Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(797)

Unified Diff: net/url_request/url_request_job_unittest.cc

Issue 2918313002: Implement new referrer policies (Closed)
Patch Set: rebase Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/url_request/url_request_job_unittest.cc
diff --git a/net/url_request/url_request_job_unittest.cc b/net/url_request/url_request_job_unittest.cc
index cd403081effff62fa652bc2265995d184b9df84b..b6fa6bab53d98cf1310ed4a1dbbb75b044cadbb3 100644
--- a/net/url_request/url_request_job_unittest.cc
+++ b/net/url_request/url_request_job_unittest.cc
@@ -388,6 +388,129 @@ TEST(URLRequestJob, RedirectTransactionWithReferrerPolicyHeader) {
ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN /* expected final policy */,
"https://foo.test/" /* expected final referrer */},
+ // If a redirect serves 'Referrer-Policy: same-origin', then the referrer
+ // should be untouched for a same-origin redirect,
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: https://foo.test/two\n"
+ "Referrer-Policy: same-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_CROSS_ORIGIN /* expected final
+ policy */
mmenke 2017/06/07 21:04:00 Maybe replace "expected final policy" with "final
estark 2017/06/08 18:42:58 Done; I just removed it for these cases where the
+ ,
+ "https://foo.test/referrer" /* expected final referrer */},
+
+ // ... but should be cleared for a cross-origin redirect.
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: https://bar.test/two\n"
+ "Referrer-Policy: same-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_CROSS_ORIGIN /* expected final
+ policy */
+ ,
+ "" /* expected final referrer */},
+
+ // If a redirect serves 'Referrer-Policy: strict-origin', then the
+ // referrer should be the origin only for a cross-origin non-downgrading
+ // redirect,
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: https://bar.test/two\n"
+ "Referrer-Policy: strict-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ ORIGIN_CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE /* expected final
+ policy */
+ ,
+ "https://foo.test/" /* expected final referrer */},
+ {"http://foo.test/one" /* original url */,
+ "http://foo.test/referrer" /* original referrer */,
+ "Location: http://bar.test/two\n"
+ "Referrer-Policy: strict-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ ORIGIN_CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE /* expected final
+ policy */
+ ,
+ "http://foo.test/" /* expected final referrer */},
+
+ // ... but should be cleared for a downgrading redirect.
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: http://foo.test/two\n"
+ "Referrer-Policy: strict-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ ORIGIN_CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE /* expected final
+ policy */
+ ,
+ "" /* expected final referrer */},
+
+ // If a redirect serves 'Referrer-Policy:
+ // strict-origin-when-cross-origin', then the referrer should be preserved
+ // for a same-origin redirect,
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: https://foo.test/two\n"
+ "Referrer-Policy: strict-origin-when-cross-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN /* expected
+ final
+ policy */
+ ,
+ "https://foo.test/referrer" /* expected final referrer */},
+ {"http://foo.test/one" /* original url */,
+ "http://foo.test/referrer" /* original referrer */,
+ "Location: http://foo.test/two\n"
+ "Referrer-Policy: strict-origin-when-cross-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN /* expected
+ final
+ policy */
+ ,
+ "http://foo.test/referrer" /* expected final referrer */},
+
+ // ... but should be stripped to the origin for a cross-origin
+ // non-downgrading redirect,
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: https://bar.test/two\n"
+ "Referrer-Policy: strict-origin-when-cross-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN /* expected
+ final
+ policy */
+ ,
+ "https://foo.test/" /* expected final referrer */},
+ {"http://foo.test/one" /* original url */,
+ "http://foo.test/referrer" /* original referrer */,
+ "Location: http://bar.test/two\n"
+ "Referrer-Policy: strict-origin-when-cross-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN /* expected
+ final
+ policy */
+ ,
+ "http://foo.test/" /* expected final referrer */},
+
+ // ... and should be cleared for a downgrading redirect.
+ {"https://foo.test/one" /* original url */,
+ "https://foo.test/referrer" /* original referrer */,
+ "Location: http://foo.test/two\n"
+ "Referrer-Policy: strict-origin-when-cross-origin\n",
+ URLRequest::NEVER_CLEAR_REFERRER /* original policy */,
+ URLRequest::
+ REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN /* expected
+ final
+ policy */
+ ,
+ "" /* expected final referrer */},
+
// If a redirect serves 'Referrer-Policy: unsafe-url', then the
// referrer should remain, even if originally set to clear on
// downgrade.

Powered by Google App Engine
This is Rietveld 408576698