diff options
author | Søren Birkemeyer <polarbirke@gmx.de> | 2020-03-11 19:09:34 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-11 19:09:34 +0300 |
commit | 59bc435210cfed6f3cd36ca27db8c5722d5b1a96 (patch) | |
tree | 163cd921d23ec3502f9118498291564127c03db3 | |
parent | 92232cd78ee9b8ffb92c422dc28083caeebfed4b (diff) |
Always send a referrer-policy header (#15673)
-rw-r--r-- | core/View.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/core/View.php b/core/View.php index 1424736fc4..fba7366e4c 100644 --- a/core/View.php +++ b/core/View.php @@ -287,6 +287,9 @@ class View implements ViewInterface // don't send Referer-Header for outgoing links if (!empty($this->useStrictReferrerPolicy)) { Common::sendHeader('Referrer-Policy: same-origin'); + } else { + // always send explicit default header + Common::sendHeader('Referrer-Policy: no-referrer-when-downgrade'); } return $this->renderTwigTemplate(); |