What is the best way to ensure that a query string does not get included as part of HTTP Referrer data?
I have noticed that some potentially sensitive information (e.g. UTM fields, which do not really require SSL) may otherwise leak.
The objective is for an originating URL such as:
http://mywebsite.com/mypage/?myvar=xxx
To be passed as referrer only as:
http://mywebsite.com/mypage/