Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 5 users
Status: Fixed
Owner:
OOO through Oct 22
Closed: Jul 12
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Launch-OWP
Launch-Accessibility: ----
Launch-Legal: ----
Launch-M-Approved: ----
Launch-M-Target: ----
Launch-Privacy: ----
Launch-Security: ----
Launch-Status: ----
Launch-Test: ----
Launch-UI: ----
Product-Review: ----



Sign in to add a comment
Additional referrer policies: same-origin, strict-origin, strict-origin-when-cross-origin
Project Member Reported by est...@chromium.org, Jun 5 Back to list
Change description:
The Referrer Policy specification includes three policy values that Chrome doesn't yet implement.
- same-origin: Send full referrers same-origin, no referrers cross-origin.
- strict-origin: Strip referrers to the origin, but strip them when downgrading from HTTPS to HTTP.
- strict-origin-when-cross-origin: Send full referrers same-origin, and the origin when cross-origin, but strip referrers when downgrading from HTTPS to HTTP.

Changes to API surface:
Additional referrer policy values available in the existing Referrer-Policy header, `referrerpolicy` attribute, and <meta name="referrer" tag>

Links:
Public standards discussion: https://lists.w3.org/Archives/Public/public-webappsec/2016Mar/0085.html

Support in other browsers:
Internet Explorer: no signals
Firefox: supported
Safari: no signals
 
Status: Fixed
Sign in to add a comment