The referrerpolicy attribute on Link header should be ignored for subresources to prevent cross-origin referrer leakage