer for an image, for example, is generally the HTML page on which it is to be displayed. The referrer field is an optional part of the HTTP request sent by the web browser to the web server.[8]
Many websites log referrers as part of their attempt to track their users. Most web log analysis software can process this information. Because referrer information can violate privacy, some web browsers allow the user to disable the sending of referrer information.[9] Some proxy and firewall software will also filter out referrer information, to avoid leaking the location of non-public websites. This can, in turn, cause problems: some web servers block parts of their website to web browsers that do not send the right referrer information, in an attempt to prevent deep linking or unauthorised use of images (bandwidth theft). Some proxy software has the ability to give the top-level address of the target website as the referrer, which reduces these problems but can still in some cases divulge the user's last-visited webpage.
Many blogs publish referrer information in order to link back to people who are linking to them, and hence broaden the conversation. This has led, in turn, to the rise of referrer spam: the sending of fake referrer information in order to popularize the spammer's website.
It is possible to access the referrer information on the client side using document.referrer in JavaScript.[10] This can be used, for example, to individualize a web page based on a user's search engine query. However, the referrer field does not always include search keywords, such as when using Google Search with https.[11]
Referrer hiding[edit]
Most web servers maintain logs of all traffic, and record the HTTP referrer sent by the web browser for each request. This raises a number of privacy concerns, and as a result, a number of systems to prevent web servers being sent the real referring URL have been developed. These systems work either by blanking the referrer field or by replacing it with inaccurate data. Generally, Internet-security suites blank the referrer data, while web-based servers replace it with a false URL, usually their own. This raises the problem of referrer spam. The technical details of both methods are fairly consistent – software applications act as a proxy server and manipulate the HTTP request, while web-based methods load websites within frames, causing the web browser to send a referrer URL of their website address. Some web browsers give their users the option to turn off referrer fields in the request header.[9]
Most web browsers do not send the referrer field when they are instructed to redirect using the 'Refresh' field. This does not include some versions of Opera and many mobile web browsers. However, this method of redirection is discouraged by the World Wide Web Consortium (W3C).[12]
If a website is accessed from a HTTP Secure (HTTPS) connection and a link points to anywhere except another secure location, then the referrer field is not sent.[13]
The HTML5 standard added support for the attribute/value rel='noreferrer'
, which instructs the user agent to not send a referrer.[14]
Another referrer hiding method is to convert the original link URL to a Data URI scheme-based URL containing small HTML page with a meta refresh to the original URL. When the user is redirected from the data:
page, the original referrer is hidden.
Content Security Policy standard version 1.1 introduced a new referrer directive that allows more control over the browser's behavior in regards to the referrer header. Specifically it allows the webmaster to instruct the browser not to block referrer at all, reveal it only when moving with the same origin etc.[15]
References[edit]
- ^Gourley, David; Totty, Brian; Sayer, Marjorie; Aggarwal, Anshu; Reddy, Sailu (27 September 2002). HTTP:The Definitive Guide. ISBN9781565925090.
- ^Kyrnin, Jennifer (2012-04-10). 'Referrer - What is a Referrer - How do HTTP Referrers Work?'. About.com. Retrieved 2013-03-20.
- ^'Does your website have a leak?'. ICO Blog. 2015-09-16. Archived from the original on 2018-05-24. Retrieved 2018-08-16.
- ^'Referrer Policy: Default to strict-origin-when-cross-origin - Chrome Platform Status'. www.chromestatus.com. Retrieved 2021-03-23.
- ^Lee, Dimi; Kerschbaumer, Christoph. 'Firefox 87 trims HTTP Referrers by default to protect user privacy'. Mozilla Security Blog. Retrieved 2021-03-23.
- ^Hallam-Baker, Phillip (2000-09-21). 'Re: Is Al Gore The Father of the Internet?'. alt.folklore.computers. Retrieved 2013-03-20.
- ^Fielding, Roy (1995-03-09). 'Re: referer: (sic)'. ietf-http-wg-old. Retrieved 2013-03-20.
