The HTML <script> referrerpolicy Attribute is used to specify the reference information that will be sent to the server when fetching the script.
Syntax:
<script referrerpolicy="no-referrer|no-referrer-when-downgrade|
origin|origin-when-cross-origin|same-origin|
strict-origin-when-cross-origin|unsafe-url">Attribute Values:
- no-referrer: It specifies that no reference information will be sent along with a request.
- no-referrer-when-downgrade: It has a default value. It specifies that refer header will not be sent to origins without HTTPS.
- origin: It specifies to send the origin of the document as the referrer in all cases.
- origin-when-cross-origin: It sends the origin, path, and query string when performing a same-origin request, but only send the origin of the document for other cases.
- same-origin: It specifies that the referrer will be sent for same-site origins, but cross-origin requests will send no referrer information.
- strict-origin-when-cross-origin: It sends the origin, path, and query string when performing a same-origin request, only sends the origin when the protocol security level stays the same while performing a cross-origin request (HTTPS/HTTPS), and send no header to any less-secure destinations (HTTPS/HTTP).
- unsafe-url: It sends origin. path and query string but not include fragment, password and username.
Example: Below code illustrates the use of referrerpolicy attribute in <script> element.
<!DOCTYPE html>
<html>
<head>
<title>HTML script referrerpolicy Attribute</title>
</head>
<body style="text-align: center">
<h1>GeeksForGeeks</h1>
<h2>HTML script referrerpolicy Attribute</h2>
<br />
<button>Submit</button>
<script id="myGeeks" type="text/javascript"
src="my_script.js" referrerpolicy="no-referrer">
</script>
</body>
</html>
Output:
Supported Browsers:
- Google Chrome 70.0 and above
- Firefox 65.0 and above
- Internet Explorer Not Supported
- Opera
- Safari 13.1 and above
- Edge 79.0 and above
