From 200701c1bddae4b9a854579ced35cb6aa325ad63 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Wed, 29 May 2024 17:47:27 +0200
Subject: move referrer-policy to HTTP header and harden

---
 config.toml             | 1 +
 templates/404.html      | 1 -
 templates/homepage.html | 1 -
 templates/list.html     | 1 -
 templates/post.html     | 1 -
 templates/tags.html     | 1 -
 6 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/config.toml b/config.toml
index de6c9d5..70ed9f7 100644
--- a/config.toml
+++ b/config.toml
@@ -42,6 +42,7 @@ oidc_host = "https://id.alanpearce.eu/"
 [extra.headers]
   cache-control = "max-age=14400"
   x-content-type-options = "nosniff"
+  referrer-policy = "strict-origin-when-cross-origin"
   strict-transport-security = "max-age=63072000; includeSubDomains; preload"
 
 [[menus.main]]
diff --git a/templates/404.html b/templates/404.html
index eade0f9..81b2a54 100644
--- a/templates/404.html
+++ b/templates/404.html
@@ -4,7 +4,6 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Site Title</title>
-    <meta name="referrer" content="no-referrer-when-downgrade" />
     <link
       rel="alternate"
       type="application/atom+xml"
diff --git a/templates/homepage.html b/templates/homepage.html
index d256e8c..60bedb8 100644
--- a/templates/homepage.html
+++ b/templates/homepage.html
@@ -4,7 +4,6 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Site Title</title>
-    <meta name="referrer" content="no-referrer-when-downgrade" />
     <link
       rel="alternate"
       type="application/atom+xml"
diff --git a/templates/list.html b/templates/list.html
index 74d6576..1c0b32b 100644
--- a/templates/list.html
+++ b/templates/list.html
@@ -4,7 +4,6 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Site Title</title>
-    <meta name="referrer" content="no-referrer-when-downgrade" />
     <link
       rel="alternate"
       type="application/atom+xml"
diff --git a/templates/post.html b/templates/post.html
index 7574a1f..3dad16c 100644
--- a/templates/post.html
+++ b/templates/post.html
@@ -4,7 +4,6 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title></title>
-    <meta name="referrer" content="no-referrer-when-downgrade" />
     <link
       rel="alternate"
       type="application/atom+xml"
diff --git a/templates/tags.html b/templates/tags.html
index 79c1c09..1ff18c0 100644
--- a/templates/tags.html
+++ b/templates/tags.html
@@ -4,7 +4,6 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Site Title</title>
-    <meta name="referrer" content="no-referrer-when-downgrade" />
     <link
       rel="alternate"
       type="application/atom+xml"
-- 
cgit 1.4.1