“System Information”
- Strapi Version: 4.1.3
- Operating System: Mac OS
- Database: Postgres
- Node Version: v16.14.0
- NPM Version: 8.3.1
Is there a way to add the referrer header for requests for image assets from the Media Library?
When I click on Media Library and when Strapi loads images, the referrer does not appear in the request headers for those assets that are uploaded to AWS S3 with the plugin “strapi-provider-upload-aws-s3-plus-cdn”: “1.0.6”.
It looks like the Referrer Policy is set to no-referrer, is there a way to update this to pass along the referrer in the request headers? I believe in previous verisons of Strapi (ie 3.6.7) the referrer was being passed in the header of the request for images.
Request Headers
GET /image.png?width=880&height=736 HTTP/1.1
Host: mysite.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
sec-ch-ua-platform: "macOS"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
The reason why I want to add the referrer to the header is because I am using AWS WAF to prevent hot-linking images.
If there isn’t a way to update the request headers, do you have any other recommendations from preventing hot-linking of the image assets?
Thank you,