Change the default referrer policy to 'strict-origin-when-cross-origin'.

This addresses w3c/webappsec-referrer-policy#125, among other things.
whatwg · Oct 15, 2019 · a44f2f5 · a44f2f5
1 parent ae6435f
commit a44f2f5
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/fetch.bs b/fetch.bs
@@ -3311,10 +3311,7 @@ with a <i>CORS flag</i> and <i>recursive flag</i>, run these steps:
     <p>If <var>request</var>'s <a for=request>referrer policy</a>
     is the empty string, then set <var>request</var>'s
     <a for=request>referrer policy</a> to
-    "<code>no-referrer-when-downgrade</code>".
-
-    <p class="note no-backref">We use "<code>no-referrer-when-downgrade</code>" because it is the
-    historical default.
+    "<code>strict-origin-when-cross-origin</code>".
 
    <li>
     <p>If <var>request</var>'s <a for=request>referrer</a>