Skip to main content

Configuring the referrer policy for your enterprise

You can increase the privacy of sua instância do GitHub Enterprise Server by configuring the policy for cross-origin requests.

About the referrer policy for your enterprise

The referrer policy controls the information that GitHub Enterprise Server transmits in HTTP headers when someone visits a link from sua instância do GitHub Enterprise Server to an external site.

By default, when a user on sua instância do GitHub Enterprise Server visits a link to another site from a file or comment on your instance, the request includes the hostname for your instance in plain text within the Referer header. If the link leads to an external website, the owner of the website could read the hostname for your instance in requests or log files.

You can control the information that GitHub Enterprise Server sends when a user visits a link from your instance.

Enabling the same-origin referrer policy

You can enable the same-origin referrer policy to instruct modern browsers to exclude the hostname for sua instância do GitHub Enterprise Server from requests to external websites. The setting applies to all links from the web interface on your instance. By default, GitHub Enterprise Server uses the origin-when-cross-origin and strict-origin-when-cross-origin referrer policies, which means your instance's hostname will appear in HTTP and HTTPS requests to external websites.

Note: Changing the referrer policy to same-origin can affect external sites that expect a hostname in the HTTP headers for a request.

  1. No canto superior à direita de GitHub Enterprise Server, clique na sua foto do perfil e clique em Configurações da empresa.

    Captura de tela do menu suspenso que aparece quando você clica na foto de perfil no GitHub Enterprise Server. A opção "Configurações da empresa" está realçada em um contorno laranja escuro.

  2. Na barra lateral da conta corporativa, clique em Configurações.

  3. Under Settings, click Authentication security.

  4. Under "User Agent Referrer Policy", select Enable same origin referrer policy for all organizations.

  5. Click Save.