Skip to content

Onion sites may be sending referer header

https://bugzilla.mozilla.org/show_bug.cgi?id=1744290 is a report by a Mozilla developer that he sees .onion addresses in his referrer logs, corresponding to 60 and 78 major versions and tor exit IPs.

I used https://iz3xdp3z2vuewtpbxityih5tdri3ee4zeqbcx3oq6pkezipgtwtn3pyd.onion/misc/ff/headers-include.html to try and reproduce it with 91 and 78 and I could not. This onionsite is a mirror of ritter.vg and it includes an image (and has a link) to ritter.vg (non-onion) on it.

But it might be an edge case.

If I grep through all my logs looking specifically for this issue, I do have a lot of weird hits in the past year and a half.

zgrep "\.onion" all_log.* | grep -v iz3xdp3z2vuewtpbxityih5tdri3ee4zeqbcx3oq6pkezipgtwtn3pyd | grep -v "tomritterbassljd" | egrep "Firefox/([0-9]+)" -o | sort | uniq -c
      1 Firefox/10
      1 Firefox/24
      1 Firefox/28
      1 Firefox/31
    178 Firefox/60
  10429 Firefox/68
  10146 Firefox/78
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information