The referral problem is not an unsolvable one; a new meta tag called "referrer" helps us understand how the traffic flows on the web once again. The tag must be placed in the HEAD section (like all meta tags) and allows you to control how your referrer information is passed. As it often happens for recent specifications, an early version was implemented by major browser vendors and now there are two different supported syntaxes. The possible values are:
No referrer (none)
<meta name="referrer" content="no-referrer">
<meta name="referrer" content="none">
Never pass any referral data from your site.
No referrer when downgrade (formerly "none-when-downgrade")
<meta name="referrer" content="no-referrer-when-downgrade">
<meta name="referrer" content="none-when-downgrade">
Send referrer information to secure HTTPS sites, but not to HTTP sites.
Same origin
<meta name="referrer" content="same-origin">
Using this tag will allow URL requests within your website's domain, but it denies cross-domain requests.
Origin
<meta name="referrer" content="origin">
Using this tag will only send your site’s domain or subdomain, rather than the full URL. A link from https://www.scrivito.com/referrals.html
will send https://www.scrivito.com
Strict origin
<meta name="referrer" content="strict-origin">
Will only send referral information from an HTTPS site to another HTTPS site. The referral data sent will include only your site’s domain or subdomain. Referrals to a non-HTTPS site will send no referral data.
Origin when cross-origin
<meta name="referrer" content="origin-when-crossorigin">
This tag will send the full URL of your referring page when linking within your site, but will only send the domain or subdomain when linking to external sites.
Strict origin when cross-origin
<meta name="referrer" content="strict-origin-when-crossorigin">
Using this tag will only send referral information from an HTTPS site to another HTTPS site. This tag will send the full URL of your referring page when linking within your site, but will only send the domain or subdomain when linking to external sites. Referrals to a non-HTTPS site will send no referral data.
Unsafe URL
<meta name="referrer" content="unsafe-url">
Always passes the URL string as a referrer. Note if you have any sensitive information contained in your URL, this isn't the safest option. By default, URL fragments, username, and password are automatically stripped off.
Empty String
<meta name="referrer" content="">
If the referrer tag is left empty for a specific page or link, links will use a referrer policy defined elsewhere. If there is no policy defined, links will default to "no-referrer-when-downgrade".