1.1 KiB
1.1 KiB
Referrer Policy
The Referer HTTP header is typically set by web browsers to tell the server where it's coming from. For example, if you click a link on example.com/index.html that takes you to wikipedia.org, Wikipedia's servers will see Referer: example.com
. This can have privacy implications—websites can see where you are coming from. The new Referrer-Policy
HTTP header lets authors control how browsers set the Referer header.
Read the spec to see the options you can provide.
Usage:
const referrerPolicy = require('referrer-policy')
app.use(referrerPolicy({ policy: 'same-origin' }))
// Referrer-Policy: same-origin
app.use(referrerPolicy({ policy: 'unsafe-url' }))
// Referrer-Policy: unsafe-url
app.use(referrerPolicy())
// Referrer-Policy: no-referrer