# HG changeset patch # User IBBoard # Date 1723371511 -3600 # Node ID 1d39bde7f9095251882e3605e2588adcf32b320b # Parent 28d327443c45d4958c79d4d367aa56a0f97f8fa0 Improve referer privacy for HTTPS Mozilla Observatory said we weren't private enough. The descriptions are a bit technical and unclear! diff -r 28d327443c45 -r 1d39bde7f909 modules/website/files/zzz-0-custom.conf --- a/modules/website/files/zzz-0-custom.conf Sun Aug 11 11:16:05 2024 +0100 +++ b/modules/website/files/zzz-0-custom.conf Sun Aug 11 11:18:31 2024 +0100 @@ -75,7 +75,7 @@ ServerTokens Minor -Header always set Referrer-Policy "no-referrer-when-downgrade" +Header always set Referrer-Policy "strict-origin-when-cross-origin" # FIXME: This shouldn't be a fixed URL! Header always set Expect-CT "max-age=0, report-uri='https://ibboard.report-uri.io/r/default/ct/reportOnly'"