Add referrerpolicy support to <script> elements

Many resource-fetching elements have support for the `referrerpolicy` attribute, which lets developers provide a keyword to influence the value of the `Referer` HTTP header that accompanies a request. The <link> element has support for this, so it is technically possible to preload a script with a developer-set referrer policy even though the <script> element does not have support for this attribute. This feature adds `referrerpolicy` support to the <script> element.

Demo

• https://script-referrerpolicy.glitch.me/

Documentation

• https://github.com/w3c/webappsec-referrer-policy/issues/96

Specification

Established standard

Status in Chromium

Blink components: Blink>HTML>Script

Enabled by default (tracking bug) in:

• Chrome for desktop release 70
• Chrome for Android release 70
• Android WebView release 70

Consensus & Standardization

• Firefox: Public support
• Edge: No public signals
• Safari: No public signals
• Web Developers: No signals

Owner

• domfarolino@gmail.com

Last updated on 2019-01-17