Change HTTP referer settings: Chrome

The HTTP referrer header can be very revealing in the context of online tracking. Learn how you can change the policy in Chrome to force the browser to include the minimum information in this header or even block it entierely.

Last modified
9th December 2020
Guide level
Guide Browser
Guide Device
Content

What: the Referer (a misspelling of referrer) header contains the address of the previous web page from which a link to the currently requested page was followed. In more simple terms, the referer is the URL from which came a request received by a server. A good example is if you click a link on the page site.com/page to go to another-site.com/link, the HTTP Referer received by another-site.com/link will have the value site.com/page.
Why it's important: While the referer header can have begnign use for things such as analytics (knowing what journey a visitor took on a site), it can be very revealing in the context of online tracking. As we demonstrated in our research on mental health website and tracking, third parties loaded by a page (for example to display targeted ads) while receive the URL that you are visiting in the Referer header.

Example: a query sent to AdNexus, an AdTech company, containing the exact page being visited in the Referer

This provides a lot of information about your online activities and allow trackers to get a more comprehensive vision of your browsing habit and better profile you
What you can do: The HTTP Referer can follow different policies indicated either by the server or the browser. As a user, you can change the policy to force the browser to include the minimum information in this header or even block it entierely (although this might cause some problems).

Same request as above with the Referer blocked, AdNexus don't know which site we are visiting

Limits: The HTTP referer is only one way by which third parties can know what website you are visiting and there are many other tracking methods which are still efficient with this blocked. While you won't ever be able to block 100% of trackers, make sure you look at our other guides to harden your defenses

Change HTTP referrer settings in Chrome

Unlike Firefox, Chrome do not give you a configuration panel where you can change the refer policy. You need to install an add-on to do that.

  1. Open Chrome
  2. Go to the Chrome store: https://chrome.google.com/webstore/
  3. Search for "Referer Control" or visit this link
  4. Install
  5. Click on the newly installed icons
Newly added Referer Control icon in Chrome
  1. Set default referer to Block
Referer Control settings to block

Found a mistake? An outdated screenshot? Think this could be improved? Check out our Github repository and contribute to help keep these guides up-to-date and useful!