The flow with me is this we get a request to www.oursite.com?secretinfo=banana then we have people do some stuff on that page and we send them to another site. Is it possible to remove the part "secretinfo=banana" from the referer in the header info?
We do this now, by redirecting to another page without this parameters, which does another redirect by a meta-refresh to the other party. As you can imagine this is not very good for the user experience.
Doing it direct would be great but even doing it with a 302 or 303 redirect would be better but these don't change the referer.
We are using Python 3 with Flask or it can be with JavaScript.
Thanks to NetHawk it can be done using history.replaceState() or history.pushState().