wp_admin_headers()
Send a referrer policy header so referrers are not sent externally from administration screens.
Source
File: wp-admin/includes/misc.php
function wp_admin_headers() {
$policy = 'strict-origin-when-cross-origin';
/**
* Filters the admin referrer policy header value.
*
* @since WP-4.9.0
* @since WP-4.9.5 The default value was changed to 'strict-origin-when-cross-origin'.
*
* @link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
*
* @param string $policy The admin referrer policy header value. Default 'strict-origin-when-cross-origin'.
*/
$policy = apply_filters( 'admin_referrer_policy', $policy );
header( sprintf( 'Referrer-Policy: %s', $policy ) );
}
Changelog
Version | Description |
---|---|
WP-4.9.0 | Introduced. |