nginx/application: Changed Referrer-Policy to strict-origin

For better enforcing of secure handling of referrer information
4 years ago · e2b7778c8b
parent 54a8ad0d86
commit e2b7778c8b
1 changed files with 1 additions and 1 deletions
--- a/roles/nginx/application/templates/https.conf
+++ b/roles/nginx/application/templates/https.conf
@ -1,3 +1,3 @@
 include {{ nginx_snippets_directory }}/ssl;
 add_header Strict-Transport-Security 'max-age=63115200; includeSubDomains; preload';
-add_header 'Referrer-Policy' 'same-origin';
+add_header 'Referrer-Policy' 'strict-origin';