Load External Website In Iframe But Without Sending Http_referer

Is it possible to load an external website in iframe but without sending HTTP_REFERER ? I just don't want be tracked. If it is possible then how and if not then is there any worka

Solution 1:

Here's a very simple solution. Use this in you document <head> tag and you are good to go :D

<metaname="referrer"content="none">

The meta referrer tag is placed in the <head> section of your HTML, and references one of five states, which control how browsers send referrer information from your site.

The five states are:

1. None: Never pass referral data

2. None When Downgrade: Sends referrer information to secure HTTPS sites, but not insecure HTTP sites

3. Origin Only: Sends the scheme, host, and port (basically, the subdomain) stripped of the full URL as a referrer, i.e. moz.com/example.html would simply send moz.com

4. Origin When Cross-Origin: Sends the full URL as the referrer when the target has the same scheme, host, and port (i.e. subdomain) regardless if it's HTTP or HTTPS, while sending origin-only referral information to external sites. (note: There is a typo in the official spec. Future versions should be "origin-when-cross-origin")

5. Unsafe URL: Always passes the URL string as a referrer. Note if you have any sensitive information contained in your URL, this isn't the safest option. By default, URL fragments, username, and password are automatically stripped out.

Reference: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta

Solution 2:

I came across this on MDN stating that setting the referrerpolicy attribute to no-referrer would accomplish this.

Example:

<iframesrc="https://www.whatismyreferer.com/"referrerpolicy="no-referrer"></iframe>