- Strapi Version: 4.1.3
- Operating System: Mac OS
- Database: Postgres
- Node Version: v16.14.0
- NPM Version: 8.3.1
Is there a way to add the
referrer header for requests for image assets from the Media Library?
When I click on Media Library and when Strapi loads images, the
referrer does not appear in the request headers for those assets that are uploaded to AWS S3 with the plugin “strapi-provider-upload-aws-s3-plus-cdn”: “1.0.6”.
It looks like the Referrer Policy is set to no-referrer, is there a way to update this to pass along the
referrer in the request headers? I believe in previous verisons of Strapi (ie 3.6.7) the
referrer was being passed in the header of the request for images.
GET /image.png?width=880&height=736 HTTP/1.1 Host: mysite.com Connection: keep-alive sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36 sec-ch-ua-platform: "macOS" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
The reason why I want to add the
referrer to the header is because I am using AWS WAF to prevent hot-linking images.
If there isn’t a way to update the request headers, do you have any other recommendations from preventing hot-linking of the image assets?