Skip to content

Add Referrer-Policy Header support #4110

Closed
Closed
Add Referrer-Policy Header support#4110
Labels
in: webAn issue in web modules (web, webmvc)type: enhancementA general enhancement
Milestone
4.2.0
@rwinch

Description

@rwinch
rwinch
opened on Oct 27, 2016

We should add support for Referrer-Policy via a header. This would be off by default to remain passive. Examples might be:

<http>
    <headers>
        <!-- defaults to using "no-referrer" -->
        <referrer-policy />
    </headers>
</http>
<http>
    <headers>
        <referrer-policy policy="same-origin"/>
    </headers>
</http>
    http
        .headers()
            // defaults to using "no-referrer"
            .referrerPolicy().and()
    http
        .headers()
            // defaults to using "no-referrer"
            .referrerPolicy(ReferrerPolicy.SAME_ORIGIN).and()

The possible values come from https://www.w3.org/TR/referrer-policy/#referrer-policies

Changes should

  • Update the XML and Java Config and include tests
  • Update the the rnc files used to create the schema the schema (can be generated from the config directory using ../gradlew rncToXsd
  • Update the documentation (both headers section of the docs and the namespace appendix)

NOTE: A good example of the touch points can be found in #3763

Metadata

Metadata

Assignees

No one assigned

    Labels

    in: webAn issue in web modules (web, webmvc)type: enhancementA general enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions