diff --git a/src/nginxconfig.ejs b/src/nginxconfig.ejs
index 27c9d9712..a2d121754 100644
--- a/src/nginxconfig.ejs
+++ b/src/nginxconfig.ejs
@@ -95,7 +95,7 @@ server {
     proxy_hide_header X-Content-Type-Options;
     add_header X-Permitted-Cross-Domain-Policies "none";
     proxy_hide_header X-Permitted-Cross-Domain-Policies;
-    add_header Referrer-Policy "no-referrer-when-downgrade";
+    add_header Referrer-Policy "same-origin";
     proxy_hide_header Referrer-Policy;
 
     # workaround caching issue after /logout. if max-age is set, browser uses cache and user thinks they have not logged out