error int the Failed to set referrer policy

I'm getting the following error in my chrome console for a Wordpress site I'm working on.

Failed to set referrer policy: The value 'http://example.com/comic/' is not one of 'always', 'default', 'never', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-crossorigin', or 'unsafe-url'. The referrer policy has been left unchanged.

It's reffereing to this line in the <head> of the HTML document...

<meta name="Referrer" content="http://example.com/comic/" />

I'm vieing the page over http, not https.

What is causing this issue and how can I fix it?

Answers


Go into your .htaccess file and change the following:

Header set Referrer-Policy ""

to

Header set Referrer-Policy "origin"

That should fix the issue.

The reason is more than likely because you don’t have correct permissions on your .htaccess file that allows w3tc to make the changes it needs to.


Here 's the definition taken from the specs:

A referrer policy modifies the algorithm used to populate the Referer header when fetching subresources, prefetching, or performing navigations. Every environment settings object has an algorithm for obtaining a referrer policy, which is used by default for all requests with that environment settings object as their request client.

Therefore Referral policy deals with what information (related to the url) the browser ships to a server to retrieve an external resource.

The options for the content attribute listed in the specs are :

  • no-referrer which specifies that no referrer information is to be sent along with requests made from a particular request client to any origin. The header will be omitted entirely.

  • no-referrer-when-downgrade doesn't send Referrer header to non priori authenticated url (if an https url links to an http url no header is sent)

  • same-origin policy specifies that a full URL, stripped for use as a referrer, is sent as referrer information when making same-origin requests from a particular request client. while Cross-origin requests won't contain referrer information.

  • origin sends the scheme, host, and port (basically, the subdomain) stripped of the full URL as a referrer, i.e. https://moz.com/example.html would simply send https://moz.com for all.

  • origin-when-cross-origin sends the format described in origin to cross-origin, while a full stripped URL is sent to same origin requests.

  • unsafe-url policy specifies that a full URL, stripped for use as a referrer, is sent along with both cross-origin requests and same-origin requests made from a particular request client. it's unsafe because it will leak origins and paths from TLS-protected resources to insecure origins.

  • The empty string "" corresponds to no referrer policy, causing a fallback to a referrer policy defined elsewhere, or in the case where no such higher-level policy is available, defaulting to no-referrer-when-downgrade.

  • always behaves like unsafe-url.


you can manually find and change as following in .htaccess file :

<IfModule mod_headers.c>
    Header set Referrer-Policy ""
</IfModule>

to

<IfModule mod_headers.c>
    Header set Referrer-Policy "origin"
</IfModule>

Chrome Inspection Console showed me the same Error for my Wordpress sites which have W3 Total Cache installed. "Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer- when-downgrade', 'origin', 'origin-when-cross-origin'"

and I tried to update the .htaccess file as indicated in the above answer. This fixed the Chrome Inspection Console error but it returned a few moments later.

Checking the Dashboard of W3 Total Cache Performance ->Browser Cache-> Referrer Policy-> Directive, this entry was showing blank.

Selecting 'origin' from the dropdown resulted in .htaccess being updated with the same value 'origin'


"Referer" as a header is spelled without the double R. Maybe with the double R, it's matching against a different header than the one you mean.


Need Your Help

What is the T-SQL To grant read and write access to tables in a database in SQL Server?

sql-server tsql

What is the exact SQL to assign db_datareader and db_datawriter roles to a user in SQL Server?

Instantly detect client disconnection from server socket

.net c# sockets tcp connection

How can I detect that a client has disconnected from my server?