Parameter:
DOMINO_REFERRER_POLICYShort description: Sets the
Referrer-Policy header for HTTP responses – controls what referrer information the browser passes to third-party sites.Profile
Parameter | DOMINO_REFERRER_POLICY |
Category | HTTP / Web |
Component | Server |
Available since | 12.0 |
Supported versions | 12.0, 14.0, 14.5, 14.5.1 |
GUI equivalent | Web Site / Internet Site document |
Possible values | no-referrer, no-referrer-when-downgrade, same-origin, origin, strict-origin, origin-when-cross-origin, strict-origin-when-cross-origin, unsafe-url |
Description
With
DOMINO_REFERRER_POLICY, the HTTP task sets the Referrer-Policy header on every response. This allows the server to control whether and what part of the URL is passed as the Referer header to external targets when a user follows a link or a resource is loaded cross-origin. From a privacy and security perspective, strict-origin-when-cross-origin or no-referrer is usually recommended today.Example configuration
DOMINO_REFERRER_POLICY=strict-origin-when-cross-origin
Notes & pitfalls
- Takes effect only after
restart task http.
no-referrermay disrupt internal tools or web analytics that rely on the Referer header – check beforehand.
- Applies globally; can be overridden per site/path via Web Site Rule documents.
- Part of the standard headers checked by common security scanners (Mozilla Observatory, securityheaders.com).