Right now, Marten does not set the Referrer-Policy as part of HTTP responses. Let's introduce a new Marten::Middleware::ReferrerPolicy middleware to automatically set this header (based on an associated setting value) if it is not already set.
Implementation
The new Marten::Middleware::ReferrerPolicy middleware should only set the Referrer-Policy header if it is not already defined (eg. by the handler that produced the response). The value of the Referrer-Policy header should be determined based on the value of a new referrer_policy top-level setting which should contain the intended referrer policy directive.
Description
Context
Right now, Marten does not set the
Referrer-Policyas part of HTTP responses. Let's introduce a newMarten::Middleware::ReferrerPolicymiddleware to automatically set this header (based on an associated setting value) if it is not already set.Implementation
The new
Marten::Middleware::ReferrerPolicymiddleware should only set theReferrer-Policyheader if it is not already defined (eg. by the handler that produced the response). The value of theReferrer-Policyheader should be determined based on the value of a newreferrer_policytop-level setting which should contain the intended referrer policy directive.