On my website I have a referrer-policy: strict-origin-when-cross-origin header in place for security purposes but also have a few links pointing to my subdomain.
On my subdomain I am trying to read the origin + path when someone navigates from a link on the main domain to my subdomain because I want to only allow them access when they went by a specific page on the main domain first.
I have read that the origin of a domain and subdomain are completely different so I am not able to obtain the complete URL looking at the headers on the subdomain. Is there a way to do this without sacrificing security or doing it by query params?