When loading pages and navigating through links, a web browser sends some information about the origin of the request, by filling the "Referer" HTTP header. Visited websites can process this information as they whish, so this can become a privacy concern, for example when coming from a page which contains searched terms in its URL.

This page offers some configuration settings to instruct your browser how it should fill this referrer information. Beware that every browser behaves differently : some settings may be unsupported by your particular browser and therefore ignored. If you are really concerned about privacy, please check what is really sent by your browser by using its embedded developers tools network console, or with the network traffic analyzer of your choice.

Global policy

This referrer policy applies for every page on this peer. It is set by the "meta" HTML tag.

Values are sorted by decreasing privacy level. See the related W3C recommendation for full details and available values.

no-referrer

Highest privacy setting : referrer information should never be sent, even when navigating on this peer internal links. Be careful with this : some websites might reject requests with no referrer.

same-origin

Peer internal links : referrer information should be stripped from any private data and contain only this peer host name.
External links : referrer information should never be sent.

strict-origin

Peer internal and external links : referrer information should be stripped from any private data and contain only this peer host name.
Restriction : when a link downgrades from a TLS secured connection (https) on this peer to an unsecured target (http), no referrer information at all should be sent.

origin

Peer internal and external links : referrer information should be stripped from any private data and contain only this peer host name.
Note : this value is also compatible with legacy values from the older specification draft.

strict-origin-when-cross-origin

Peer internal links : referrer information should contain full URLs.
External links : referrer information should be stripped from any private data and contain only this peer host name.
Restriction : when an external link downgrades from a TLS secured connection (https) on this peer to an unsecured target (http), no referrer information at all should be sent.

origin-when-cross-origin

Peer internal links : referrer information should contain full URLs.
External links : referrer information should be stripped from any private data and contain only this peer host name.

no-referrer-when-downgrade

Referrer information should contain full URLs, except when a link downgrades from a TLS secured connection (https) on this peer to an unsecured target (http).

empty value

Default browser behavior : it should corresponds to "no-referrer-when-downgrade".

unsafe-url

Unsafe setting : referrer information should always contain full URLs.

#(metaPolicyCustom)#::

#[value]#

Custom setting : probably manually edited, be sure this value is the desired one.

#(/metaPolicyCustom)#

Search results links

Add the "noreferrer" link type to search results links

When checked, this overrides the global referrer policy and adds the standard "noreferrer" link type to search results links, thus instructing the browser that it should not send any referrer information at all when visiting them.

Be careful with this : some websites might reject requests with no referrer.

It is a standard HTML5 attribute value, supported by much more browsers than the meta tag : if you want a higher level of privacy but use an old or incompatible browser, this can be a valuable option.

Changes will take effect immediately.

Referrer Policy Settings