Chromium Code Reviews Chromium Code Reviews
Issue 438283002:
Sanitize referrer in context menus. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: components/sessions/serialized_navigation_entry.cc |
| diff --git a/components/sessions/serialized_navigation_entry.cc b/components/sessions/serialized_navigation_entry.cc |
| index c0ed8d2a835a7cc44ef29f8df0c6c7558e6dbd55..a5ba41c850fc508f0eff54380db43e606c71538d 100644 |
| --- a/components/sessions/serialized_navigation_entry.cc |
| +++ b/components/sessions/serialized_navigation_entry.cc |
| @@ -512,32 +512,13 @@ std::vector<NavigationEntry*> SerializedNavigationEntry::ToNavigationEntries( |
| } |
| void SerializedNavigationEntry::Sanitize() { |
| - // Store original referrer so we can later see whether it was actually |
| - // changed during sanitization, and we need to strip the referrer from the |
| - // page state as well. |
| - content::Referrer old_referrer = referrer_; |
| + content::Referrer new_referrer = |
| + content::Referrer::SanitizeForRequest(virtual_url_, referrer_); |
| - if (!referrer_.url.SchemeIsHTTPOrHTTPS()) |
| - referrer_ = content::Referrer(); |
| - switch (referrer_.policy) { |
| - case blink::WebReferrerPolicyNever: |
| - referrer_.url = GURL(); |
| - break; |
| - case blink::WebReferrerPolicyAlways: |
| - break; |
| - case blink::WebReferrerPolicyOrigin: |
| - referrer_.url = referrer_.url.GetWithEmptyPath(); |
| - break; |
| - case blink::WebReferrerPolicyDefault: |
| - // Fall through. |
| - default: |
| - referrer_.policy = blink::WebReferrerPolicyDefault; |
| - if (referrer_.url.SchemeIsSecure() && !virtual_url_.SchemeIsSecure()) |
| - referrer_.url = GURL(); |
| - } |
| - |
| - if (referrer_.url != old_referrer.url || |
| - referrer_.policy != old_referrer.policy) { |
| + // No need to compare the policy, as it doesn't change during |
| + // sanitization. If there has been a change, the referrer needs to be |
| + // stripped from the page state as well. |
| + if (referrer_.url != new_referrer.url) { |
| referrer_ = content::Referrer(); |
|
nasko
2014/08/05 14:27:58
Should this be totally cleared or should the sanit
jochen (gone - plz use gerrit)
2014/08/05 15:16:56
here totally clearing is fine.
|
| page_state_ = page_state_.RemoveReferrer(); |
| } |
