const classafSleepSafe::ReferrerPolicyGuard

sys::Obj
  afSleepSafe::ReferrerPolicyGuard : afSleepSafe::Guard

Guards against internal URL leakage by setting a Referrer-Policy HTTP response header that tells browsers how and when to transmit the HTTP Referer (sic) header.

Referrer-Policy: same-origin

See Referrer-Policy on MDN for details.

IoC Configuration

afIocConfig Key

Value

afSleepSafe.referrerPolicy

Defines when the referrer header should be sent.

Defaults to no-referrer, strict-origin-when-cross-origin which disables referrers for browsers that don't support strict-origin-when-cross-origin. See Web Security Guidelines for details.

Example:

@Contribute { serviceType=ApplicationDefaults# }
Void contributeAppDefaults(Configuration config) {
    config["afSleepSafe.referrerPolicy"] = "no-referrer"
}

To disable, remove this class from the SleepSafeMiddleware configuration:

@Contribute { serviceType=SleepSafeMiddleware# }
Void contributeSleepSafeMiddleware(Configuration config) {
    config.remove(ReferrerPolicyGuard#)
}