plume/referrer_policy

Referrer-Policy

This response header controls how much referrer information (sent via the Referer header) should be included with requests made from a document. Restricting referrer information helps protect user privacy and can prevent leaking sensitive data contained in URLs (such as session identifiers or internal paths) to third-party sites.

In the descriptions below, “full URL” refers to the origin, path, and query string; the fragment is always stripped from the Referer header.

See the MDN docs.

Types

ReferrerPolicy

</>

A Referrer-Policy header value.

pub type ReferrerPolicy {
  NoReferrer
  NoReferrerWhenDowngrade
  Origin
  OriginWhenCrossOrigin
  SameOrigin
  StrictOrigin
  StrictOriginWhenCrossOrigin
  UnsafeUrl
}

Constructors

```
NoReferrer
```
Omit the Referer header entirely. Plume default.
```
NoReferrerWhenDowngrade
```
Send the full URL except when downgrading from HTTPS to HTTP.
```
Origin
```
Send only the document’s origin.
```
OriginWhenCrossOrigin
```
Send the full URL for same-origin requests, just the origin for cross-origin requests.
```
SameOrigin
```
Send the full URL for same-origin requests; omit the header for cross-origin requests.
```
StrictOrigin
```
Send only the origin, and omit the header on HTTPS→HTTP downgrades.
```
StrictOriginWhenCrossOrigin
```
Send the full URL for same-origin, just the origin for cross-origin, and omit the header on HTTPS→HTTP downgrades. Browser default.
```
UnsafeUrl
```
Send the full URL with every request. Unsafe — may leak URLs from TLS-protected resources to insecure origins.

Values

to_string

</>

pub fn to_string(value: ReferrerPolicy) -> String

Encode as the Referrer-Policy header value.