Fix redirect after log-in when allow_referrer_origin setting is enabled (#33903)

2025-02-12 13:58:48 +01:00
parent 7a50fd8849
commit db59f37269
1 changed files with 1 additions and 1 deletions
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@@ -46,6 +46,6 @@ module WebAppControllerConcern
  protected

  def set_referer_header
-    response.set_header('Referrer-Policy', Setting.allow_referrer_origin ? 'origin' : 'same-origin')
+    response.set_header('Referrer-Policy', Setting.allow_referrer_origin ? 'strict-origin-when-cross-origin' : 'same-origin')
  end
 end