var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://httpbin.org', true);
xhr.send();
When running this simple code above from example.org
, request headers in Chrome devtools shows this:
Host:httpbin.org
Origin:http://example.org
Referer:http://example.org
When running the same code in Brave, I get this:
Host:httpbin.org
Origin:https://example.org
Referer:https://httpbin.org
I feel that that the referrer being the same that that the host is a bug, but maybe I'm missing something. Should I report this?
This behavior is intended.
Source