From a31db79ae9b6d5fefd3d38e98973310609bd0781 Mon Sep 17 00:00:00 2001
From: Louis Matthijssen <louis@u5r.nl>
Date: Fri, 7 Sep 2018 22:47:49 +0200
Subject: [PATCH] Add Referrer-Policy header examples for nginx

---
 .../insecure/mariadb-cron-redis/fpm/web/nginx.conf             | 3 +++
 .examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf   | 3 +++
 .examples/docker-compose/insecure/postgres/fpm/web/nginx.conf  | 3 +++
 .../mariadb/fpm/web/nginx.conf                                 | 3 +++
 .../with-nginx-proxy/mariadb-cron-redis/fpm/web/nginx.conf     | 3 +++
 .../docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf | 3 +++
 .../with-nginx-proxy/postgres/fpm/web/nginx.conf               | 3 +++
 7 files changed, 21 insertions(+)

diff --git a/.examples/docker-compose/insecure/mariadb-cron-redis/fpm/web/nginx.conf b/.examples/docker-compose/insecure/mariadb-cron-redis/fpm/web/nginx.conf
index a69f23c..2d14e23 100644
--- a/.examples/docker-compose/insecure/mariadb-cron-redis/fpm/web/nginx.conf
+++ b/.examples/docker-compose/insecure/mariadb-cron-redis/fpm/web/nginx.conf
@@ -50,6 +50,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -140,6 +141,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf
index a69f23c..2d14e23 100644
--- a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf
+++ b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf
@@ -50,6 +50,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -140,6 +141,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf
index a69f23c..2d14e23 100644
--- a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf
+++ b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf
@@ -50,6 +50,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -140,6 +141,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/with-nginx-proxy-self-signed-ssl/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl/mariadb/fpm/web/nginx.conf
index 6762e94..518f104 100644
--- a/.examples/docker-compose/with-nginx-proxy-self-signed-ssl/mariadb/fpm/web/nginx.conf
+++ b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl/mariadb/fpm/web/nginx.conf
@@ -55,6 +55,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -145,6 +146,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm/web/nginx.conf
index 6762e94..518f104 100644
--- a/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm/web/nginx.conf
+++ b/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm/web/nginx.conf
@@ -55,6 +55,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -145,6 +146,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf
index 6762e94..518f104 100644
--- a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf
+++ b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf
@@ -55,6 +55,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -145,6 +146,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }
diff --git a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf
index 6762e94..518f104 100644
--- a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf
+++ b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf
@@ -55,6 +55,7 @@ http {
         add_header X-Robots-Tag none;
         add_header X-Download-Options noopen;
         add_header X-Permitted-Cross-Domain-Policies none;
+        add_header Referrer-Policy no-referrer;
 
         root /var/www/html;
 
@@ -145,6 +146,8 @@ http {
             add_header X-Robots-Tag none;
             add_header X-Download-Options noopen;
             add_header X-Permitted-Cross-Domain-Policies none;
+            add_header Referrer-Policy no-referrer;
+
             # Optional: Don't log access to assets
             access_log off;
         }