- ^'Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content (RFC 7231 § 5.5.2)'. IETF. June 2014. Retrieved 2014-07-26.
The 'referrer' [sic] header field allows the user agent to specify a URI reference for the resource from which the target URI was obtained […]
- ^ ab'Network.http.sendRefererHeader'. MozillaZine. 2007-06-10. Retrieved 2015-05-27.
- ^'HTML DOM Document referrer Property'. w3schools.com. Retrieved 2013-03-20.
- ^Gundersen, Bret (2011-10-19). 'The Impact of Google Encrypted Search'. Adobe Digital Marketing Blog. Retrieved 2021-03-17.
- ^'HTML Techniques for Web Content Accessibility Guidelines 1.0: The META element'. W3C. 2000-11-06. Retrieved 2013-03-20.
- ^'Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content: referrer (RFC 7231 § 5.5.2)'. IETF. June 2014. Retrieved 2014-07-26.
A user agent MUST NOT send a referrer header field in an unsecured HTTP request if the referring page was received with a secure protocol
- ^'4.12 Links — HTML Living Standard: 4.12.5.8 Link type 'noreferrer''. WHATWG. 2016-02-19. Retrieved 2016-02-19.
- ^'Content Security Policy Level 2'. W3. 2014. Retrieved 2014-12-08.
External links[edit]
Look up referer or referrer in Wiktionary, the free dictionary. |
- RFC 7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
- RFC 3987: Internationalized Resource Identifiers (IRIs)
Abbreviation | GNAA |
---|---|
Formation | 11 September 2002[1] |
Type | Internet trolls |
Headquarters | Tarzana, Los Angeles, United States[1] |
Affiliations | Goatse Security[2][3][4] |
Website | GNAA corporate website (defunct) |
The Gay Nigger Association of America (often referred to as the GNAA) is an anti-blogging and Internet trolling group (a group that likes causing trouble on the Internet). The group takes their name from the 1992 DanishmovieGayniggers from Outer Space, and the words gay and nigger. They have trolled (made trouble for) many popular websites and Internet people. They have trolled many bloggers, and sites including Slashdot, Wikipedia, and CNN. They have also released software and made available secret information about operating systems. In addition, they maintain a wiki-based site that makes fun of Slashdot posts and have a software archive that has many GNAA coding projects.
Members of the GNAA also started Goatse Security, a grey hat computer safety group. Members of Goatse Security told media groups in June 2010 about a problem located on AT&T's website that made the privacy of people who pre-ordered the iPad public.[5] After the mistake in the website was talked about, the then-president of the GNAA, 'weev', and GNAA member 'JacksonBrown' were arrested by the police.[6]
Beginning and purpose[change | change source]
The group says that it was started in 2002.[1] There is not much information about the group's structure. Researcher Andrew Lih has said that it is not clear if there was a actual group of GNAA members at the start. Also not known is if the first members of the GNAA were online pranksters who used the name in order to disturb or disrupt websites.[7]
The group's name has been causing trouble (known as trolling) on the Internet, having been described as causing 'alarm in anyone with [even a little bit] of good taste',[7] and as being '[amazingly] offensive.'[8] However, the group claims that it is neither racist nor homophobic (fear of or hatred of gay people). GNAA members deny it when people say that they are racist. They say that these words are said only to get people to make angry responses and to undermine or challenge long-standing social norms, and say that the name of the group came from the 1992 Danish satirical blaxploitation movie (an exploitation movie made specifically for an urban, black people audience) Gayniggers from Outer Space.[9]
Trolling[change | change source]
The GNAA uses more than one way of causing damage to the Internet. One way is flooding (making many requests at once) weblogs with a very big amount of words and sentences, called 'crapflooding'.[9][8] They have also made shocking websites that have malware that infects people who visit the sites.[9] One website, 'Last Measure', had malware that opened up pop-up windows that had shocking pictures.[10] On Wikipedia, the group made a page about itself, while following every rule of Wikipedia in order to use the rules against themselves.[7]
