<meta name="referrer" content="origin">

Notice that the specific path ( /about ) is stripped out. The destination site knows the user came from example.com , but they do not know which specific page on example.com .

In Chrome, this policy sends the (origin + path) when requesting the same origin . When cross-origin, it sends only the origin (no path or query parameters). It does not send the Referer header when downgrading from HTTPS to HTTP.