Goal
- Protect users from disclosing any sensitive information about their navigation.
- Mastering the information sent by the server.
- Strengthen user confidence in the use of their data
Implementation
For each page of the website, configure the server to send the HTTP Referrer-Policy header with the value, in order of preference:
-
no-referrer
-
same-origin
-
strict-origin
-
strict-origin-when-cross-origin
Control
Check for each page of the website, that there is a HTTP Referrer-Policy header with the value, in order of preference:
-
no-referrer
-
same-origin
-
strict-origin
-
strict-origin-when-cross-origin