They have also attacked many Internet Relay Chat channels using IRC flooding. GNAA used an old but little known way to force users of the Freenode IRC network to flood IRC channels after going to websites that have malware.[11] They also have used bugs in Firefox to crapflood IRC channels.[12] They have also shown people new bugs and problems.[13][14] These actions have sometimes stopped the day-to-day working of big websites such as Slashdot, even making some websites (like 4chan) to shut down for a little bit of time.[15]
In July 2004, two GNAA members sent secret pictures of the future operating systemMac OS X v10.4 to the popular AppleMacintosh news website MacRumors, which read 'With WWDC just days away, the first Tiger information and [pictures] appears to have been leaked. [Sources say] Apple [might give our coders] ... a Mac OS X 10.4 preview copy at WWDC on Monday. The [pictures] were [said to have] come from this [future coder sneak-peek].'[16] Later, when people said that the images were fake, the GNAA made a press release which said that the screenshots were real and said that they had 'trolled' the Apple websites.[17]
In June 2005, the GNAA said that they had made a Mac OS X Tiger release for Intel x86 processors which made media stories from many sources.[18][19][20] The next day, the suspicious leak and was talked about on the G4 show Attack of the Show.[21] The DVD put on BitTorrent just showed an image of Goatse when you started your computer[22] and not the OS X Tiger as many people were led to believe.[23]
On February 3, 2007, the GNAA tricked CNN reporter Paula Zahn into thinking that 'one in three Americans' think that the September 11, 2001 terror attacks were done by Israeli agents.[24] CNN then decided to publish a story, not truthfully reporting this, adding pictures of the GNAA-owned website jewsdidwtc.com The story had a round-table talk about people who hate Jews and a talk with the father of a Jewish 9/11 victim.[25] The GNAA-owned website had claims that 'over 4,000' Jews were not at work at the World Trade Center on 9/11.[25]
Goatse Security[change | change source]
Many members of the GNAA with experience in grey hat[26] computer safety research began giving out details about security problems under the name 'Goatse Security.' Goatse Security takes its name from a shock site called goatse. They chose a new name to publish their work under because they were afraid that their work would not get talked about if given out by the 'Gay Nigger Association of America.'[27]
In June 2010, Goatse Security got attention from the media for their finding of 114,000 email addresses[5] owned by people who pre-ordered Apple's 3G iPad.[3][28] The data was retrieved from AT&T's own servers. The FBI soon investigated the event. This search for the truth led to the arrest of then-GNAA President,[29] Andrew 'weev' Auernheimer, on drug charges that happened because of an FBI search of his house, and were not having anything to do with his hacking.[27][30]
References[change | change source]
- ↑ 1.01.11.2'About GNAA:'. GNAA. Retrieved 10 June 2011.CS1 maint: discouraged parameter (link)
- ↑Emspak, Jesse (2011-01-19). 'The Case Against The iPad Hackers'. International Business Times. Retrieved 2011-03-19.
14. The Goatse Security website describes defendant Auernheimer as having '[e]xtensive offensive web app vuln and business logic exploitation experience. Bash while drunk, perl while tripping, Ruby while living in SF SoMa. Representing anti sec, Bantown and Encyclopedia Drarnatica. President of the GNAA.' Defendant Spitler is described as an 'embedded and mobile devices engineer. PPC assembly. GNAA, obviously.' The Goatse Security website provides a hyperlink to the GNAA website. 15. The GNAA website states that '[t]his website is maintained by the GNAA, world-famous trolling organization.' The GNAA website provides hyperlinks to the Goatse Security website, as well as defendant Auernheimer's LiveJournal weblog.
CS1 maint: discouraged parameter (link) - ↑ 3.03.1Chokshi, Niraj (2010-06-10). 'Meet One of the Hackers Who Exposed the iPad Security Leak'. The Atlantic. Atlantic Media Company. Retrieved 2011-02-25.
Weev rails against Jews in his LiveJournal and he and several other members of Goatse Security claim to be members of the Gay N***** Association of America. In an oddly generous literary reference, Forbes has described him as a modern Shakesperian Puck. Make of that what you will.
