net/url_request/url_request.h - Issue 2100583002: Apply Referrer-Policy header when following redirects

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/url_request/url_request.h

Issue 2100583002: Apply Referrer-Policy header when following redirects (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: update ios test Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/url_request/url_request.h

diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h

index 97cf291eb25b6d923d1adf933f5e7ab73b131f4f..fffd1b9dd2c54b3ac20cfc4751a48ae604bffae9 100644

--- a/net/url_request/url_request.h

+++ b/net/url_request/url_request.h

@@ -85,11 +85,16 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe),

// referrer header might be cleared, if the protocol changes from HTTPS to

// HTTP. This is the default behavior of URLRequest, corresponding to

// CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE. Alternatively, the

- // referrer policy can be set to strip the referrer down to an origin upon

- // cross-origin navigation (ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN), or

- // never change the referrer header (NEVER_CLEAR_REFERRER). Embedders will

- // want to use these options when implementing referrer policy support

- // (https://w3c.github.io/webappsec/specs/referrer-policy/).

+ // referrer policy can be set to:

+ // - strip the referrer down to an origin upon cross-origin navigation

+ // (ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN),

+ // - never change the referrer header (NEVER_CLEAR_REFERRER),

+ // - strip the referrer down to an origin regardless of the redirect

+ // location (ORIGIN), or

+ // - always clear the referrer regardless of the redirect location

+ // (NO_REFERRER).

mmenke 2016/06/28 21:32:08 optional: Could move each of these to just before

estark 2016/06/28 22:38:42 Done.

+ // Embedders will want to use these options when implementing referrer policy

+ // support (https://w3c.github.io/webappsec/specs/referrer-policy/).

// REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN is a slight variant

// on CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE: If the request

@@ -102,6 +107,9 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe),

REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN,

ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN,

NEVER_CLEAR_REFERRER,

+ ORIGIN,

+ NO_REFERRER,

+ MAX_REFERRER_POLICY

};

// First-party URL redirect policy: During server redirects, the first-party

« no previous file with comments | « net/url_request/redirect_info.cc ('k') | net/url_request/url_request.cc » ('j') | net/url_request/url_request_job.cc » ('J')