From 2e6187aed399813751a5dc0b59dae84dfc1f3686 Mon Sep 17 00:00:00 2001
From: Marc Beninca <marc-beninca@rwx.work>
Date: Thu, 8 Aug 2019 16:11:15 +0200
Subject: [PATCH] server/nginx/referrer

---
 in/personal/server/index.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/in/personal/server/index.rst b/in/personal/server/index.rst
index 759396c..c4070db 100644
--- a/in/personal/server/index.rst
+++ b/in/personal/server/index.rst
@@ -393,6 +393,7 @@ Security
  listen [::]:443 ssl http2;
  add_header Content-Security-Policy "default-src 'self'" always;
  add_header Expect-CT "max-age=0, enforce" always;
+ add_header Referrer-Policy "no-referrer-when-downgrade" always;
  add_header Strict-Transport-Security "max-age=31557600; includeSubDomains; preload" always;
  add_header X-Content-Type-Options "nosniff" always;
  add_header X-Frame-Options "SAMEORIGIN" always;