Index: Source/core/html/HTMLFrameOwnerElement.cpp |
diff --git a/Source/core/html/HTMLFrameOwnerElement.cpp b/Source/core/html/HTMLFrameOwnerElement.cpp |
index 1833cc61cb2a899e2bb4319a450b82f0a8fdb14b..439bfd06c85b0025cdf15ab3a823aaaac3394201 100644 |
--- a/Source/core/html/HTMLFrameOwnerElement.cpp |
+++ b/Source/core/html/HTMLFrameOwnerElement.cpp |
@@ -35,6 +35,7 @@ |
#include "core/loader/FrameLoaderClient.h" |
#include "core/plugins/PluginView.h" |
#include "platform/weborigin/SecurityOrigin.h" |
+#include "platform/weborigin/SecurityPolicy.h" |
namespace blink { |
@@ -261,7 +262,14 @@ bool HTMLFrameOwnerElement::loadOrRedirectSubframe(const KURL& url, const Atomic |
if (document().frame()->host()->subframeCount() >= FrameHost::maxNumberOfFrames) |
return false; |
- return parentFrame->loader().client()->createFrame(FrameLoadRequest(&document(), url, "_self", CheckContentSecurityPolicy), frameName, this); |
+ FrameLoadRequest frameLoadRequest(&document(), url, "_self", CheckContentSecurityPolicy); |
+ |
+ ReferrerPolicy policy; |
+ if (referrerPolicyAttribute(&policy)) { |
Yoav Weiss
2015/09/08 09:55:08
I think it would be cleaner to change referrerPoli
estark
2015/09/08 14:40:34
Done.
|
+ frameLoadRequest.resourceRequest().setHTTPReferrer(SecurityPolicy::generateReferrer(policy, url, document().outgoingReferrer())); |
+ } |
+ |
+ return parentFrame->loader().client()->createFrame(frameLoadRequest, frameName, this); |
} |
DEFINE_TRACE(HTMLFrameOwnerElement) |