From 43042ad8412d8d89a9b09e47e5da8b276c9655f2 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Mon, 22 Jun 2020 22:35:59 -0700
Subject: [PATCH] Consolidated ReferrerPolicy into new SecurityHeaders file

---
 app/Http/Middleware/ReferrerPolicyHeader.php | 21 --------------------
 app/Http/Middleware/SecurityHeaders.php      |  2 +-
 2 files changed, 1 insertion(+), 22 deletions(-)
 delete mode 100644 app/Http/Middleware/ReferrerPolicyHeader.php

diff --git a/app/Http/Middleware/ReferrerPolicyHeader.php b/app/Http/Middleware/ReferrerPolicyHeader.php
deleted file mode 100644
index 430ce45af..000000000
--- a/app/Http/Middleware/ReferrerPolicyHeader.php
+++ /dev/null
@@ -1,21 +0,0 @@
-<?php
-namespace App\Http\Middleware;
-
-use Closure;
-
-class ReferrerPolicyHeader
-{
-    /**
-     * Handle the given request and get the response.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @return \Illuminate\Http\Response
-     */
-    public function handle($request, Closure $next)
-    {
-        $response = $next($request);
-        $response->headers->set('Referrer-Policy', config('app.referrer_policy'));
-        return $response;
-    }
-}
diff --git a/app/Http/Middleware/SecurityHeaders.php b/app/Http/Middleware/SecurityHeaders.php
index 8e0b5b945..5a9b3ae6f 100644
--- a/app/Http/Middleware/SecurityHeaders.php
+++ b/app/Http/Middleware/SecurityHeaders.php
@@ -26,7 +26,7 @@ class SecurityHeaders
     {
         $this->removeUnwantedHeaders($this->unwantedHeaderList);
         $response = $next($request);
-        $response->headers->set('Referrer-Policy', 'no-referrer-when-downgrade');
+        $response->headers->set('Referrer-Policy', config('app.referrer_policy'));
         $response->headers->set('X-Content-Type-Options', 'nosniff');
         $response->headers->set('X-XSS-Protection', '1; mode=block');
         $response->headers->set('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');