New issue
Advanced search Search tips
Starred by 5 users

Issue metadata

Status: Fixed
Closed: Jul 2017
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Launch-OWP
Launch-Accessibility: ----
Launch-Legal: ----
Launch-M-Approved: ----
Launch-M-Target: ----
Launch-Privacy: ----
Launch-Security: ----
Launch-Status: ----
Launch-Test: ----
Launch-UI: ----
Product-Review: ----

Sign in to add a comment

Additional referrer policies: same-origin, strict-origin, strict-origin-when-cross-origin

Project Member Reported by, Jun 5 2017 Back to list

Issue description

Change description:
The Referrer Policy specification includes three policy values that Chrome doesn't yet implement.
- same-origin: Send full referrers same-origin, no referrers cross-origin.
- strict-origin: Strip referrers to the origin, but strip them when downgrading from HTTPS to HTTP.
- strict-origin-when-cross-origin: Send full referrers same-origin, and the origin when cross-origin, but strip referrers when downgrading from HTTPS to HTTP.

Changes to API surface:
Additional referrer policy values available in the existing Referrer-Policy header, `referrerpolicy` attribute, and <meta name="referrer" tag>

Public standards discussion:

Support in other browsers:
Internet Explorer: no signals
Firefox: supported
Safari: no signals

Comment 1 by, Jul 12 2017

Status: Fixed

Sign in to add a comment