|
5 years ago | |
---|---|---|
.. | ||
dist | 5 years ago | |
CHANGELOG.md | 5 years ago | |
LICENSE | 5 years ago | |
README.md | 5 years ago | |
package.json | 5 years ago |
The Referer HTTP header is typically set by web browsers to tell the server where it's coming from. For example, if you click a link on example.com/index.html that takes you to wikipedia.org, Wikipedia's servers will see Referer: example.com
. This can have privacy implications—websites can see where you are coming from. The new Referrer-Policy
HTTP header lets authors control how browsers set the Referer header.
Read the spec to see the options you can provide.
Usage:
const referrerPolicy = require('referrer-policy')
app.use(referrerPolicy({ policy: 'same-origin' }))
// Referrer-Policy: same-origin
app.use(referrerPolicy({ policy: 'unsafe-url' }))
// Referrer-Policy: unsafe-url
app.use(referrerPolicy())
// Referrer-Policy: no-referrer