Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
2
-
Description
Customer would like to change the Referrer-Policy header to "strict-origin", so It doesn't make data leakage and never share the full URL, even for same-origin requests. However Referrer-Policy: strict-origin-when-cross-origin header is hardcoded in our sources, so there is no way to disable or configure it at application level.