HTML <script> referrerpolicy Attribute

The HTML <script> referrerpolicy Attribute is used to specify the reference information that will be sent to the server when fetching the script. 

Syntax:

<script referrerpolicy="no-referrer|no-referrer-when-downgrade|
        origin|origin-when-cross-origin|same-origin|
        strict-origin-when-cross-origin|unsafe-url">

Attribute Values: 

• no-referrer: It specifies that no reference information will be sent along with a request.
• no-referrer-when-downgrade: It has a default value. It specifies that refer header will not be sent to origins without HTTPS.
• origin: It specifies to send the origin of the document as the referrer in all cases.
• origin-when-cross-origin: It sends the origin, path, and query string when performing a same-origin request, but only send the origin of the document for other cases.
• same-origin: It specifies that the referrer will be sent for same-site origins, but cross-origin requests will send no referrer information.
• strict-origin-when-cross-origin: It sends the origin, path, and query string when performing a same-origin request, only sends the origin when the protocol security level stays the same while performing a cross-origin request (HTTPS/HTTPS), and send no header to any less-secure destinations (HTTPS/HTTP).
• unsafe-url: It sends origin. path and query string but not include fragment, password and username.

Example: Below code illustrates the use of referrerpolicy attribute in <script> element. 

 Output: 

Supported Browsers: 

• Google Chrome 70.0 and above
• Firefox 65.0 and above
• Internet Explorer Not Supported
• Opera 
• Safari 13.1 and above
• Edge 79.0 and above