CS1 maint: discouraged parameter (link) - ↑Rohr, Altieres (2010-06-11). 'Saiba como ocorreu falha que expôs e-mails de 114 mil usuários do iPad'. Rede Globo (in Portuguese). Retrieved 2010-09-13.
“weev”, um dos integrantes do grupo, já foi citado em outras matérias do grupo Gawker Media, que deu a notícia como “exclusiva”. Ele, assim como outros membros, faz parte da GNAA, a “Associação de Gays Negros da América”. São pessoas que passam boa parte do tempo on-line tentando realizar “trotes” ou trolls. Entre os membros do grupo, e um dos principais da GNAA, está um desenvolvedor do Linux Debian. O “ex presidente” da GNAA, timecop, é conhecido na internet por fazer parte do Dattebayo – fãs que realizaram traduções dos desenhos japoneses Naruto e Bleach. Translation: weev, one of the members of the group, has been quoted by Gawker Media, which broke the news as exclusive. He, like other members, is part of the GNAA, the Gay Nigger Association of America. These are people who spend much of their time online trolling and carrying out practical jokes. One of the principal members of the GNAA is a developer of Linux Debian. The ex-president of the GNAA, timecop, is known on the internet for being part of Dattebayo, a group of fans who translated the Japanese cartoons Naruto and Bleach.
CS1 maint: discouraged parameter (link) - ↑ 5.05.1Apple's iPad Breach Raises Alarms. NPR. Accessed 2010-09-06.
- ↑Nick Bilton and Jenna Worthan (January 18, 2011). 'Two Are Charged With Fraud in iPad Security Breach'. New York Times. Retrieved 19 February 2012.CS1 maint: discouraged parameter (link)
- ↑ 7.07.17.2Lih, Andrew (17 Mar 2009). The Wikipedia Revolution: How a Bunch of Nobodies Created the World's Greatest Encyclopedia. Cambridge, UK: Hyperion. pp. 170–171. ISBN1400110769.
What were some ways to troll and cause trouble? Create an article about something extremely controversial and offensive, but otherwise adhere to every rule of Wikipedia and use the system against itself. This was the case with creating an article that had an intentionally offensive name, the Gay Niggers Association of America. GNAA was a name that caused immediate alarm in anyone with a semblance of good taste. It was a phenomenon for many years in the online tech communities, as legions of trolls attempted to have an article in Wikipedia about the mischievous group. It's not clear a defined group ever existed as GNAA. Supposed GNAA 'members' were simply troublemakers online who unified under a common moniker in an effort to disrupt Wikipedia for amusement.
|access-date=
requires|url=
(help)CS1 maint: discouraged parameter (link) - ↑ 8.08.1KIRKPATRICK, STEWART (2005-11-22). 'Lazy Guide to Net Culture: Dark side of the rainbow'. news.scotsman.com. The Scotsman. Retrieved 2011-03-20.
Such people include trolling organisations. These are individuals who delight in flooding web bulletin boards with crass and offensive comments (aka 'crapflooding'). One such group goes under the spectacularly offensive name of the 'Gay Nigger Association' – revealing themselves to be insecure white kids who have worries about their own orientation.
CS1 maint: discouraged parameter (link) - ↑ 9.09.19.2Dean, Jodi (2010). 'Blog Theory: Feedback and Capture in the Circuits of Drive.'. Cambridge, UK: Polity Press. Retrieved on 2010-08-27.
- ↑Attwood, Feona. Porn.com: making sense of online pornography. Peter Lang. ISBN1433102072. Retrieved 2011-03-20.CS1 maint: discouraged parameter (link)
- ↑Constantin, Lucian (2010-01-30). 'Firefox Bug Used to Harass Entire IRC Network'. Softpedia. Retrieved 2011-03-17.
A group of self-declared Internet trolls, called the GNAA, has used an old but obscure attack method to wreak havoc on the Freenode IRC network. Users were forced to execute IRC commands after visiting maliciously crafted Web pages.
CS1 maint: discouraged parameter (link) - ↑van der Meijs, Sander (2010-02-01). 'Bug in Firefox gebruikt tegen IRC netwerk'. Webwereld (in Dutch). IDG Netherlands. Retrieved 2011-03-17.
