What are my options for keeping the referer request header from being sent on sub-resource requests, such as fonts? Does the Referrer-Policy header work for all types of subresources, or is there something else I can use? /cc @dveditz@mikewest
Referrer Policy is set for the document, and should encompass all resource loads it initiates, sub- or otherwise. @jochen_e and @estark37 know more about the details in Chrome if something’s not working. :)
