Index: net/url_request/url_request_job.cc |
diff --git a/net/url_request/url_request_job.cc b/net/url_request/url_request_job.cc |
index 5d32c6f78447b4d5439b82793e79ec5c3df94cf8..013d5fd3b3871a40d66ca42c198f097aeab5bd3b 100644 |
--- a/net/url_request/url_request_job.cc |
+++ b/net/url_request/url_request_job.cc |
@@ -863,14 +863,40 @@ RedirectInfo URLRequestJob::ComputeRedirectInfo(const GURL& location, |
request_->first_party_for_cookies(); |
} |
- // Suppress the referrer if we're redirecting out of https. |
- if (request_->referrer_policy() == |
- URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE && |
- GURL(request_->referrer()).SchemeIsSecure() && |
- !redirect_info.new_url.SchemeIsSecure()) { |
- redirect_info.new_referrer.clear(); |
- } else { |
- redirect_info.new_referrer = request_->referrer(); |
+ // Alter the referrer if we're redirecting out of https or cross-origin. |
+ GURL original_referrer(request_->referrer()); |
+ switch (request_->referrer_policy()) { |
+ case URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE: |
+ if (original_referrer.SchemeIsSecure() && |
+ !redirect_info.new_url.SchemeIsSecure()) { |
+ redirect_info.new_referrer.clear(); |
+ } else { |
+ redirect_info.new_referrer = request_->referrer(); |
+ } |
+ break; |
+ |
+ case URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN: |
+ if (original_referrer.SchemeIsSecure() && |
+ !redirect_info.new_url.SchemeIsSecure()) { |
+ redirect_info.new_referrer.clear(); |
+ } else if (original_referrer.GetOrigin() != |
+ redirect_info.new_url.GetOrigin()) { |
+ redirect_info.new_referrer = original_referrer.GetOrigin().spec(); |
+ } else { |
+ redirect_info.new_referrer = request_->referrer(); |
+ } |
+ break; |
+ |
+ case URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN: |
+ if (original_referrer.GetOrigin() != redirect_info.new_url.GetOrigin()) |
+ redirect_info.new_referrer = original_referrer.GetOrigin().spec(); |
+ else |
+ redirect_info.new_referrer = request_->referrer(); |
+ break; |
+ |
+ case URLRequest::NEVER_CLEAR_REFERRER: |
+ redirect_info.new_referrer = request_->referrer(); |
+ break; |
} |
return redirect_info; |