Laravel Cors Referrer Policy

I run into the error below in Laravel 8 with ChatBro service when a user try to send a new message;

Seems like the ‘Referrer-Policy’ of your site is ‘no-referral’. For
correct chat’s work it must be equal ‘no-referrer-when-downgrade’ or
any other that suits you. More information about ‘Referral policy’ you
can find

Apparently, my request header is set to Referrer Policy: no-referrer.

The request response is;

{“error”:”Referer null or empty”,”type”:”RefererException”}

I’m using laravel/cors package with the configuration below;

'paths'                    => ['api/*', 'api0/*'],
'allowed_methods'          => ['*'],
'allowed_origins'.         => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers'          => ['*'],
'exposed_headers'          => [],
'max_age'                  => 0,
'supports_credentials'     => false,

How Can I fix this?


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

You may want to define that in your Nginx server block as below;

server {
  # some configuration
  add_header Referrer-Policy "no-referrer-when-downgrade";
  # other configuration

strict-origin-when-cross-origin is recommended over no-referrer-when-downgrade.

policy that is secure, privacy-enhancing, and useful—what “useful” means depends on what you want from the referrer

More details available at Referrer Best Practices and Referrer Policy directives.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x