Absence of referer policy doesn't mean that there is no referer-policy

[babusri]

Browsed thru the code and it looks like you check for referer policy and if it is not present, you tag it in red and give it a low score.

This is not correct. Absence of referer policy doesn't mean that there is no referer-policy.

For Firefox the default is "Referrer Policy: no-referrer-when-downgrade". https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

For Chrome, the default used to be no-referrer-when-downgrade but has recently changed to strict-origin-when-cross-origin.