From 8adb581a6af0c3c39c60642885e7b58df56e7866 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gerg=C5=91=20Tisza?= <tgr.huwiki@gmail.com>
Date: Sun, 19 Nov 2017 14:19:44 -0800
Subject: [PATCH] Improve documentation of $wgReferrerPolicy

Reference current version of the spec.

Change-Id: I1cca89b9e46a2b5ae8242715eddfdbd23ccb2d83
---
 includes/DefaultSettings.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index e50b7a7db1..d0a02de05b 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -316,10 +316,16 @@ $wgAppleTouchIcon = false;
 
 /**
  * Value for the referrer policy meta tag.
- * One of 'never', 'default', 'origin', 'always'. Setting it to false just
- * prevents the meta tag from being output.
- * See https://www.w3.org/TR/referrer-policy/ for details.
+ * One of the values defined in the Referrer Policy specification:
+ * https://w3c.github.io/webappsec-referrer-policy/
+ * ('no-referrer', 'no-referrer-when-downgrade', 'same-origin',
+ * 'origin', 'strict-origin', 'origin-when-cross-origin',
+ * 'strict-origin-when-cross-origin', or 'unsafe-url')
+ * Setting it to false prevents the meta tag from being output
+ * (which results in falling back to the Referrer-Policy header,
+ * or 'no-referrer-when-downgrade' if that's not set either.)
  *
+ * @var string|bool
  * @since 1.25
  */
 $wgReferrerPolicy = false;
-- 
2.20.1