diff --git a/source b/source index f3091d30515..8f7a1e8d4c3 100644 --- a/source +++ b/source @@ -2802,7 +2802,6 @@ a.setAttribute('href', 'http://example.com/'); // change the content attribute d
about:blank
User-Agent
` value
The following terms are defined in Referrer Policy:
policy-token
productionno-referrer
",
- "no-referrer-when-downgrade
",
- "same-origin
",
- "origin
",
- "strict-origin
",
- "origin-when-cross-origin
",
- "strict-origin-when-cross-origin
", and
- "unsafe-url
" policiesReferrer-Policy
` HTTP headerReferrer-Policy
` header algorithmA referrer policy attribute is an enumerated attribute. - The following table lists the keywords and states for the attribute — the keywords in the - left column map to the states in the cell in the second column on the same row as the keyword. - These states are all referrer policies, and their impact on - the processing model of various fetches is defined in more - detail in the WHATWG Fetch standard and in Referrer Policy.
+ Each referrer policy, including the empty string, is a keyword for this attribute, + mapping to a state of the same name. -Keyword - | State - | Brief description - |
---|---|---|
no-referrer
- | "no-referrer "
- | Requests for the element will have no referrer sent at all. - |
no-referrer-when-downgrade
- | "no-referrer-when-downgrade "
- | Requests for the element will send a full URL as - their referrer to destinations that are - a priori authenticated URLs; otherwise, - no referrer will be sent. - |
same-origin
- | "same-origin "
- | Requests for the element will send a full URL as - their referrer to the same origin, - but no referrer will be sent for cross-origin - requests. - |
origin
- | "origin "
- | Requests for the element will only send an - origin as their referrer. - |
strict-origin
- | "strict-origin "
- | Requests for the element will only send an - origin as their referrer - to destinations that are a priori - authenticated URLs; otherwise, no - referrer will be sent. - |
origin-when-cross-origin
- | "origin-when-cross-origin "
- | Requests for the element will send a full URL as - their referrer to the same origin, - but will only send an origin as their referrer for cross-origin requests. - |
strict-origin-when-cross-origin
- | "strict-origin-when-cross-origin "
- | Requests for the element will send a full URL as - their referrer to the same origin, - only send an origin as - their referrer for cross-origin requests to - destinations that are a priori authenticated - URLs; otherwise, no referrer will be - sent. - |
unsafe-url
- | "unsafe-url "
- | Requests for the element will send a full URL as - their referrer in all cases. - |
An additional state is given by the empty string (which is also a valid referrer - policy). The attribute's invalid value default and The attribute's invalid value default and missing value default are both the empty string state.
+The impact of these states on the processing model of various fetches is defined in more detail throughout this specification, in + the WHATWG Fetch standard, and in Referrer Policy.
+Several signals can contribute to which processing model is used for a given fetch; a referrer policy attribute is only one of @@ -13372,19 +13300,8 @@ interface HTMLMetaElement : HTMLElement {
referrer
The value must match the policy-token
production,
- defining a default referrer policy for the Document
.
In particular, although they impact the processing model, the legacy
- values never
, default
, and always
must not be used by authors; instead, use no-referrer
, no-referrer-when-downgrade
, and unsafe-url
, respectively.
The valid values for the content
- attribute in this state match the keywords for referrer
- policy attributes.
The value must be a referrer policy, which defines the default referrer
+ policy for the Document
.
name
attribute, whose value is
- referrer
.referrer
content
attributehead
element of the documentIf value is not the empty string, then:
Let policy be the result of determining the policy for - value.
Let policy be the result of determining the policy for + value.
+ +This step allows the legacy values never
, default
, and always
to take the place of the
+ standard referrer policies no-referrer
, no-referrer-when-downgrade
, and unsafe-url
,
+ respectively. Per the above conformance requirement, these legacy values must never be
+ used by authors, even though this step causes them to impact the processing model.
If policy is not the empty string, then set element's node document's referrer @@ -13472,9 +13398,9 @@ interface HTMLMetaElement : HTMLElement { meet the following criteria, in tree order:
name
attribute, whose value is
- theme-color
.theme-color
content
attributeimg
;
link
no-referrer
";
- "no-referrer-when-downgrade
";
- "same-origin
";
- "origin
";
- "strict-origin
";
- "origin-when-cross-origin
";
- "strict-origin-when-cross-origin
";
- "unsafe-url
"
+ rel
a
;