Referrer-Policy

HTTP response header

Referrer-Policy is a security header that can (and should) be included on communication from your website's server to a client. The Referrer-Policy tells the web-browser how to handle referrer information that is sent to websites when a user clicks a link that leads to another page or website

Header usage statistics

Referrer-Policy response header information and usage statistics.
Websites using header Referrer-Policy4,255,090
Percentage of websites that use Referrer-Policy header6.38%
Total discovered header values546
Header uses directivesYes
Header values are unique or randomNo
Most popular in the country United States

Referrer-Policy directives (8 total)

  • no-referrer
  • no-referrer-when-downgrade
  • origin
  • origin-when-cross-origin
  • same-origin
  • strict-origin
  • strict-origin-when-cross-origin
  • unsafe-url

Referrer-Policy Directives

Referrer-Policy directives value information and usage statistics
DirectiveShareWebsites countUnique Values
strict-origin-when-cross-origin41.69%1,774,0531
no-referrer-when-downgrade25.63%1,090,5461
same-origin12.15%517,1651
origin9.35%397,8621
no-referrer6.51%276,8431
origin-when-cross-origin3.72%158,1571
strict-origin2.96%125,7591
unsafe-url1.68%71,6081

Websites utilizing Referrer-Policy

List of websites that use Referrer-Policy header
DomainCountryRankContacts
github.com United States21
cloudflare.com United States27
pinterest.com United States32
afternic.com United States52
fonts.adobe.com United States75
login.microsoftonline.com United States83
See full domain list

Common header values

List of top common Referrer-Policy header values
Header valueValue prevalence
strict-origin-when-cross-origin38.71%
no-referrer-when-downgrade24.19%
same-origin11.90%
origin9.23%
no-referrer5.74%
origin-when-cross-origin2.84%
strict-origin2.80%
unsafe-url1.64%
no-referrer-when-downgrade, strict-origin-when-cross-origin1.14%
origin-when-cross-origin, strict-origin-when-cross-origin0.82%
no-referrer, strict-origin-when-cross-origin0.56%
: no-referrer-when-downgrade, strict-origin0.11%
value0.03%
no-referrer, same-origin0.02%
yes0.02%
'same-origin'0.02%
same-origin, strict-origin-when-cross-origin0.02%
origin, unsafe-url0.01%
SAMEORIGIN0.01%
default, no-referrer-when-downgrade0.01%