Referrer-Policy Header
PiSuite checks the origin of the calls to make sure that they come from the correct customer website. For this check to work, the customer site needs to include referrer origin in the calls to https://api.pisuite.com. The Referrer-Policy HTTP header controls how much referrer information (sent via the Referer header) should be included with requests. (See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy for more information.)
The following values for the HTTP header Referrer-Policy will enable sending the referrer origin to https://api.pisuite.com.
-
Referrer-Policy: no-referrer-when-downgrade
-
Referrer-Policy: origin
-
Referrer-Policy: origin-when-cross-origin
-
Referrer-Policy: strict-origin
-
Referrer-Policy: strict-origin-when-cross-origin
-
Referrer-Policy: unsafe-url
PiSuite also supports the customer websites that use any of the following referrer policies:
- Referrer-Policy: no-referrer
- Referrer-Policy: same-origin