Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(48)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/frame_host/navigation_request.cc

Issue 2770663002: Sanitize referrer from Intents (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/frame_host/navigation_request.h" 5 #include "content/browser/frame_host/navigation_request.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/memory/ptr_util.h" 9 #include "base/memory/ptr_util.h"
10 #include "content/browser/appcache/appcache_navigation_handle.h" 10 #include "content/browser/appcache/appcache_navigation_handle.h"
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after
347 } 347 }
348 348
349 void NavigationRequest::BeginNavigation() { 349 void NavigationRequest::BeginNavigation() {
350 DCHECK(!loader_); 350 DCHECK(!loader_);
351 DCHECK(state_ == NOT_STARTED || state_ == WAITING_FOR_RENDERER_RESPONSE); 351 DCHECK(state_ == NOT_STARTED || state_ == WAITING_FOR_RENDERER_RESPONSE);
352 state_ = STARTED; 352 state_ = STARTED;
353 RenderFrameDevToolsAgentHost::OnBeforeNavigation(navigation_handle_.get()); 353 RenderFrameDevToolsAgentHost::OnBeforeNavigation(navigation_handle_.get());
354 354
355 if (ShouldMakeNetworkRequestForURL(common_params_.url) && 355 if (ShouldMakeNetworkRequestForURL(common_params_.url) &&
356 !navigation_handle_->IsSameDocument()) { 356 !navigation_handle_->IsSameDocument()) {
357 // The referrer from the Intents needs to be sanitized.
358 common_params_.referrer = Referrer::SanitizeForRequest(
359 common_params_.url, common_params_.referrer);
360
357 // It's safe to use base::Unretained because this NavigationRequest owns 361 // It's safe to use base::Unretained because this NavigationRequest owns
358 // the NavigationHandle where the callback will be stored. 362 // the NavigationHandle where the callback will be stored.
359 // TODO(clamy): pass the real value for |is_external_protocol| if needed. 363 // TODO(clamy): pass the real value for |is_external_protocol| if needed.
360 // TODO(clamy): pass the method to the NavigationHandle instead of a 364 // TODO(clamy): pass the method to the NavigationHandle instead of a
361 // boolean. 365 // boolean.
362 navigation_handle_->WillStartRequest( 366 navigation_handle_->WillStartRequest(
363 common_params_.method, common_params_.post_data, 367 common_params_.method, common_params_.post_data,
364 Referrer::SanitizeForRequest(common_params_.url, 368 common_params_.referrer, begin_params_.has_user_gesture,
365 common_params_.referrer), 369 common_params_.transition, false, begin_params_.request_context_type,
366 begin_params_.has_user_gesture, common_params_.transition, false,
367 begin_params_.request_context_type,
368 begin_params_.mixed_content_context_type, 370 begin_params_.mixed_content_context_type,
369 base::Bind(&NavigationRequest::OnStartChecksComplete, 371 base::Bind(&NavigationRequest::OnStartChecksComplete,
370 base::Unretained(this))); 372 base::Unretained(this)));
371 return; 373 return;
372 } 374 }
373 375
374 // There is no need to make a network request for this navigation, so commit 376 // There is no need to make a network request for this navigation, so commit
375 // it immediately. 377 // it immediately.
376 state_ = RESPONSE_STARTED; 378 state_ = RESPONSE_STARTED;
377 379
(...skipping 433 matching lines...) Expand 10 before | Expand all | Expand 10 after
811 DCHECK_EQ(request_params_.has_user_gesture, begin_params_.has_user_gesture); 813 DCHECK_EQ(request_params_.has_user_gesture, begin_params_.has_user_gesture);
812 814
813 render_frame_host->CommitNavigation(response_.get(), std::move(body_), 815 render_frame_host->CommitNavigation(response_.get(), std::move(body_),
814 common_params_, request_params_, 816 common_params_, request_params_,
815 is_view_source_); 817 is_view_source_);
816 818
817 frame_tree_node_->ResetNavigationRequest(true); 819 frame_tree_node_->ResetNavigationRequest(true);
818 } 820 }
819 821
820 } // namespace content 822 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698