Q: How to strip http-referer field?

[Lincoln Yeoh <lyeoh () POP JARING MY>]

Hi,

Say I have a web mail/messaging program that allows viewing of html ( yes I
know that's not so safe but y'know how it is).

Currently I translate all links to point to a custom fastcgi perl script
which 302 redirects the user if urls are ok looking but displays an error
page if there are GET style parameters or other weird stuff in the URL
(file://...), with a click option to the offending URL if the user is brave
enough. Yes this breaks inline images  with funny urls, but erm so far no
complaints ;).

Question is: would it be worth stripping out the http-referer when the user
retrieves foreign links from the displayed html page (either directly or
via img src or other means).

If it's worth it, any ideas how to do it reliably?  Currently most browsers
still maintain the old referer field value past any 302 redirects.

Proxying and fetching the actual content would be too resource intensive.
The main trouble is these img src links, html could be done by a meta
refresh page.

I suppose I would have to make sure that a very boring url is used to view
the HTML message?

Cheerio,
Link.

p.s. Yes it should be spelt referrer.