Seotoolsdesk.com
Bulk • Redirect-aware • Exportable

Referrer-Policy Checker

Check Referrer-Policy on the final URL after redirects. Detect missing or risky policies and export results.

Paste URLs (max 50)
Tip: Some sites vary headers by user-agent or block automated requests. Results are best-effort.

Results

Input Final URL HTTP Status Referrer-Policy Time
Run an analysis to see results here.
Suggested baseline for most sites: strict-origin-when-cross-origin.

Quick interpretation

Referrer-Policy controls what your browser sends as “referrer” to other sites.

  • OK policy present and looks reasonable
  • Warn risky/odd policy or multiple headers
  • Missing header not set (often worth adding)
Privacy & tracking

Referrer policy checker: prevent referrer leaks

Referrer-Policy defines how much URL information is shared when users click links to other sites. A good policy reduces data leakage without breaking analytics.

Recommended values

  • strict-origin-when-cross-origin — good default for most websites.
  • strict-origin — stronger privacy; sends origin only, always strict.
  • no-referrer — maximum privacy; sends no referrer at all.

How to use

  • Paste up to 50 URLs.
  • The tool follows redirects and checks the final response.
  • Export CSV or copy the table for reporting.

FAQ

What does Referrer-Policy do?

Referrer-Policy controls what your browser sends as the Referer header when a user clicks a link. Depending on the policy, other sites may receive the full URL, only the origin (domain), or nothing.

What is a good default policy?

For most websites, strict-origin-when-cross-origin is a solid default. It keeps full referrers for same-origin navigation and limits cross-origin referrers to origin only.

Is unsafe-url bad?

Usually yes. unsafe-url can leak the full URL (including path + query string) to third parties. That’s often not what you want for privacy and security.

Why do I see “missing” even on HTTPS sites?

Many sites rely on browser defaults, but defaults can vary over time. Setting Referrer-Policy explicitly makes behavior predictable and easier to audit.

Why can the checker result differ from DevTools?

CDNs/WAFs can vary headers by region, caching, user-agent, or bot detection. Also, browsers may show merged header behavior, while this tool reads the final response headers it receives.

What does “multiple Referrer-Policy headers” mean?

The server returned more than one Referrer-Policy header (or a comma list across headers). Browsers may combine or override values. Best practice: set a single clear policy.

Does this tool follow redirects?

Yes. It follows server-side HTTP redirects (Location) up to a hop limit and reports the policy from the final URL.

How do I set Referrer-Policy?

You can set it as an HTTP response header (recommended) or as a meta tag. Header example: Referrer-Policy: strict-origin-when-cross-origin.