I'm running into something very weird when adding the Referrer-Policy directive using OLS.
I am setting it to: Referrer-Policy: no-referrer, strict-origin-when-cross-origin
The CHROME browser complains about this with the following error:
Failed to set referrer policy: The value 'strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin;' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
Weirdly, Firefox does not complain.
When I use the same directive on an NGINX web server, the Chrome browser does not complain.
I am unsure how to debug this. It doesn't make sense that the same directive would elicit a different response in the browser depending on which web server renders the page.
I did look in the browser network tab to make sure that the directive was the same when rendering the page with both OLS and NGINX.
Any ideas would be appreciated.
I am setting it to: Referrer-Policy: no-referrer, strict-origin-when-cross-origin
The CHROME browser complains about this with the following error:
Failed to set referrer policy: The value 'strict-origin-when-cross-origin, no-referrer, strict-origin-when-cross-origin;' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
Weirdly, Firefox does not complain.
When I use the same directive on an NGINX web server, the Chrome browser does not complain.
I am unsure how to debug this. It doesn't make sense that the same directive would elicit a different response in the browser depending on which web server renders the page.
I did look in the browser network tab to make sure that the directive was the same when rendering the page with both OLS and NGINX.
Any ideas would be appreciated.
