Good example of this: the referer header is the only way to verify the source of a request to prevent CSRF unless it the request uses the POST method or it's a CORS request. Firefox doesn't currently send the Origin header unless it's one of those two, meaning disabling the referer header will break any PUT, DELETE, etc requests on any website that has reasonable CSRF protection (which is basically essential for all non-static sites).