referrer
referrer
referrer
This directive specifies the referrer policy for the document.
Tips & Tricks
The referrer directive is deprecated and replaced by the referrer-policy header. The referrer directive have been removed in modern browsers.
Frequently Asked Questions
What is the referrer directive?
The referrer directive is a legacy directive that was used to control how much referrer information should be included when making requests from a page. It has been deprecated in favor of the Referrer-Policy header, which provides more granular control over referrer behavior.
Deprecated Directive
The referrer CSP directive is deprecated. Use the dedicated Referrer-Policy header instead for controlling referrer behavior.
Why was the referrer directive replaced?
The referrer directive was replaced by the Referrer-Policy header because the latter offers more precise control over referrer information in different contexts. The Referrer-Policy header provides multiple directives like 'no-referrer', 'same-origin', and 'strict-origin' that give developers better flexibility in managing referrer information.
Should I still use the referrer directive?
No, you should not use the referrer CSP directive in new projects. Instead, implement the Referrer-Policy header to control referrer behavior. This ensures better browser compatibility and provides more granular control over how referrer information is shared across different types of requests.
Modern Alternative
Use the Referrer-Policy header with values like 'strict-origin-when-cross-origin' for better control over referrer information.
Need to monitor CSP violations and maintain it easily?
Set up a reporting endpoint to monitor Content Security Policy violations in real-time to build and maintain your CSP easily.
Set up your endpoint now