Page History
Referrer-Policy header
The Referrer-Policy header for in the HTTP requests response is used to control how much information about the origin's URI is passed with requests. It prevents from situations that could result in sensitive information being leaked to the third party. Even if security is not compromised, the information may not be something the user wants to be shared.
| Note |
|---|
By default this is enabled and set to nosame-referrerorigin. |
By default this is enabled and set to no-referrer.
To disable use:
| Code Block | ||
|---|---|---|
| ||
blueriq.security.referrer-policy.enabled=false |
To override useTo override the policy header value set:
| Code Block | ||
|---|---|---|
| ||
blueriq.security.referrer-policy.enabled=true blueriq.security.referrer-policy.policy=<HEADER VALUE> |
Possible policy header values:
- no-referrer (default value)referrerÂ
- no-referrer-when-downgrade
- same-origin (default value)
- origin
- strict-origin
- origin-when-cross-origin
- strict-origin-when-cross-origin
- unsafe-url
To disable use:
| Code Block | ||
|---|---|---|
| ||
blueriq.security.referrer-policy.enabled=false |
For more information : https://www.w3.org/TR/referrer-policy/
| Warning | ||
|---|---|---|
| ||
Security headers generated by the Runtime are only applied to pages that are served from the Runtime itself. In case the Blueriq Frontend is served from a CDN or via Reverse Proxy these headers will need to be configured from the CDN or Reverse Proxy, for the headers to be applied. |
Overview
Content Tools