Change description:
The CSP 'referrer' directive allows site owners to set a Referrer Policy (https://w3c.github.io/webappsec-referrer-policy/) for their page from an HTTP header. The 'referrer' directive has been removed from the spec and replaced with the Referrer-Policy header, thus we plan to remove support for the 'referrer' directive.
Changes to API surface:
CSP 'referrer' directive will no longer have any effect
Links:
Public standards discussion: https://github.com/w3c/webappsec-referrer-policy/pull/14Support in other browsers:Internet Explorer: no
Firefox: yes, but being deprecated (https://bugzilla.mozilla.org/show_bug.cgi?id=1302449)
Safari: no
Comment 1 by est...@chromium.org
, Oct 25 2016