I'm having an implementation of an iframe which is used on many third-party websites. Within the iframe there is a login that redirects to my main page for login and should redirect back to the third party site then.
The iframe is having referrerpolicy="unsafe-url" so the iframe gets the full-url to redirect back to:
<iframe referrerpolicy="unsafe-url" ....>
This works all and good except in firefox.
In all other browsers its www.example.com/subpage/pagewithmyiframe.html
In firefox its only www.example.com Which is a problem, why does firefox completely ignore the referrerpolicy parameter?
Is this a firefox bug? Why is there no way to control if I want to trust this url or not. thats what the referrerpolicy parameter is there for. I want to control if I allow it or not.