1. Web
  2. HTML
  3. Reference
  4. Elements
  5. <meta>
  6. <meta> name
  7. referrer

<meta name="referrer">

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since ⁨January 2020⁩.

The referrer value for the name attribute of the <meta> element controls the HTTP Referer header of requests sent from the document. If specified, you define the referrer using a content attribute in the <meta> element as a keyword value.

For example, the following <meta> element sends the origin of the document as the referrer:

html
<meta name="referrer" content="origin" />

Warning: Dynamically inserting <meta name="referrer"> (with document.write() or appendChild()) makes the referrer behavior unpredictable. When several conflicting policies are defined, the no-referrer policy is applied.

Usage notes

A <meta name="referrer"> element has the following additional attributes:

content

Sets the document referrer. You must define this attribute. Accepts one of the following values:

no-referrer

Does not send an HTTP Referer header.

origin

Sends the origin of the document.

no-referrer-when-downgrade

Sends the full URL when the destination is at least as secure as the current page (HTTP(S)→HTTPS), but sends no referrer when it's less secure (HTTPS→HTTP). This is the default behavior.

origin-when-cross-origin

Sends the full URL (stripped of parameters) for same-origin requests, but only sends the origin for other cases.

same-origin

Sends the full URL (stripped of parameters) for same-origin requests. Cross-origin requests will contain no referrer header.

strict-origin

Sends the origin when the destination is at least as secure as the current page (HTTP(S)→HTTPS), but sends no referrer when it's less secure (HTTPS→HTTP).

strict-origin-when-cross-origin

Sends the full URL (stripped of parameters) for same-origin requests. Sends the origin when the destination is at least as secure as the current page (HTTP(S)→HTTPS). Otherwise, sends no referrer.

unsafe-URL

Sends the full URL (stripped of parameters) for same-origin or cross-origin requests.

Examples

Removing a referrer from requests

The following <meta> element specifies that the document shouldn't send a Referer header with HTTP requests from the document:

html
<meta name="referrer" content="no-referrer" />

Specifications

Specification
HTML
# meta-referrer

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content