Directive Referrer-Policy about plg_system_httpheader HOT 7 CLOSED

Hmm IIRC you could define it a bit higher on the server level maybe your hoster could take a look there?
You could also try to use: Header always set within the htaccess as that should overrule such setup. But after that I'm going to be out of ideas here sorry.

As you confirmed that its not an issue within the plugin i'm closing here for now. Feel free to update here once you found the solution. Thanks!

from plg_system_httpheader.

Hi,

the issue is that nowdays the "no-referrer-when-downgrade" (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) is the default behavior so when you want to be more strict you should set the header to something more strict than that for example same-origin Than this issues should not come up again.

from plg_system_httpheader.

@zero-24 Still the warning. I wrote this here, because I saw if you add, all what do the plugin directly in the .htaccess then do not show this warning. So, I was/still not sure if can be relate with the plugin

from plg_system_httpheader.

hmm from your sceenshot it seems there are two headers with the same name but one that is empty? Could it be a rule from the htaccess?

from plg_system_httpheader.

I did not notice that. No, I not touched the .htaccess at all, but will check it. This is very strange.

from plg_system_httpheader.

@carlitorweb Do you have any update here? Was that solved in the meantime? Could you find the place where the empty rule was comming from?

from plg_system_httpheader.

@zero-24 Is not the plugin for sure, that I know 100% after test it well. So, you can close this entry.

However, I still getting the empty referrer-policy. I checked the .htaccess and is clean. The template too. I not sure where else this can be defined, I not found any other place for search.

from plg_system_httpheader.