Cap page-scoped referrer policies (No longer pursuing)

We’re considering mitigating indiscriminate sharing of information about navigations’ sources by introducing a cap on the granularity of widely-scoped referrer policies. Page-scoped referrer policies (those set via <meta name=”referrer”> or the Referrer-Policy header on documents) with values of "unsafe-url", "origin-when-cross-origin", and "no-referrer-when-downgrade" will be treated as if they were instead "strict-origin-when-cross-origin".

This would be the second of two related privacy improvements to referrer handling. The first change approached "inadvertent" sharing of detailed information about navigations' sources caused by the existing, overly permissive, default policy. This change would address "indiscriminate" sharing of information about navigations: when sites that only need to share detailed information about navigations' sources in specific instances specify overly broad policies (scoped to an entire page rather than particular elements). The "referrer privacy model" doc discusses the motivation in more detail: https://docs.google.com/document/u/1/d/e/2PACX-1vQfLtjrZxHMVPrGrMm9kBRYugNqwtemhpVTcoS6pH2zhlyGwJmitHEMBeUm1GXtlbYfRUf0hraDvhKm/pub

Documentation

Specification

Established standard

Status in Chromium

Blink


No longer pursuing (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No public signals
  • No public signals
  • No public signals
  • No signals

Owners

Last updated on 2020-01-15