Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(460)

Unified Diff: net/url_request/url_request_job.cc

Issue 2918313002: Implement new referrer policies (Closed)
Patch Set: rebase Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/url_request/url_request_job.cc
diff --git a/net/url_request/url_request_job.cc b/net/url_request/url_request_job.cc
index 8b5c00211f4dd48dcc0556969ef9738b398aaabe..58425180279fa96e55cf2c17ab9a48a4b40e0b2f 100644
--- a/net/url_request/url_request_job.cc
+++ b/net/url_request/url_request_job.cc
@@ -115,6 +115,24 @@ URLRequest::ReferrerPolicy ProcessReferrerPolicyHeaderOnRedirect(
new_policy = URLRequest::NEVER_CLEAR_REFERRER;
continue;
}
+
+ if (base::CompareCaseInsensitiveASCII(token, "same-origin") == 0) {
+ new_policy = URLRequest::CLEAR_REFERRER_ON_TRANSITION_CROSS_ORIGIN;
mmenke 2017/06/07 21:03:58 Hrm...Wonder if it's better to have clearer policy
estark 2017/06/08 18:42:58 Agree, I think it would be better to match the tok
+ continue;
+ }
+
+ if (base::CompareCaseInsensitiveASCII(token, "strict-origin") == 0) {
+ new_policy =
+ URLRequest::ORIGIN_CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE;
+ continue;
+ }
+
+ if (base::CompareCaseInsensitiveASCII(
+ token, "strict-origin-when-cross-origin") == 0) {
+ new_policy =
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN;
+ continue;
+ }
}
return new_policy;
}
@@ -393,6 +411,14 @@ GURL URLRequestJob::ComputeReferrerForRedirect(
return original_referrer;
case URLRequest::ORIGIN:
return referrer_origin.GetURL();
+ case URLRequest::CLEAR_REFERRER_ON_TRANSITION_CROSS_ORIGIN:
+ if (same_origin)
+ return original_referrer;
+ return GURL();
+ case URLRequest::ORIGIN_CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE:
+ if (secure_referrer_but_insecure_destination)
+ return GURL();
+ return referrer_origin.GetURL();
case URLRequest::NO_REFERRER:
return GURL();
case URLRequest::MAX_REFERRER_POLICY:

Powered by Google App Engine
This is Rietveld 408576698