Merge pull request #725 from SISheogorath/fix/referrerPolicy

Add referrer policy
2025-01-11 23:14:24 +00:00 · 2018-02-12 22:23:19 +01:00 · 2018-02-12 22:23:19 +01:00 · e793738833
commit e793738833
parent bb5e021f20 714504618c
1 changed files with 7 additions and 0 deletions
--- a/app.js
+++ b/app.js
@ -110,6 +110,13 @@ if (config.hsts.enable) {
  logger.info('https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security')
 }

+// Add referrer policy to improve privacy
+app.use(
+  helmet.referrerPolicy({
+    policy: 'same-origin'
+  })
+)
+
 // Generate a random nonce per request, for CSP with inline scripts
 app.use(csp.addNonceToLocals)