Referrer policy | Frontend Practical Guide

Widely availableAn important policy decision for applications that handle sensitive paths, user identifiers, or third-party integrations.

Overview

Referrer policy controls how much referring URL information the browser sends with outgoing requests. It helps balance analytics needs with privacy and security.

Browser support

Feature	Desktop				Mobile
Feature	Chrome	Edge	Firefox	Safari	Chrome Android	Safari iOS
`api.HTMLAnchorElement.referrerPolicy`	52	79	50	14	52	14
HTML attribute
`referrerpolicy`	51	79	50	14	51	14
`referrerpolicy`	51	79	50	14	51	14
`referrerpolicy`	51	79	50	14	51	14
`referrerpolicy`	51	79	50	14	51	14
`referrerpolicy`	51	79	50	14	51	14
`referrerpolicy`	70	79	65	14	70	14
DOM API
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	52	79	61	14	52	14
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	52	79	61	14	52	14
`referrerPolicy (unsafe-url)` unsafe-url	52	79	61	14	52	14
`referrerPolicy` The HTMLAreaElement.referrerPolicy property reflect the HTML referrerpolicy attribute of the area element defining which referrer is sent when fetching the resource.	52	79	50	14.1	52	14.5
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	52	79	61	14.1	52	14.5
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	52	79	61	14.1	52	14.5
`referrerPolicy (unsafe-url)` unsafe-url	52	79	61	14.1	52	14.5
`referrerPolicy` The HTMLIFrameElement.referrerPolicy property reflects the HTML referrerpolicy attribute of the iframe element defining which referrer is sent when fetching the resource.	52	79	50	14	52	14
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	52	79	61	14	52	14
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	52	79	61	14	52	14
`referrerPolicy (unsafe-url)` unsafe-url	52	79	61	14	52	14
`referrerPolicy` The referrerPolicy property of the HTMLImageElement interface defining which referrer is sent when fetching the resource. It reflects the element's referrerpolicy content attribute.	52	79	50	14	52	14
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	52	79	61	14	52	14
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	52	79	61	14	52	14
`referrerPolicy (unsafe-url)` unsafe-url	52	79	61	14	52	14
`referrerPolicy` The referrerPolicy property of the HTMLLinkElement interface reflects the HTML referrerpolicy attribute of the link element defining which referrer is sent when fetching the resource.	58	79	50	14.1	58	14.5
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	58	79	50	14.1	58	14.5
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	58	79	50	14.1	58	14.5
`referrerPolicy (unsafe-url)` unsafe-url	58	79	50	14.1	58	14.5
`referrerPolicy` The referrerPolicy property of the HTMLScriptElement interface reflects the HTML referrerpolicy of the script element, which defines how the referrer is set when fetching the script and any scripts it imports.	70	79	65	14	70	14
`referrerPolicy (no-referrer-when-downgrade)` no-referrer-when-downgrade	70	79	65	14	70	14
`referrerPolicy (origin-when-cross-origin)` origin-when-cross-origin	70	79	65	14	70	14
`referrerPolicy (unsafe-url)` unsafe-url	70	79	65	14	70	14
Other
`html.elements.a.referrerpolicy.no-referrer-when-downgrade` no-referrer-when-downgrade	51	79	50		51
`html.elements.a.referrerpolicy.origin-when-cross-origin` origin-when-cross-origin	51	79	50		51
`html.elements.a.referrerpolicy.unsafe-url` unsafe-url	51	79	50		51
`html.elements.area.referrerpolicy.no-referrer-when-downgrade` no-referrer-when-downgrade	51	79	50		51
`html.elements.area.referrerpolicy.origin-when-cross-origin` origin-when-cross-origin	51	79	50		51
`html.elements.area.referrerpolicy.unsafe-url` unsafe-url	51	79	50		51
`html.elements.iframe.referrerpolicy.no-referrer-when-downgrade` no-referrer-when-downgrade	51	79	50		51
`html.elements.iframe.referrerpolicy.origin-when-cross-origin` origin-when-cross-origin	51	79	50		51
`html.elements.iframe.referrerpolicy.unsafe-url` unsafe-url	51	79	50		51
`html.elements.img.referrerpolicy.no-referrer-when-downgrade` no-referrer-when-downgrade	51	79	50		51
`html.elements.img.referrerpolicy.origin-when-cross-origin` origin-when-cross-origin	51	79	50		51
`html.elements.img.referrerpolicy.unsafe-url` unsafe-url	51	79	50		51
`html.elements.link.referrerpolicy.no-referrer-when-downgrade` no-referrer-when-downgrade	51	79	50		51
`html.elements.link.referrerpolicy.origin-when-cross-origin` origin-when-cross-origin	51	79	50		51
`html.elements.link.referrerpolicy.unsafe-url` unsafe-url	51	79	50		51
`html.elements.script.referrerpolicy.no-referrer-when-downgrade`	70	79	65		70
`html.elements.script.referrerpolicy.origin-when-cross-origin`	70	79	65		70
`html.elements.script.referrerpolicy.unsafe-url`	70	79	65		70
`http.headers.Referrer-Policy` The HTTP Referrer-Policy response header controls how much referrer information (sent with the Referer header) should be included with requests. Aside from the HTTP header, you can set this policy in HTML.	56	79	50	11.1	56	12
`http.headers.Referrer-Policy.default_strict-origin-when-cross-origin` Default policy is `strict-origin-when-cross-origin`	85	85	87	15	85	15
`http.headers.Referrer-Policy.no-referrer-when-downgrade` no-referrer-when-downgrade	56	79	50	11.1	56	12
`http.headers.Referrer-Policy.origin-when-cross-origin` origin-when-cross-origin	56	79	50	11.1	56	12
`http.headers.Referrer-Policy.same-origin` same-origin	61	79	52	11.1	61	12
`http.headers.Referrer-Policy.strict-origin` strict-origin	61	79	52	11.1	61	12
`http.headers.Referrer-Policy.strict-origin-when-cross-origin` strict-origin-when-cross-origin	61	79	52	11.1	61	12
`http.headers.Referrer-Policy.unsafe-url` unsafe-url	56	79	50	11.1	56	12

1+Supported (version) Not supported ※Has note Sub-feature descriptions sourced from MDN Web Docs (CC BY-SA 2.5)

Syntax

HTML

<meta name="referrer" content="strict-origin-when-cross-origin">

<a href="https://external.com" referrerpolicy="no-referrer">
  Links without a referrer
</a>

Live demo

Referrer policy matrix

Compare the amount of referrer information sent by common policies.

PreviewFullscreen

Privacy trade-off

Explain how referrer policy balances analytics detail and cross-site privacy.

PreviewFullscreen

Policy selection notes

Choose a default policy deliberately instead of relying on assumptions.

PreviewFullscreen

Use cases

Protecting sensitive paths
Limit what destination sites learn about the current page URL when users follow links or load external assets.
Third-party integration hygiene
Reduce unnecessary URL leakage to analytics, embeds, and remote resources.

Cautions

A policy that is too restrictive may affect some analytics or workflow expectations, so choose it deliberately rather than blindly.
Policy needs may differ between global defaults and specific high-sensitivity routes.

Overview

Browser support

Syntax

Live demo

Referrer policy matrix

Privacy trade-off

Policy selection notes

Use cases

Protecting sensitive paths

Third-party integration hygiene

Cautions

Accessibility

Related links