Details
This preference dictates whether Firefox will send the URL of the SSL/TLS-protected referring site to the referred SSL/TLS protected site.
The URL of the SSL-protected referring site may contain sensitive information. Preventing this URL from being sent mitigates the risk that the sensitive information will be disclosed.
Solution
Perform the following procedure:
* Open the mozilla.cfg file in the installation directory with a text editor
* Add the following lines to mozilla.cfg:
lockPref(“network.http.sendSecureXSiteReferrer”, false);
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.