{ "title":"Referrer Policy", "description":"A policy that controls how much information is shared through the HTTP `Referer` header. Helps to protect user privacy.", "spec":"https://www.w3.org/TR/referrer-policy/", "status":"cr", "links":[ { "url":"https://blog.mozilla.org/security/2015/01/21/meta-referrer/", "title":"Mozilla security article" }, { "url":"https://scotthelme.co.uk/a-new-security-header-referrer-policy/", "title":"A new security header: Referrer Policy" } ], "bugs":[ ], "categories":[ "Security" ], "stats":{ "ie":{ "5.5":"n", "6":"n", "7":"n", "8":"n", "9":"n", "10":"n", "11":"a #1" }, "edge":{ "12":"a #1", "13":"a #1", "14":"a #1", "15":"a #1", "16":"a #1", "17":"a #1", "18":"a #1", "79":"a #3", "80":"a #3", "81":"a #3", "83":"a #3", "84":"a #3", "85":"y", "86":"y", "87":"y", "88":"y", "89":"y", "90":"y", "91":"y", "92":"y", "93":"y", "94":"y", "95":"y", "96":"y", "97":"y", "98":"y", "99":"y", "100":"y", "101":"y", "102":"y", "103":"y", "104":"y", "105":"y", "106":"y", "107":"y", "108":"y", "109":"y", "110":"y", "111":"y", "112":"y", "113":"y", "114":"y", "115":"y", "116":"y", "117":"y", "118":"y", "119":"y", "120":"y" }, "firefox":{ "2":"n", "3":"n", "3.5":"n", "3.6":"n", "4":"n", "5":"n", "6":"n", "7":"n", "8":"n", "9":"n", "10":"n", "11":"n", "12":"n", "13":"n", "14":"n", "15":"n", "16":"n", "17":"n", "18":"n", "19":"n", "20":"n", "21":"n", "22":"n", "23":"n", "24":"n", "25":"n", "26":"n", "27":"n", "28":"n", "29":"n", "30":"n", "31":"n", "32":"n", "33":"n", "34":"n", "35":"n", "36":"a #3", "37":"a #3", "38":"a #3", "39":"a #3", "40":"a #3", "41":"a #3", "42":"a #3", "43":"a #3", "44":"a #3", "45":"a #3", "46":"a #3", "47":"a #3", "48":"a #3", "49":"a #3", "50":"a #3", "51":"a #3", "52":"a #3", "53":"a #3", "54":"a #3", "55":"a #3", "56":"a #3", "57":"a #3", "58":"a #3", "59":"a #3", "60":"a #3", "61":"a #3", "62":"a #3", "63":"a #3", "64":"a #3", "65":"a #3", "66":"a #3", "67":"a #3", "68":"a #3", "69":"a #3", "70":"a #3", "71":"a #3", "72":"a #3", "73":"a #3", "74":"a #3", "75":"a #3", "76":"a #3", "77":"a #3", "78":"a #3", "79":"a #3", "80":"a #3", "81":"a #3", "82":"a #3", "83":"a #3", "84":"a #3", "85":"a #3", "86":"a #3", "87":"y", "88":"y", "89":"y", "90":"y", "91":"y", "92":"y #5", "93":"y #5", "94":"y #5", "95":"y #5", "96":"y #5", "97":"y #5", "98":"y #5", "99":"y #5", "100":"y #5", "101":"y #5", "102":"y #5", "103":"y #5", "104":"y #5", "105":"y #5", "106":"y #5", "107":"y #5", "108":"y #5", "109":"y #5", "110":"y #5", "111":"y #5", "112":"y #5", "113":"y #5", "114":"y #5", "115":"y #5", "116":"y #5", "117":"y #5", "118":"y #5", "119":"y #5", "120":"y #5", "121":"y #5", "122":"y #5", "123":"y #5" }, "chrome":{ "4":"n", "5":"n", "6":"n", "7":"n", "8":"n", "9":"n", "10":"n", "11":"n", "12":"n", "13":"n", "14":"n", "15":"n", "16":"n", "17":"n", "18":"n", "19":"n", "20":"n", "21":"a #2", "22":"a #2", "23":"a #2", "24":"a #2", "25":"a #2", "26":"a #2", "27":"a #2", "28":"a #2", "29":"a #2", "30":"a #2", "31":"a #2", "32":"a #2", "33":"a #2", "34":"a #2", "35":"a #2", "36":"a #2", "37":"a #2", "38":"a #2", "39":"a #2", "40":"a #2", "41":"a #2", "42":"a #2", "43":"a #2", "44":"a #2", "45":"a #2", "46":"a #2", "47":"a #2", "48":"a #2", "49":"a #2", "50":"a #2", "51":"a #2", "52":"a #2", "53":"a #2", "54":"a #2", "55":"a #2", "56":"a #2", "57":"a #2", "58":"a #2", "59":"a #2", "60":"a #2", "61":"a #3", "62":"a #3", "63":"a #3", "64":"a #3", "65":"a #3", "66":"a #3", "67":"a #3", "68":"a #3", "69":"a #3", "70":"a #3", "71":"a #3", "72":"a #3", "73":"a #3", "74":"a #3", "75":"a #3", "76":"a #3", "77":"a #3", "78":"a #3", "79":"a #3", "80":"a #3", "81":"a #3", "83":"a #3", "84":"a #3", "85":"y", "86":"y", "87":"y", "88":"y", "89":"y", "90":"y", "91":"y", "92":"y", "93":"y", "94":"y", "95":"y", "96":"y", "97":"y", "98":"y", "99":"y", "100":"y", "101":"y", "102":"y", "103":"y", "104":"y", "105":"y", "106":"y", "107":"y", "108":"y", "109":"y", "110":"y", "111":"y", "112":"y", "113":"y", "114":"y", "115":"y", "116":"y", "117":"y", "118":"y", "119":"y", "120":"y", "121":"y", "122":"y", "123":"y" }, "safari":{ "3.1":"n", "3.2":"n", "4":"n", "5":"n", "5.1":"n", "6":"n", "6.1":"n", "7":"n", "7.1":"a #1", "8":"a #1", "9":"a #1", "9.1":"a #1", "10":"a #1", "10.1":"a #1", "11":"a #1", "11.1":"a #3", "12":"a #3", "12.1":"a #3", "13":"a #3 #4", "13.1":"a #3 #4", "14":"a #3 #4", "14.1":"a #3 #4", "15":"y #4", "15.1":"y #4", "15.2-15.3":"y #4", "15.4":"y #4", "15.5":"y #4", "15.6":"y #4", "16.0":"y #4", "16.1":"y #4", "16.2":"y #4", "16.3":"y #4", "16.4":"y #4", "16.5":"y #4", "16.6":"y #4", "17.0":"y #4", "17.1":"y #4", "17.2":"y #4", "TP":"y #4" }, "opera":{ "9":"n", "9.5-9.6":"n", "10.0-10.1":"n", "10.5":"n", "10.6":"n", "11":"n", "11.1":"n", "11.5":"n", "11.6":"n", "12":"n", "12.1":"n", "15":"a #3", "16":"a #3", "17":"a #3", "18":"a #3", "19":"a #3", "20":"a #3", "21":"a #3", "22":"a #3", "23":"a #3", "24":"a #3", "25":"a #3", "26":"a #3", "27":"a #3", "28":"a #3", "29":"a #3", "30":"a #3", "31":"a #3", "32":"a #3", "33":"a #3", "34":"a #3", "35":"a #3", "36":"a #3", "37":"a #3", "38":"a #3", "39":"a #3", "40":"a #3", "41":"a #3", "42":"a #3", "43":"a #3", "44":"a #3", "45":"a #3", "46":"a #3", "47":"a #3", "48":"a #3", "49":"a #3", "50":"a #3", "51":"a #3", "52":"a #3", "53":"a #3", "54":"a #3", "55":"a #3", "56":"a #3", "57":"a #3", "58":"a #3", "60":"a #3", "62":"a #3", "63":"a #3", "64":"a #3", "65":"a #3", "66":"a #3", "67":"a #3", "68":"a #3", "69":"a #3", "70":"a #3", "71":"a #3", "72":"a #3", "73":"y", "74":"y", "75":"y", "76":"y", "77":"y", "78":"y", "79":"y", "80":"y", "81":"y", "82":"y", "83":"y", "84":"y", "85":"y", "86":"y", "87":"y", "88":"y", "89":"y", "90":"y", "91":"y", "92":"y", "93":"y", "94":"y", "95":"y", "96":"y", "97":"y", "98":"y", "99":"y", "100":"y", "101":"y", "102":"y", "103":"y", "104":"y" }, "ios_saf":{ "3.2":"n", "4.0-4.1":"n", "4.2-4.3":"n", "5.0-5.1":"n", "6.0-6.1":"n", "7.0-7.1":"n", "8":"a #1", "8.1-8.4":"a #1", "9.0-9.2":"a #1", "9.3":"a #1", "10.0-10.2":"a #1", "10.3":"a #1", "11.0-11.2":"a #1", "11.3-11.4":"a #1", "12.0-12.1":"a #3", "12.2-12.5":"a #3", "13.0-13.1":"a #3", "13.2":"a #3", "13.3":"a #3 #4", "13.4-13.7":"a #3 #4", "14.0-14.4":"a #3 #4", "14.5-14.8":"a #3 #4", "15.0-15.1":"y #4", "15.2-15.3":"y #4", "15.4":"y #4", "15.5":"y #4", "15.6-15.7":"y #4", "16.0":"y #4", "16.1":"y #4", "16.2":"y #4", "16.3":"y #4", "16.4":"y #4", "16.5":"y #4", "16.6-16.7":"y #4", "17.0":"y #4", "17.1":"y #4", "17.2":"y #4" }, "op_mini":{ "all":"n" }, "android":{ "2.1":"n", "2.2":"n", "2.3":"n", "3":"n", "4":"n", "4.1":"n", "4.2-4.3":"n", "4.4":"n", "4.4.3-4.4.4":"n", "119":"y" }, "bb":{ "7":"n", "10":"n" }, "op_mob":{ "10":"n", "11":"n", "11.1":"n", "11.5":"n", "12":"n", "12.1":"n", "73":"y" }, "and_chr":{ "119":"y" }, "and_ff":{ "119":"y #5" }, "ie_mob":{ "10":"n", "11":"n" }, "and_uc":{ "15.5":"y" }, "samsung":{ "4":"n", "5.0-5.4":"a #3", "6.2-6.4":"a #3", "7.2-7.4":"a #3", "8.2":"a #3", "9.2":"a #3", "10.1":"a #3", "11.1-11.2":"a #3", "12.0":"a #3", "13.0":"a #3", "14.0":"y", "15.0":"y", "16.0":"y", "17.0":"y", "18.0":"y", "19.0":"y", "20":"y", "21":"y", "22":"y", "23":"y" }, "and_qq":{ "13.1":"y" }, "baidu":{ "13.18":"y" }, "kaios":{ "2.5":"a #3", "3.0-3.1":"a #3" } }, "notes":"", "notes_by_num":{ "1":"Browsers initially supported an [early draft](https://wiki.whatwg.org/wiki/Meta_referrer) of the specification which can only use a meta tag and is only compatible with the `origin` value from the new spec.", "2":"Chrome 21-60 did not support the `same-origin`, `strict-origin` and `strict-origin-when-cross-origin` values. ([issue 627968](https://bugs.chromium.org/p/chromium/issues/detail?id=627968))", "3":"Older browsers defaulted to `no-referrer-when-downgrade` which is unsafe. The default has been updated to `strict-origin-when-cross-origin` which is safe for most use cases. See [the revised spec.](https://github.com/w3c/webappsec-referrer-policy/pull/142)", "4":"[Safari's ITP](https://webkit.org/blog/9661/preventing-tracking-prevention-tracking/) (on by default) downgrades _all_ cross-site subresource request (not page navigation) `Referer` headers to the page's origin, ignoring the `unsafe-url`, `no-referrer-when-downgrade`, and `origin-when-cross-origin` referrer policies.", "5":"[Firefox 92+ ignores](https://bugzilla.mozilla.org/show_bug.cgi?id=1720294) the `unsafe-url`, `no-referrer-when-downgrade`, and `origin-when-cross-origin` referrer policies, defaulting to `strict-origin-when-cross-origin`." }, "usage_perc_y":94.75, "usage_perc_a":3.14, "ucprefix":false, "parent":"", "keywords":"meta,referrer,referer", "chrome_id":"5639972996513792,6251880185331712", "shown":true }