Web applications: Source actions are missing for subdomain navigations

maliborskaya — Tue, 19 Mar 2024 11:40:00 GMT

Starting with November 2022, browsers implemented a stricter referrer policy. This resulted in missing subdomain source actions for your applications monitored with Dynatrace.

The referrer policy controls the document.referrer property on a target page. After the default referrer policy changed from no-referrer-when-downgrade to strict-origin-when-cross-origin in 2022, document.referrer is populated only with the origin, while the full URL of the source page is stripped away for cross-origin requests. For example, if you navigate from https://www.dynatrace.com/pricing to https://community.dynatrace.com, the document.referrer on the target page contains just https://www.dynatrace.com.

As the full URL of the source page is truncated, Dynatrace can't determine the exact origin of the navigation and has to drop the source action information. This results in navigation actions that are shorter than they would have been if the full URL of the source page had been available.

To fix this issue, set the referrer policy of the origin page to no-referrer-when-downgrade either via the Referrer-Policy HTTP header or inside HTML. This will populate document.referrer on the target page with the full URL of the source page (only when the protocol security level stays the same or improves: HTTP > HTTP, HTTP > HTTPS, HTTPS > HTTPS).

Note: Privacy-focused browsers like Brave ignore the set referrer policy, so it's always strict-origin-when-cross-origin. For this reason, Dynatrace can't generate source actions for subdomain navigations within such browsers.

article Web applications: Source actions are missing for subdomain navigations in Troubleshooting

Web applications: Source actions are missing for subdomain navigations