You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Referrer-Policy header

The Referrer-Policy header in the HTTP response is used to control how much information about the origin's URI is passed with requests. It prevents from situations that could result in sensitive information being leaked to the third party. Even if security is not compromised, the information may not be something the user wants to be shared.

By default this is enabled and set to no-referrer.

To disable use:

blueriq.security.referrer-policy.enabled=false

To override use:

blueriq.security.referrer-policy.policy=<HEADER VALUE>

Possible policy header values:

  • no-referrer (default value)
  • no-referrer-when-downgrade
  • same-origin
  • origin
  • strict-origin
  • origin-when-cross-origin
  • strict-origin-when-cross-origin
  • unsafe-url


For more information : https://www.w3.org/TR/referrer-policy/

  • No labels