"no-referrer" meaning that the Referer: HTTP header will not be sent.
"origin" meaning that the referrer will be the origin of the page, that is roughly the scheme, the host and the port.
"unsafe-url" meaning that the referrer will include the origin and the path (but not the fragment, password, or username). This case is unsafe as it can leak path information that has been concealed to third-party by using TLS.
var iframe = document.createElement("iframe");
iframe.src = "/";
iframe.referrerPolicy = "unsafe-url";
var body = document.getElementsByTagName("body");
body.appendChild(iframe); // Fetch the image using the complete URL as the referrer