Back

Referrer-Policy header cannot be recognized

By
Sooraj V Nair
Published on
05 Jun 2022

Referrer header is a request header from where the traffic originated in a site. A referrer policy header controls which referrer information should be included with the request. This server has found that HTTP header specifies unsafe referrer policy. This application does not recognize the referrer policies. If there is no adequate prevention in place the URL and even sensitive information contained in the URL will be leaked to the cross site.The lack of Referrer Policy header might affect privacy of the users and sites itself.

Impact

The impact on the applications:-

  • If there is no proper prevention, the URL itself and even sensitive information contained in the URL will be leaked to the cross-site.
  • The lack of Referrer-Policy header might affect privacy of the users and site’s itself

Mitigation / Precaution

The following are the solution for the vulnerability:-

  • It is recommended to set proper referrer policy.
  • Try to implement a Referrer Policy by using the Referrer Policy response header or by declaring it in the meta tags.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.
Product tour
Written by
Sooraj V Nair
Sooraj V Nair
Cyber Security Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.
Product tour