Wrong Referrer Policy implementation has been corrected

Published: | Categories: HTML Privacy & Security

Description

Firefox, along with Google Chrome, was implementing a wrong policy value, origin-when-crossorigin, found in the Referrer Policy specification, since the support for <meta name="referrer"> and the CSP 1.1 referrer directive has been added to Firefox 36 and 37 respectively. The spec has been updated and Firefox 41 has added the support for the correct value, origin-when-cross-origin (notice an extra hyphen). The legacy wrong value will no longer be supported in the future.

References