From 72e884b20bab1327c4943409f6ad501b49ddb0d1 Mon Sep 17 00:00:00 2001
From: David Kane <david@dkane.net>
Date: Wed, 1 Nov 2023 16:58:28 +0000
Subject: [PATCH] update default referer policy

---
 findthatcharity/settings.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/findthatcharity/settings.py b/findthatcharity/settings.py
index 5f4e0b2..bf77237 100644
--- a/findthatcharity/settings.py
+++ b/findthatcharity/settings.py
@@ -257,6 +257,7 @@
 LOGGING_DB = os.environ.get("LOGGING_DB")
 
 CORS_ALLOW_ALL_ORIGINS = True
+SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin"
 
 IGNORE_DOMAINS = (
     "gmail.com",