就业培训     下载中心     Wiki     联络
登录   注册
  1. 首页
  2. Web API
  3. HTMLScriptElement
  4. HTMLScriptElement.referrerPolicy

在此页

referrerPolicy 特性为 HTMLScriptElement interface reflects the HTML referrerpolicy <script> element and fetches made by that script, defining which referrer is sent when fetching the resource.

句法 

refStr = scriptElem.referrerPolicy;
scriptElem.referrerPolicy = refStr;

A DOMString ; one of the following:

no-referrer
Referer header will be omitted entirely. No referrer information is sent along with requests.
no-referrer-when-downgrade (default)

This is the user agent's default behavior if no policy is specified. The URL is sent as a referrer when the protocol security level stays the same (e.g.HTTP→HTTP, HTTPS→HTTPS), but isn't sent to a less secure destination (e.g. HTTPS→HTTP).

origin
Only send the origin of the document as the referrer in all cases.
The document https://example.com/page.html will send the referrer https://example.com/ .
origin-when-cross-origin

Send a full URL when performing a same-origin request, but only send the origin of the document for other cases.

same-origin
A referrer will be sent for same-site origins , but cross-origin requests will contain no referrer information.
strict-origin

Only send the origin of the document as the referrer when the protocol security level stays the same (e.g. HTTPS→HTTPS), but don't send it to a less secure destination (e.g. HTTPS→HTTP).

strict-origin-when-cross-origin

Send a full URL when performing a same-origin request, only send the origin when the protocol security level stays the same (e.g. HTTPS→HTTPS), and send no header to a less secure destination (e.g. HTTPS→HTTP).

unsafe-url

Send a full URL when performing a same-origin or cross-origin request. This policy will leak origins and paths from TLS-protected resources to insecure origins. Carefully consider the impact of this setting.

注意 : An empty string value ( "" ) is both the default value, and a fallback value if referrerpolicy is not supported. If referrerpolicy is not explicitly specified on the <script> element, it will adopt a higher-level referrer policy, i.e. one set on the whole document or domain. If a higher-level policy is not available, the empty string is treated as being equivalent to no-referrer-when-downgrade .

范例 

var scriptElem = document.createElement("script");
scriptElem.src = "/";
scriptElem.referrerPolicy = "unsafe-url";
document.body.appendChild(script);

规范

规范 状态 注释
Referrer Policy
The definition of 'referrerpolicy attribute' in that specification. 		候选推荐 添加 referrerPolicy 属性。
HTML 实时标准
The definition of 'HTMLScriptElement: referrerPolicy' in that specification. 		实时标准

浏览器兼容性

The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request. 更新 GitHub 上的兼容性数据
桌面 移动
Chrome Edge Firefox Internet Explorer Opera Safari Android webview Chrome for Android Firefox for Android Opera for Android Safari on iOS Samsung Internet
referrerPolicy Chrome 70 Edge ≤79 Firefox 65 IE No Opera Yes Safari No WebView Android 70 Chrome Android 70 Firefox Android 65 Opera Android Yes Safari iOS No Samsung Internet Android 10.0

图例

完整支持

完整支持

不支持

不支持

另请参阅

元数据

  • 最后修改:
  1. HTMLScriptElement
  2. 特性
    1. referrerPolicy
  3. 继承:
    1. HTMLElement
    2. 元素
    3. 节点
    4. EventTarget