Why is HTTP_REFERER enabled?

I understand TBB aims to make everyone alike but HTTP_REFERER leaks all URLs you clicked from which is easy to track and correlate. Why is it disabled instead?

added component::applications/tor browser in Legacy / Trac owner::tbb-team in Legacy / Trac priority::medium in Legacy / Trac resolution::not a bug in Legacy / Trac status::closed in Legacy / Trac type::defect in Legacy / Trac labels

typos: Why not disable it instead?

While disabling HTTP_REFERER may be impractical due to some sites breaking, it would make sense to block it for links opened in new tabs. Most users likely expect that they won't be tracked to a new tab given the circuit isolation TBB has now.

Proposed patch for tor-browser to disable referer passing for links opened in new tabs:

--- a/browser/base/content/utilityOverlay.js
+++ b/browser/base/content/utilityOverlay.js
@@ -358,7 +358,7 @@ function openLinkIn(url, where, params) {
   case "tab":
     w.gBrowser.loadOneTab(url, {
       referrerURI: aReferrerURI,
-      referrerPolicy: aReferrerPolicy,
+      referrerPolicy: Components.interfaces.nsIHttpChannel.REFERRER_POLICY_NO_REFERRER,
       charset: aCharset,
       postData: aPostData,
       inBackground: loadInBackground,

Trac:
Username: someone_else

https://www.torproject.org/projects/torbrowser/design/ section 1. The Referer Header in the Deprecation Whitelist has the reasoning.

Trac:
Status: new to closed
Resolution: N/A to not a bug

closed

moved from legacy/trac#16919 (moved)

added Bug label and removed 1 deleted label

removed 1 deleted label