[OSM-dev] Tile usage without proper identification

Manuel Reimer Manuel.Spam at nurfuerspam.de
Fri Aug 26 12:12:56 UTC 2016

On 08/23/2016 05:35 PM, Christoph Hormann wrote:
> If you turn off referrer transmission w.r.t. tiles the only effect this
> has is it prevents the tile provider from knowing what website you were
> requesting the tiles from.

For me the reason for disabling Referrer at all has nothing to do with 
"tile providers". I just don't want this "feature" at all. With every 
click on every website, the linked website knows where I clicked the 
link. In my opinion such a "feature" should have never got HTTP 
standard! Noone needs to know where I came from when browsing the web!

> In case of non-free tile providers by the way use of API keys and
> tokens means the website is known to the tile provider even without a
> referrer.

No problem. It doesn't force me to have Referrer active so regular 
clicks on websites don't forward information where the click happened. 
So if possible, just allow optionally passing of a API key or just a 
"website name" as a parameter to the PNG files.

If tile loading starts to suck without enabled Referrer, I would just 
install a referrer spoofing addon to spoof any call to the tile server 
from my webbrowser to always show like it was loaded from 
openstreetmap.org --> problem solved and I don't have to enable Referrer 


More information about the dev mailing list