From 1f624bc5e2fc720b7f570b4b217860747ef5dc65 Mon Sep 17 00:00:00 2001
From: maTh <1645099+math-GH@users.noreply.github.com>
Date: Tue, 1 Apr 2025 12:23:56 +0200
Subject: Referrer-Policy: same-origin (#6303)

* Referrer-Policy: same-origin

* same-origin for our own images

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 lib/lib_rss.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib')

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 99c72cb49..b53838410 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -981,6 +981,7 @@ function errorMessageInfo(string $errorTitle, string $error = ''): string {
 	}
 
 	header("Content-Security-Policy: default-src 'self'");
+	header('Referrer-Policy: same-origin');
 
 	return <<<MSG
 	<!DOCTYPE html><html><header><title>HTTP 500: {$errorTitle}</title></header><body>
-- 
cgit v1.2.3