criticablog

ソフトウェアエンジニアがニッチな情報を書きます。

simple table of referrer policy

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy から作成

下にいくほど緩い。

Policy

downgrade

equal or more secure

same origin

no-referrer

no no no

same-origin

no no full

strict-origin

no origin origin

strict-origin-when-cross-origin

no origin full

no-referrer-when-downgrade

no full full

origin

origin origin origin

origin-when-cross-origin

origin origin full

unsafe-url

full full full

legend:

column name means
downgrade when requesting http resource from https
equal or more secure having different origins and either of (http ← http or https ← http or httpshttps)
same origin when origins are equal
value means
no send nothing
origin send only scheme, host, port
full send the full URL