What is it?
- Referrer Policy will change how your site sets the referrer header when a user clicks a link going out of your site
- Setting the referrer policy to
origin will only share protocol and domain information with the next site
- Setting the policy to
strict-origin-when-cross-origin will only pass the origin for locations outside of your domain and pass the full path inside of your domain
- Setting the policy to
no-refferrer will pass no referrer in all situations
Issue cause by referrer
- There can be serious issues if users are on sites where they do not want sensitive information related to their browsing being shared with other sites
- The classic example is if someone is on a medical site and the referrer policy is not set then the specific medical issue they were looking up may come up in the referrer url sent to the next site.