The Referrer Policy, depending on its nature, may or may not allow the complete URL to be filled in for the ref parameter or the request headers. You can control the referrer policy on your own site, which will impact the request header of the hits sent to AT Internet, but are dependent on the referrer policy of other sites when it comes to traffic sources.
Below we present the different referrer policies that can be used with their definitions:
- Referrer-Policy: no-referrer: no referrer header is sent.
- Referrer-Policy: no-referrer-when-downgrade (default value): the referrer is sent if the security of the destination is a priori equal (HTTPS→HTTPS), but is not sent to a less secure destination (HTTPS→HTTP).
- Referrer-Policy: origin: only the origin of the document will be sent in all cases. The address https://atinternet.com/articles/ will send the referrer https://atinternet.com/.
- Referrer-Policy: origin-when-cross-origin: sends the full URL if the destination has the same origin, and only the origin in all other cases.
- Referrer-Policy: same-origin: the referrer will be sent for URLs with the same origin, and no referrer will be sent in other cases.
-
Referrer-Policy: strict-origin: the referrer will only contain the origin of the document if the security of the destination is a priori equal (HTTPS->HTTPS), nothing will be sent to a less secure destination (HTTPS→HTTP).
-
Referrer-Policy: strict-origin-when-cross-origin: when the request has the same origin, the complete URL is sent as referrer. Otherwise: the referrer will only contain the origin of the document if the security of the destination is a priori equal (HTTPS→HTTPS), nothing will be sent to a less secure destination (HTTPS→HTTP).
-
Referrer-Policy: unsafe-url: the complete URL is passed as referrer, whatever the case.
You can find more information about this in this article from Google developers: https://developers.google.com/web/updates/2020/07/referrer-policy-new-chrome-default