The Referrer-Policy HTTPhường header controls how much referrer information (sent via the Referer header) should be included with requests. Aside from the HTTP header, you can mix this policy in HTML.

Bạn đang xem: Referrer là gì

Header type Forbidden header name
Response header

Referrer-Policy: no-referrerReferrer-Policy: no-referrer-when-downgradeReferrer-Policy: originReferrer-Policy: origin-when-cross-originReferrer-Policy: same-originReferrer-Policy: strict-originReferrer-Policy: strict-origin-when-cross-originReferrer-Policy: unsafe-url
Note: The original header name Referer is a misspelling of the word "referrer". The Referrer-Policy header does not cốt truyện this misspelling.


The Referer header will be omitted entirely. No referrer information is sent along with requests.


Skết thúc the origin, path, & querystring in Referer when the protocol security cấp độ stays the same or improves (HTTP→HTTPhường., HTTP→HTTPS, HTTPS→HTTPS). Don"t sover the Referer header for requests to lớn less secure destinations (HTTPS→HTTP.., HTTPS→file).


Skết thúc the origin (only) in the Referer header. For example, a document at will sover the referrer


Sover the origin, path, & query string when performing a same-origin request lớn the same protocol màn chơi. Skết thúc origin (only) for cross origin requests & requests to lớn less secure destinations.


Send the origin, path, và query string for same-origin requests. Don"t skết thúc the Referer header for cross-origin requests.

Xem thêm: In The Meantime Là Gì ? Phân Biệt While, Meanwhile, Meantime


Skết thúc the origin (only) when the protocol security cấp độ stays the same (HTTPS→HTTPS). Don"t send the Referer header to lớn less secure destinations (HTTPS→HTTP).

strict-origin-when-cross-origin (default)

Send the origin, path, & querystring when performing a same-origin request. For cross-origin requests skết thúc the origin (only) when the protocol security màn chơi stays same (HTTPS→HTTPS). Don"t skết thúc the Referer header khổng lồ less secure destinations (HTTPS→HTTP).

Note: This is the default policy if no policy is specified, or if the provided value is invalid (see spec revision November 2020). Previously the default was no-referrer-when-downgrade.


Sover the origin, path, và query string when performing any request, regardless of security.

Xem thêm: Business Director Là Gì, Chức Danh Trong Công Ty Bằng Tiếng Anh

Warning: This policy will leak potentially-private information from HTTPS resource URLs to lớn insecure origins. Carefully consider the impact of this setting.

Integration with HTML

You can also set referrer policies inside HTML. For example, you can mix the referrer policy for the entire document with a element with a name of referrer:

meta name="referrer" content="origin">
Or set it for individual requests with the referrerpolicy attribute on , , , ,