dijkstra-backend-cloudron/node_modules/referrer-policy/README.md

23 lines
1.1 KiB
Markdown
Raw Normal View History

Referrer Policy
===============
[![Build Status](https://travis-ci.org/helmetjs/referrer-policy.svg?branch=master)](https://travis-ci.org/helmetjs/referrer-policy)
The [Referer HTTP header](https://en.wikipedia.org/wiki/HTTP_referer) is typically set by web browsers to tell the server where it's coming from. For example, if you click a link on *example.com/index.html* that takes you to *wikipedia.org*, Wikipedia's servers will see `Referer: example.com`. This can have privacy implications—websites can see where you are coming from. The new [`Referrer-Policy` HTTP header](https://www.w3.org/TR/referrer-policy/#referrer-policy-header) lets authors control how browsers set the Referer header.
[Read the spec](https://www.w3.org/TR/referrer-policy/#referrer-policies) to see the options you can provide.
Usage:
```javascript
const referrerPolicy = require('referrer-policy')
app.use(referrerPolicy({ policy: 'same-origin' }))
// Referrer-Policy: same-origin
app.use(referrerPolicy({ policy: 'unsafe-url' }))
// Referrer-Policy: unsafe-url
app.use(referrerPolicy())
// Referrer-Policy: no-referrer
```