TechQA.

Laravel Cors Referrer Policy

2.9k views Asked by At

I run into the error below in Laravel 8 with ChatBro service when a user try to send a new message;

Seems like the 'Referrer-Policy' of your site is 'no-referral'. For correct chat's work it must be equal 'no-referrer-when-downgrade' or any other that suits you. More information about 'Referral policy' you can find

Apparently, my request header is set to Referrer Policy: no-referrer.

The request response is;

{"error":"Referer null or empty","type":"RefererException"}

I'm using laravel/cors package with the configuration below;

'paths'                    => ['api/*', 'api0/*'],
'allowed_methods'          => ['*'],
'allowed_origins'.         => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers'          => ['*'],
'exposed_headers'          => [],
'max_age'                  => 0,
'supports_credentials'     => false,

How Can I fix this?

laravel nginx referrer-policy
Original Q&A
1

There are 1 answers

0
nyedidikeke On BEST ANSWER

You may want to define that in your Nginx server block as below;

server {
  # some configuration
  add_header Referrer-Policy "no-referrer-when-downgrade";
  # other configuration
}

strict-origin-when-cross-origin is recommended over no-referrer-when-downgrade.

policy that is secure, privacy-enhancing, and useful—what "useful" means depends on what you want from the referrer

More details available at Referrer Best Practices and Referrer Policy directives.

Related Questions in LARAVEL

Related Questions in NGINX

Related Questions in REFERRER-POLICY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions