Referrer-Policy HTTP Header
Referrer-Policy
Controls what referrer information is sent with requests.
Accepted Values
Multiple options from the list below are allowed, each seperated by a comma.- no-referrer
No referrer information is sent along with requests.
- no-referrer-when-downgrade
Send the full referrer when the protocol security stays the same, or improves.
- origin
Send the referrer origin (domain) only.
- origin-when-cross-origin
Send the full referrer when performing a same origin request, and the origin when not.
- same-origin
Send the full referrer for same origin requests, and nothing for cross-origin.
- strict-origin
Send the origin when the protocol level stays the same
- strict-origin-when-cross-origin
Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.
- unsafe-url
Always send the full referrer.
Example
Referrer-Policy: no-referrer, no-referrer-when-downgrade
Parse
Enter a Referrer-Policy header below to parse and return details about it.
Reference
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy