Feedback Add 'noreferrer' to hyperlinks

[Homocull]

It's not exactly a common occurrence (I've only seen it done twice) but site admins that have beef with KF can exploit the referer header to fuck with anyone coming to their site from this one.
Fresh off the oven example courtesy of TCRF: if you click on a link to their site from the thread, your cookies will be pozzed, IP blacklisted and if logged in your account will be banned

Post in thread 'Video Game Archival Autism / TCRF / Jul / Sonic Retro / And More'

Jun 6, 2025

When I click the link to that pride flag thread, lmao

• 3rdAccountFuckEmail.com

Reactions: x 151 x 100 x 78 x 14 x 7 x 5 x 1 x 1 x 1 x 1 x 1 x 1

Imo they shouldn't even be given the chance to do this, the fix would simply be to add noreferrer to rel=

 

[Stephen Rothman]

While it's never been stated outright to my knowledge, I am certain that the more unhinged forums that have threads in Community Watch keep track of these as well.

 

[Mike Matei's Penis]

What was the other site that did this? Didn't even know this was technologically possible

 

[Lady Ivlia de Nîmes]

What was the other site that did this? Didn't even know this was technologically possible

If I remember correctly, Hector Martin was blocking people from visiting his Asahi Linux website if they came from Hacker News and (I think) from the Farms too.

 

[Homocull]

What was the other site that did this? Didn't even know this was technologically possible

Last year(?) Knockout would show a blank page which was kind of pointless as you could just refresh, more importantly people reported their throwaways being banned which I think was just them logging referer.

 

[Null]

There is already a site header that instructs your browser to not provide referer information

 

[Xev]

This cutting room floor website seems like it's hitting the stage of eating its own face. Odds on that place completely imploding due to gay infighting and tranny janny dictators throwing their girl dicks around?

 

[The Mass Shooter Ron Soye]

There is already a site header that instructs your browser to not provide referer information

If it's not working, it could be a "referer" vs. "referrer" problem.

Alternatively, this could be added to every HTML page:

<meta name="referrer" content="no-referrer">

 

[MennilTossFlykune]

There is already a site header that instructs your browser to not provide referer information

https://www.whatismybrowser.com/detect/what-is-my-referrer/

You have been instructed, many hundreds of times, to cease providing my referrer information. Continuing to do so constitutes felony browser harassment.

 

[Homocull]

There is already a site header that instructs your browser to not provide referer information

Which header? I can't see anything on Fiddler, both Firefox and Chrome sends the referer

 

[Slav Power]

I know that Imgur will break your connection if you open a link from here through the same mechanism, just as an example of how it was abused against the site in the past.

 

[CYBER VERMIN!!]

https://www.whatismybrowser.com/detect/what-is-my-referrer/

View attachment 7463644

You have been instructed, many hundreds of times, to cease providing my referrer information. Continuing to do so constitutes felony browser harassment.

Enjoy referrals, stalker child!

 

[Nitro!]

There is already a site header that instructs your browser to not provide referer information

This may have been lost in the theme upgrade. Browsers are defaulting to strict-origin-when-cross-origin but there is no Referrer-Policy response header that I can see.

 

[alphabetnigger]

This cutting room floor website seems like it's hitting the stage of eating its own face. Odds on that place completely imploding due to gay infighting and tranny janny dictators throwing their girl dicks around?

More things ruined by trannies. I look shit up on tcrf all the time, I've even made a few contributions. Never interacted with anyone from the site but when it comes to retro game stuff like this it's always infested with these fuckers.
Just know that not every retro game enthusiast is a flaming faggot.

 

[MetokurGroomedMe]

actually we should make our referer NIGGER so that when a tranny wants to blacklist the site they have to type and save the word NIGGER every time.

 

[Maldavius Figtree]

Referrers are even more sketchy, as they would allow le phonebooking under some very specific circumstances. If you're logged in to non-anonymous account on the target side, and click a link to it on a subpage that is unique to your user, the target site admin could deanonymize you.

Hypothetical example: Image I were a tranny LinkedIn employee. Now I sign up to the Kiwifarms and send a random LinkedIn link separately to all KF users of interest saying "is that you, bro?". Every private message thread will have its own ID number in the URL.
Then I would just need to check the referrers of the people clicking the links to know exactly which LinkedIn user is which KF user.

Fringe attack vector requiring some specific conditions to pull off, but technically quite simple and something trannies would definitely abuse their positions to do.

I know that Imgur will break your connection if you open a link from here through the same mechanism, just as an example of how it was abused against the site in the past.

I was wondering why the fuck my Imgur session was throwing errors, that explains that. Clearing cookies solves the issue for Imgur btw.
No, you did not store my referrer, stalker child.

actually we should make our referer NIGGER so that when a tranny wants to blacklist the site they have to type and save the word NIGGER every time.

You cannot do this on a website basis unfortunately, you could write a browser extension though.

 

[Null]

https://www.whatismybrowser.com/detect/what-is-my-referrer/

done.

 

[gagosian]

https://www.whatismybrowser.com/detect/what-is-my-referrer/

done.

You should add a single hyperlink that auto redirects people from KF to their website to mess with them.