If I actually click those links, I can see... well. Probably far more than that user thinks I should be able to see. I can see a lot.
-
-
Wow, that's really serious.
@Pinboard should make it a priority to fix this.1 reply 0 retweets 0 likes -
-
Not my area of expertise, but 10 seconds on google says "noreferrer" might work for most browsers. More here https://blog.fastmail.com/2016/06/20/everything-you-could-ever-want-to-know-and-more-about-controlling-the-referer-header/ …
1 reply 0 retweets 0 likes -
I'm not claiming any expertise on how do fix it, but I agree with
@mhoye that leaking customer secrets like this is bad.1 reply 0 retweets 0 likes -
Replying to @davidjayharris @mhoye
everyone thinks leaking customer secrets is bad. The question is, what’s the fix that doesn’t break feed reading
1 reply 0 retweets 1 like -
Assuming that all the solutions on that page would break feed reading, and that redirecting would also break it somehow, I dunno.
1 reply 0 retweets 0 likes -
Replying to @davidjayharris @mhoye
these have to be implemented in the feed reader, unless I put in redirects, which have their own privacy issues
1 reply 0 retweets 0 likes -
Pinboard feeds are https, so referer should be suppressed
2 replies 0 retweets 0 likes -
Not according to my logs, but its possible serving those feeds on https only would address the issue.
1 reply 0 retweets 0 likes
a lot of this stuff breaks on the shoals of poorly written feed readers (https-only feeds, for example)
-
-
What sort of information would you need to convince you to switch to https only?
2 replies 0 retweets 0 likes -
if you change your subscription to the https version of the feed, doesn't that solve your problem?
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.