What is Referrer Policy?
An HTTP header that controls how much URL information is shared when navigating from one page to another, affecting cross-site tracking.
When you click a link from Site A to Site B, your browser normally sends Site B a "Referer" header containing the full URL of Site A. Referrer Policy controls this behavior.
Why It Matters
- The referring URL can contain sensitive information (search queries, page titles, user IDs)
- It reveals your browsing path to every site you visit
- Marketers use referrer data to track traffic sources
Policy Options
- no-referrer: Never send referrer information
- origin: Send only the domain, not the full URL
- strict-origin-when-cross-origin: Full URL for same-site, origin only for cross-site (recommended default)
- no-referrer-when-downgrade: Don't send referrer when going from HTTPS to HTTP
Current Defaults
Most modern browsers default to strict-origin-when-cross-origin, which is a reasonable balance between privacy and functionality.
Related Terms
HTTPS
Hypertext Transfer Protocol Secure is the encrypted version of HTTP, the protocol used to transfer data between your browser and websites. HTTPS uses TLS encryption to protect the confidentiality and integrity of data in transit, preventing eavesdropping and tampering.
Metadata
Data about data. In the context of communications, metadata includes information like who you contacted, when, for how long, and from where—everything except the actual content of your message. Metadata can reveal intimate details about your life even when content is encrypted.
Third-Party Tracking
The practice of monitoring user behavior across multiple websites using embedded scripts, pixels, cookies, and fingerprinting techniques.
Have more questions?
Use our guided flow to get the right next privacy step for Referrer Policy.
Open Guided Flow