Best I can tell, there is zero incentive for Quora (or any other site, for that matter) to care. Their current redirect logic in no way hurts their user experience.<p>Right now they protect their users' privacy. What benefit do they realize by providing their users' viewing history to other sites?<p>I personally think that the referer header was never a good idea. I disable it in my browser, and appreciate sites that do right by their users with privacy protecting default behaviors.
I hate to crash the party, but why is the premise that "overriding links is absolutely okay" taken for granted?<p>Says who? Google and their `/url`? Facebook and their `l.php`?
This is probably <i>not</i> the case, but is it possible that Quora is intentionally stripping the referer header? Duck Duck Go does just this in the interest of user privacy: why should site X know where I came from and what I was searching? <a href="https://duckduckgo.com/privacy.html" rel="nofollow">https://duckduckgo.com/privacy.html</a> Seems unlikely in this case but possible.<p>Incidentally, it seems that encrypted.google.com does this but not regular google. EDIT: This happens for all https->http requests, it's not a google feature (TIL).
It's most likely done intentionally to protect against leaking the clicker's identity. See the issue Facebook had back then: <a href="http://www.benedelman.org/news/052010-1.html" rel="nofollow">http://www.benedelman.org/news/052010-1.html</a>
<i>We let you create surveys and display those on your website in a “targeted” manner</i><p>A better title for your article would have been:<p><i>why to never rely on referers</i><p>(which can be blocked or purposely malformed)
Since you are a hosted service, you could periodically loop through all of the Quora redirect links you've received and resolve them. This might be against Quora's TOS, though.<p>I believe Twitter does this with URL shortener links posted in tweets.