The
HTMLImageElement.referrerPolicy
property reflects the HTML referrerpolicy attribute of the
<img> element defining which referrer is sent when fetching the
resource.
The URL is sent
as a referrer when the protocol security level stays the same (e.g.HTTP→HTTP,
HTTPS→HTTPS), but isn't sent to a less secure destination (e.g., HTTPS→HTTP).
Only send the origin of the document as the referrer in all cases.
The document https://example.com/page.html will send the referrer
https://example.com/.
Only send the origin of the document as the referrer when the protocol security
level stays the same (e.g., HTTPS→HTTPS), but don't send it to a less secure
destination (e.g., HTTPS→HTTP).
This is the user agent's default behavior if no policy is specified. Send a full URL when performing a same-origin request, only send the origin when the
protocol security level stays the same (e.g., HTTPS→HTTPS), and send no header to a
less secure destination (e.g., HTTPS→HTTP).
Send a full URL when performing a same-origin or cross-origin request. This policy
will leak origins and paths from TLS-protected resources to insecure origins.
Carefully consider the impact of this setting.
const img = new Image();
img.src = "img/logo.png";
img.referrerPolicy = "origin";
const div = document.getElementById("divAround");
div.appendChild(img); // Fetch the image using the origin as the referrer
