diff --git a/revel/skeleton/app/init.go b/revel/skeleton/app/init.go
index b4e614f..69540e8 100644
--- a/revel/skeleton/app/init.go
+++ b/revel/skeleton/app/init.go
@@ -44,6 +44,7 @@ var HeaderFilter = func(c *revel.Controller, fc []revel.Filter) {
 	c.Response.Out.Header().Add("X-Frame-Options", "SAMEORIGIN")
 	c.Response.Out.Header().Add("X-XSS-Protection", "1; mode=block")
 	c.Response.Out.Header().Add("X-Content-Type-Options", "nosniff")
+	c.Response.Out.Header().Add("Referrer-Policy", "strict-origin-when-cross-origin")
 
 	fc[0](c, fc[1:]) // Execute the next filter stage.
 }