Atributo HTML <iframe> referrerpolicy
Ejemplo
Especifica que no se enviará información de referencia junto con la solicitud:
<iframe src="https://w3schools.com/" referrerpolicy="no-referrer"></iframe>
Definición y uso
El referrerpolicyatributo especifica qué información de referencia enviar al obtener un iframe.
Compatibilidad con navegador
Los números de la tabla especifican la primera versión del navegador que es totalmente compatible con el atributo.
| Attribute | |||||
|---|---|---|---|---|---|
| referrerpolicy | 51.0 | 79.0 | 50.0 | 11.1 | 38.0 |
Sintaxis
<iframe
referrerpolicy="no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin-when-cross-origin|unsafe-url">
Valores de atributo
| Value | Description |
|---|---|
| no-referrer | No referrer information will be sent along with a request |
| no-referrer-when-downgrade | Default. The referrer header will not be sent to origins without HTTPS |
| origin | Send only scheme, host, and port to the request client |
| origin-when-cross-origin | For cross-origin requests: Send only scheme, host, and port. For same-origin requests: Also include the path |
| same-origin | For same-origin requests: Referrer info will be sent. For cross-origin requests: No referrer info will be sent |
| strict-origin | Only send referrer info if the security level is the same (e.g. HTTPS to HTTPS). Do not send to a less secure destination (e.g. HTTPS to HTTP) |
| strict-origin-when-cross-origin | Send full path when performing a same-origin request. Send only origin when the security level stays the same (e.g. HTTPS to HTTPS). Send no header to a less secure destination (HTTPS to HTTP) |
| unsafe-url | Send origin, path and query string (but not fragment, password, or username). This value is considered unsafe |
❮ Etiqueta HTML <iframe>