Referrer-Policy Header

Table of Content

The Referrer-Policy HTTP header governs which referrer information, sent in the Referer header, should be included with requests made. It is a security feature that offers control over the privacy of the referral data. This header helps with privacy by limiting the personal data communicated in HTTP Referer headers from one site to another.


Referrer-Policy : <policy>

Here, the <policy> is the directive value that specifies the referral policy to be used.


Referrer-Policy Header has several directives, including:

  • no-referrer: No referrer information is sent
  • no-referrer-when-downgrade: This is the default behavior if no policy is specified
  • origin: Only send the origin of the document as the referrer
  • origin-when-cross-origin: Full URL when on the same origin, but only send origin when cross-origin
  • same-origin: A referrer will be sent for same-site origins, but cross-origin requests will contain no referrer information
  • strict-origin: Only send the origin of the document as the referrer to same-protocol security contexts
  • strict-origin-when-cross-origin: Full URL when on the same origin and same protocol, but only send origin of the document for other cases
  • unsafe-url: Send the full URL (stripped of fragment) as referrer


To use the Referrer-Policy header, simply include it in your HTTP response headers with your preferred directive. Here's an example with the no-referrer directive.

Referrer-Policy: no-referrer

Browser Compatibility

Browser Compatibility
Chrome Supported
Firefox Supported
Safari Supported
Opera Supported
Edge Supported

How to modify Referrer-Policy header

ModHeader is a Chrome extension that allows you to modify and manipulate HTTP request headers and response headers. You can use it to modify the Referrer-Policy header, which is useful for testing your website under different referral policies.

Here is how you can do it:

  1. Install the ModHeader extension from the Chrome Web Store.
  2. Click on the ModHeader icon in the toolbar.
  3. In the Response Headers section, click Add.
  4. Enter Referrer-Policy in the name field and your desired policy directive in the value field.

Now your browser will use your specified referrer policy when making requests, allowing you to test your website's referral functionality under varying conditions.