Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(70)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request.cc

Issue 115803003: Add a check that we don't send a secure referrer to an insecure URL (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: updaets Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/url_request/url_request.h" 5 #include "net/url_request/url_request.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/callback.h" 9 #include "base/callback.h"
10 #include "base/compiler_specific.h" 10 #include "base/compiler_specific.h"
11 #include "base/debug/dump_without_crashing.h"
11 #include "base/debug/stack_trace.h" 12 #include "base/debug/stack_trace.h"
12 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
13 #include "base/memory/singleton.h" 14 #include "base/memory/singleton.h"
14 #include "base/message_loop/message_loop.h" 15 #include "base/message_loop/message_loop.h"
15 #include "base/metrics/histogram.h" 16 #include "base/metrics/histogram.h"
16 #include "base/metrics/stats_counters.h" 17 #include "base/metrics/stats_counters.h"
17 #include "base/stl_util.h" 18 #include "base/stl_util.h"
18 #include "base/strings/utf_string_conversions.h" 19 #include "base/strings/utf_string_conversions.h"
19 #include "base/synchronization/lock.h" 20 #include "base/synchronization/lock.h"
20 #include "base/values.h" 21 #include "base/values.h"
(...skipping 656 matching lines...) Expand 10 before | Expand all | Expand 10 after
677 job_->SetPriority(priority_); 678 job_->SetPriority(priority_);
678 679
679 if (upload_data_stream_.get()) 680 if (upload_data_stream_.get())
680 job_->SetUpload(upload_data_stream_.get()); 681 job_->SetUpload(upload_data_stream_.get());
681 682
682 is_pending_ = true; 683 is_pending_ = true;
683 is_redirecting_ = false; 684 is_redirecting_ = false;
684 685
685 response_info_.was_cached = false; 686 response_info_.was_cached = false;
686 687
688 // If the referrer is secure, but the requested URL is not, the referrer
689 // policy should be something non-default. If you hit this, please file a
690 // bug.
691 if (referrer_policy_ ==
692 CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE &&
693 GURL(referrer_).SchemeIsSecure() && !url().SchemeIsSecure()) {
694 DLOG(FATAL) << "Trying to send secure referrer for insecure load";
695 base::debug::DumpWithoutCrashing();
696 referrer_.clear();
697 }
698
687 // Don't allow errors to be sent from within Start(). 699 // Don't allow errors to be sent from within Start().
688 // TODO(brettw) this may cause NotifyDone to be sent synchronously, 700 // TODO(brettw) this may cause NotifyDone to be sent synchronously,
689 // we probably don't want this: they should be sent asynchronously so 701 // we probably don't want this: they should be sent asynchronously so
690 // the caller does not get reentered. 702 // the caller does not get reentered.
691 job_->Start(); 703 job_->Start();
692 } 704 }
693 705
694 void URLRequest::Restart() { 706 void URLRequest::Restart() {
695 // Should only be called if the original job didn't make any progress. 707 // Should only be called if the original job didn't make any progress.
696 DCHECK(job_.get() && !job_->has_response_started()); 708 DCHECK(job_.get() && !job_->has_response_started());
(...skipping 494 matching lines...) Expand 10 before | Expand all | Expand 10 after
1191 new base::debug::StackTrace(NULL, 0); 1203 new base::debug::StackTrace(NULL, 0);
1192 *stack_trace_copy = stack_trace; 1204 *stack_trace_copy = stack_trace;
1193 stack_trace_.reset(stack_trace_copy); 1205 stack_trace_.reset(stack_trace_copy);
1194 } 1206 }
1195 1207
1196 const base::debug::StackTrace* URLRequest::stack_trace() const { 1208 const base::debug::StackTrace* URLRequest::stack_trace() const {
1197 return stack_trace_.get(); 1209 return stack_trace_.get();
1198 } 1210 }
1199 1211
1200 } // namespace net 1212 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698