Add a Referrer-Policy response header
|Reported by:||anonymous||Owned by:|
Please add a
Referrer-Policy: same-origin HTTP response header or a
<meta name="referrer" content="same-origin"> element in the
This policy instructs compatible web browsers to not send the HTTP Referer (sic) request header to external websites. Doing so can leak information about what issues the organization that is operating the bug tracker is currently worried about.
(All uses mentions of “Referer” and “Referrer” are spelled as intended in this ticket. The original HTTP specification made a spelling mistake, but all uses here are as intended.)