• sbv@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      34
      ·
      13 days ago

      FWIW they should be configurable in your browser, either directly or with a plug-in.

      The post makes a pretty reasonable argument as to why it’s a good idea.

      • solrize@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        2
        ·
        13 days ago

        Yeah, browser vendors think the same thing, since they are part of the commercial web. Anyway, at minimum, sending referer should be opt-in rather than opt-out.

        • cabbage@piefed.social
          link
          fedilink
          English
          arrow-up
          3
          ·
          12 days ago

          According to ths post it will be opt-in, on the instance side.

          So smaller instances where there-might be risks associated will be opted out by default, while large instances that might want the attention and where individual users stand out less can opt in.

      • solrize@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        4
        ·
        13 days ago

        Unfortunatly its a cost we must accept since the justification makes it worth it.

        That’s for the user to decide. The devs should not presume to make it on the users’ behalf.

            • barsoap@lemm.ee
              link
              fedilink
              English
              arrow-up
              4
              ·
              edit-2
              13 days ago

              Users can disable referer headers in their browser settings which overrides anything the instance operators can do.

              • solrize@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                2
                ·
                edit-2
                13 days ago

                Only nerds do stuff like mess with their browser settings through about:config. The bulk of activity is from people who don’t mess with those settings and don’t stay aware of what’s going on. Those are the ones who the info gatherers want to observe, so that’s why the system should be opt-in in every case, and it’s also why they want it to be the opposite.

                • Microw@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  arrow-down
                  3
                  ·
                  12 days ago

                  If people dont care enough to mess with their browser settings thenselves, then they can either a. join a privacy-focused Mastodon instance whose admin will keep the “no referer” policy, or b. live with the fact that choices are being made for them. People need to take actions for themselves, we cant treat everyone like babies.

                • barsoap@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  1
                  ·
                  12 days ago

                  There’s legitimate interest in knowing where people come from, though, and asking on your own page “how did you get here?” is hardly going to work. Personally I don’t think it’s much of an issue if some random commercial site sees that I got there via lemm.ee, it’s not giving away much at all, not even whether I have an account here and certainly not as much as tracking cookies. OTOH I also think it could be done better, wich tech similar to Mozilla’s aggregate (i.e. you’re just a number in an anonymous mass) ad clickthrough thing. Sites would see “yep we got a number of visitors from lemm.ee, and that number from lemmy.world” but wouldn’t know which of their site impressions corresponded to which origin.

          • solrize@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            13 days ago

            Better ask whose benefit the system is being run for in that case. If I want a system run by Elon Musk then I already know where to find one.

    • Microw@lemm.ee
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      1
      ·
      12 days ago

      Read the article. It is a configurable thing and each mastodon server admin has to activate it in order to send a referer.

      • 4Robato@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        12 days ago

        I read the article but I’m worried about the implementation which you won’t be able to choose and while you can change server realistically not many people will even know this happened.

        I hope the focus is privacy and people and this change dowsn’t have people in mind.

        • Microw@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          ·
          12 days ago

          Well, I don’t know how you could implement that from a website that would enable people to choose? Not sure that is technically possible.

          And of course if you simply telll your browser not to send referer info in headers you won’t.

    • Kichae@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      12 days ago

      The fediverse is a place where websites automatically share content. What people do with that is wide open.

  • x00z@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    12 days ago

    I want to see where visitors are coming from. I also like to see (and sometimes join in) with the conversations they’re having.

    Imagine this guy contacting you about your bounce rate.

  • Cris@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    13 days ago

    Oh neat! Is there any way to check if my instance has opted into this?

    • Microw@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      ·
      12 days ago

      That PR is not even merged and deployed yet. When it gets released: simply ask your instance admin, I guess. (I think looking into the source code might also tell you but no idea where to search exactly)

      • Cris@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        12 days ago

        Ah, gotcha. Thank you!

        Probably I should go learn who my admin actually is 😅

  • General_Effort@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    edit-2
    12 days ago

    Turning that on is probably a GDPR violation for those in Europe.

    ETA: Don’t shoot the messenger. I won’t be suing.