Is anything uploaded?

No. Validation is local and clears on refresh.

web validator

Referrer-Policy Validator

Validate Referrer-Policy header/meta values against allowed directives.

Results

Processing…

Status: Processing...
Details: Processing...
Policies: Processing...
Invalid entries: Processing...

Rules & checks

Allows standard directives: no-referrer, no-referrer-when-downgrade, same-origin, origin, strict-origin, origin-when-cross-origin, strict-origin-when-cross-origin, unsafe-url.

Supports comma-separated values.

Runs entirely client-side/offline; no data leaves the page.

When to use it

QA security headers and meta tags
Validate CDN/edge overrides
Ensure referrer privacy policies are enforced

Tips

Prefer strict-origin-when-cross-origin as a balanced default
Avoid unsafe-url unless required for analytics

Examples

Secure default

strict-origin-when-cross-origin -> valid

Multiple values

no-referrer, strict-origin -> valid

Invalid token

foo -> invalid

FAQs

Is anything uploaded?: No. Validation is local and clears on refresh.

Related validators

web

HTTP Security Headers Validator

Validate core security headers (HSTS, nosniff, frame options, referrer policy, permissions policy) entirely client-side.

web

Meta Robots / X-Robots-Tag Validator

Check meta robots and X-Robots-Tag directives for index/follow settings and canonical presence.

web

OpenGraph & Twitter Card Validator

Validate OpenGraph and Twitter card meta tags locally—required tags, URL formats, and missing fields before you publish.

Format-only; does not inspect actual network requests.