Intent to Implement: HTML 'referrerpolicy' attribute

[Emily Stark]

Contact emails
est...@chromium.org

Spec
https://w3c.github.io/webappsec/specs/referrer-policy/#referrer-policy-delivery-referrer-attribute

(The attribute is being renamed to 'referrerpolicy' per https://github.com/w3c/webappsec/pull/435)

Summary
Support for the HTML referrerpolicy attribute on elements: <a>, <area>, <img>, <iframe> (and possibly others) allowing authors to set a Referrer-Policy for a single request associated with the HTML element referencing a sub-resource.

Motivation
This attribute gives websites the ability to control the Referer header that is sent on subresource requests in a fine-grained way.

Ongoing technical constraints
none

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
Yes

OWP launch tracking bug
crbug.com/490608

https://www.chromestatus.com/features/5743723954569216

Requesting approval to ship?

No

[Jochen Eisinger]

This was previously proposed, so I want to point out the most important difference. The spec now allows to use this attribute for detecting which policies are supported: the referrerpolicy attribute reflects only valid policies.

note that the spec isn't yet updated, we're still working on the exact working (as Emily pointed out).

so all in all, I'm in favor of this change