Implement new referrer policies

third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp

 /*
  * Copyright (C) 2011 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
@@ skipping 105 matching lines @@
     case kReferrerPolicyOriginWhenCrossOrigin: {
       RefPtr<SecurityOrigin> referrer_origin =
           SecurityOrigin::Create(referrer_url);
       RefPtr<SecurityOrigin> url_origin = SecurityOrigin::Create(url);
       if (!url_origin->IsSameSchemeHostPort(referrer_origin.Get())) {
         String origin = referrer_origin->ToString();
         return Referrer(origin + "/", referrer_policy_no_default);
       }
       break;
     }
-    case kReferrerPolicyNoReferrerWhenDowngradeOriginWhenCrossOrigin: {
-      // If the flag is enabled, and we're dealing with a cross-origin request,
-      // strip it.  Otherwise fall through to NoReferrerWhenDowngrade behavior.
+    case kReferrerPolicySameOrigin: {
       RefPtr<SecurityOrigin> referrer_origin =
           SecurityOrigin::Create(referrer_url);
       RefPtr<SecurityOrigin> url_origin = SecurityOrigin::Create(url);
+      if (!url_origin->IsSameSchemeHostPort(referrer_origin.Get())) {
+        return Referrer(Referrer::NoReferrer(), referrer_policy_no_default);
+      }
+      return Referrer(referrer, referrer_policy_no_default);
+    }
+    case kReferrerPolicyStrictOrigin: {
+      String origin = SecurityOrigin::Create(referrer_url)->ToString();
+      return Referrer(ShouldHideReferrer(url, referrer_url)
+                          ? Referrer::NoReferrer()
+                          : origin + "/",
+                      referrer_policy_no_default);
+    }
+    case kReferrerPolicyNoReferrerWhenDowngradeOriginWhenCrossOrigin: {
+      RefPtr<SecurityOrigin> referrer_origin =
+          SecurityOrigin::Create(referrer_url);
+      RefPtr<SecurityOrigin> url_origin = SecurityOrigin::Create(url);
       if (!url_origin->IsSameSchemeHostPort(referrer_origin.Get())) {
         String origin = referrer_origin->ToString();
         return Referrer(ShouldHideReferrer(url, referrer_url)
                             ? Referrer::NoReferrer()
                             : origin + "/",
                         referrer_policy_no_default);
       }
       break;
     }
     case kReferrerPolicyNoReferrerWhenDowngrade:
@@ skipping 137 matching lines @@
   if (EqualIgnoringASCIICase(policy, "origin")) {
     *result = kReferrerPolicyOrigin;
     return true;
   }
   if (EqualIgnoringASCIICase(policy, "origin-when-cross-origin") ||
       (support_legacy_keywords &&
        EqualIgnoringASCIICase(policy, "origin-when-crossorigin"))) {
     *result = kReferrerPolicyOriginWhenCrossOrigin;
     return true;
   }
+  if (EqualIgnoringASCIICase(policy, "same-origin")) {
+    *result = kReferrerPolicySameOrigin;
+    return true;
+  }
+  if (EqualIgnoringASCIICase(policy, "strict-origin")) {
+    *result = kReferrerPolicyStrictOrigin;
+    return true;
+  }
+  if (EqualIgnoringASCIICase(policy, "strict-origin-when-cross-origin")) {
+    *result = kReferrerPolicyNoReferrerWhenDowngradeOriginWhenCrossOrigin;
+    return true;
+  }
   if (EqualIgnoringASCIICase(policy, "no-referrer-when-downgrade") ||
       (support_legacy_keywords && EqualIgnoringASCIICase(policy, "default"))) {
     *result = kReferrerPolicyNoReferrerWhenDowngrade;
     return true;
   }
   return false;
 }
 
 bool SecurityPolicy::ReferrerPolicyFromHeaderValue(
     const String& header_value,
@@ skipping 13 matching lines @@
   }
 
   if (referrer_policy == kReferrerPolicyDefault)
     return false;
 
   *result = referrer_policy;
   return true;
 }
 
 }  // namespace blink