From 4da4d12ba60f60821405a4dd0b9d6744a2c5075b Mon Sep 17 00:00:00 2001
From: Rafael dos Santos Silva <xfalcox@gmail.com>
Date: Mon, 26 Jun 2017 18:32:39 -0300
Subject: [PATCH] FEATURE: Add default Referrer Policy in SSL template

---
 templates/web.ssl.template.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/web.ssl.template.yml b/templates/web.ssl.template.yml
index 76b600e..d041360 100644
--- a/templates/web.ssl.template.yml
+++ b/templates/web.ssl.template.yml
@@ -33,6 +33,7 @@ run:
        gzip on;
 
        add_header Strict-Transport-Security 'max-age=31536000'; # remember the certificate for a year and automatically connect to HTTPS for this domain
+       add_header Referrer-Policy 'no-referrer-when-downgrade';
 
        if ($http_host != $$ENV_DISCOURSE_HOSTNAME) {
           rewrite (.*) https://$$ENV_DISCOURSE_HOSTNAME$1 permanent;
-- 
2.25.1