HTML <iframe > verwysingsbeleidkenmerk
Voorbeeld
Spesifiseer dat geen verwysingsinligting saam met die versoek gestuur sal word nie:
<iframe src="https://w3schools.com/" referrerpolicy="no-referrer"></iframe>
Definisie en gebruik
Die referrerpolicy
kenmerk spesifiseer watter verwyserinligting om te stuur wanneer 'n iframe gaan haal word.
Blaaierondersteuning
Die nommers in die tabel spesifiseer die eerste blaaierweergawe wat die kenmerk ten volle ondersteun.
Attribute | |||||
---|---|---|---|---|---|
referrerpolicy | 51.0 | 79.0 | 50.0 | 11.1 | 38.0 |
Sintaksis
<iframe
referrerpolicy="no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin-when-cross-origin|unsafe-url">
Eienskapwaardes
Value | Description |
---|---|
no-referrer | No referrer information will be sent along with a request |
no-referrer-when-downgrade | Default. The referrer header will not be sent to origins without HTTPS |
origin | Send only scheme, host, and port to the request client |
origin-when-cross-origin | For cross-origin requests: Send only scheme, host, and port. For same-origin requests: Also include the path |
same-origin | For same-origin requests: Referrer info will be sent. For cross-origin requests: No referrer info will be sent |
strict-origin | Only send referrer info if the security level is the same (e.g. HTTPS to HTTPS). Do not send to a less secure destination (e.g. HTTPS to HTTP) |
strict-origin-when-cross-origin | Send full path when performing a same-origin request. Send only origin when the security level stays the same (e.g. HTTPS to HTTPS). Send no header to a less secure destination (HTTPS to HTTP) |
unsafe-url | Send origin, path and query string (but not fragment, password, or username). This value is considered unsafe |
❮ HTML <iframe> tag