Een groep die zichzelf de GNAA noemt heeft voor grote problemen gezorgd bij een IRC netwerk. Ze gebruikten een bug in Firefox om het netwerk te spammen. Translation: A group that calls itself the GNAA has caused major problems in an IRC network. They used a bug in Firefox for the network to spam.
CS1 maint: discouraged parameter (link) - ↑Firefox-based attack wreaks havoc on IRC usersThe Register. Accessed 2010-08-27
- ↑Very Ugly Bug at BarackObama.com. TechCrunch. Accessed 2010-08-27.
- ↑Poole, Christopher. 'DING DONG, 4CHAN IS DEAD'. 4chan. Retrieved 10 June 2011.CS1 maint: discouraged parameter (link)
- ↑Mac OS X 10.4 (Tiger) Screenshots?. MacRumors. Accessed 2010-08-27.
- ↑GNAA (June 26, 2004). 'GNAA Leaks Info about Apple's Next Major OS'. Press release. http://www.gnaa.eu/wiki/pr/2004-06-26-gnaa-tiger. Retrieved 2010-09-06.
- ↑Report: Apple Mac OS X 10.4.1 for Intel hits piracy sites. Accessed 2010-09-06.
- ↑OS X for x86 already in the wild?. Accessed 2010-09-06.
- ↑Mac Hacks Allow OS X on PCs. Wired. Accessed 2010-09-08.
- ↑'Attack of the Show!'. Attack of the Show!. G4. G4. June 2005.
- ↑MacInDell Part Quatre – The Ruby Goldmine. Gizmodo. Accessed 2010-08-27.
- ↑Jumping on the bandwagon: OS X on x86! OMG!. TUAW. Accessed 2010-09-07.
- ↑Welaratna, Deepthi (2007-04-06). 'Terror! Conspiracy! Hoax!'. KQED Arts. KQED. Retrieved 2011-03-18.
The conspiracy theory – found in crevices on the Internet – claims Jews are behind the 9/11 attacks. Surprise! Farfetched anti-Semitic theories abound online! The actual ugly truth here is that CNN uses the parody conspiracy site jewsdidwtc.com as a LEGITIMATE source for the piece, proof of the legions out there who buy into this theory. A cursory click through the site, aided by a sense of humor, quickly makes it clear that this is a joke site, particularly as it is owned and run by the GNAA (visit at your own peril – contains humor some will find distasteful and NSFW). The blunder made all kinds of news online, on Slashdot, Something Awful and Digg. Mostly saying ha ha, the GNAA trolls CNN. The ultimate troll, LOLZ!! It's true, it's hilarious, but it's also very very sad. Neither Boston nor CNN officials are willing to admit their mistakes
CS1 maint: discouraged parameter (link) - ↑ 25.025.1'Paula Zahn Now'. Paula Zahn Now. CNN. CNN. February 3, 2007.
- ↑Apple's iPad security breach reveals vulnerability of mobile devices. Washington Post. Accessed 2010-09-02.
- ↑ 27.027.1Kaiser, Leon. Interview with Mick, Jason. Interview: Goatse Security on FBI Charges Following AT&T iPad Breach (Transcript).DailyTech. 2011-01-19. Assessed on 2011-01-21.
- ↑'Falha de segurança que expõe donos do iPad investigada pelo FBI'. tek (in Portuguese). Sapo.pt. 2010-06-11. Retrieved 2011-03-17.
A falha foi identificada pelo grupo Goatse Security, que pertence à GNAA (associação norte americana de gays e negros). Translation: The flaw was identified by the group Goatse Security, which belongs to the GNAA (Gay Nigger Association of America).
CS1 maint: discouraged parameter (link) - ↑'United States of America v. Daniel Spitler and Andrew Aurenheimer'.
- ↑Hacker in AT&T-iPad security case arrested on drug charges. CNET. Accessed 2010-09-01.
Other websites[change | change source]
- Goatse SecurityArchived 2010-06-15 at the Wayback Machine