class Rack::Protection::ReferrerPolicy
- referrer_policy
- The policy to use (default: ‘strict-origin-when-cross-origin’)
Options:
Sets Referrer-Policy header to tell the browser to limit the Referer header.
More infos - www.w3.org/TR/referrer-policy/
Supported browsers - mixed support
Prevented attack -
Secret leakage, third party tracking
#
- mixed support
- www.w3.org/TR/referrer-policy/
- The policy to use (default: ‘strict-origin-when-cross-origin’)
def call(env)
def call(env) status, headers, body = @app.call(env) headers['Referrer-Policy'] ||= options[:referrer_policy] [status, headers, body] end