Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(280)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/url_request/url_request_job.cc

Issue 714813003: Referrer Policy: Add new policies to URLRequest. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Helper. Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/url_request/url_request.cc ('K') | « net/url_request/url_request.cc ('k') | net/url_request/url_request_unittest.cc » ('j') | net/url_request/url_request_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/url_request/url_request_job.cc
diff --git a/net/url_request/url_request_job.cc b/net/url_request/url_request_job.cc
index 5d32c6f78447b4d5439b82793e79ec5c3df94cf8..013d5fd3b3871a40d66ca42c198f097aeab5bd3b 100644
--- a/net/url_request/url_request_job.cc
+++ b/net/url_request/url_request_job.cc
@@ -863,14 +863,40 @@ RedirectInfo URLRequestJob::ComputeRedirectInfo(const GURL& location,
request_->first_party_for_cookies();
}
- // Suppress the referrer if we're redirecting out of https.
- if (request_->referrer_policy() ==
- URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE &&
- GURL(request_->referrer()).SchemeIsSecure() &&
- !redirect_info.new_url.SchemeIsSecure()) {
- redirect_info.new_referrer.clear();
- } else {
- redirect_info.new_referrer = request_->referrer();
+ // Alter the referrer if we're redirecting out of https or cross-origin.
+ GURL original_referrer(request_->referrer());
+ switch (request_->referrer_policy()) {
+ case URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE:
+ if (original_referrer.SchemeIsSecure() &&
+ !redirect_info.new_url.SchemeIsSecure()) {
+ redirect_info.new_referrer.clear();
+ } else {
+ redirect_info.new_referrer = request_->referrer();
+ }
+ break;
+
+ case URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN:
+ if (original_referrer.SchemeIsSecure() &&
+ !redirect_info.new_url.SchemeIsSecure()) {
+ redirect_info.new_referrer.clear();
+ } else if (original_referrer.GetOrigin() !=
+ redirect_info.new_url.GetOrigin()) {
+ redirect_info.new_referrer = original_referrer.GetOrigin().spec();
+ } else {
+ redirect_info.new_referrer = request_->referrer();
+ }
+ break;
+
+ case URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN:
+ if (original_referrer.GetOrigin() != redirect_info.new_url.GetOrigin())
+ redirect_info.new_referrer = original_referrer.GetOrigin().spec();
+ else
+ redirect_info.new_referrer = request_->referrer();
+ break;
+
+ case URLRequest::NEVER_CLEAR_REFERRER:
+ redirect_info.new_referrer = request_->referrer();
+ break;
mmenke 2014/11/19 16:29:03 Suggestion: This is basically a subset of the log
Mike West 2014/11/20 10:45:30 That makes a ton of sense. I've done it as a stati
}
return redirect_info;
« net/url_request/url_request.cc ('K') | « net/url_request/url_request.cc ('k') | net/url_request/url_request_unittest.cc » ('j') | net/url_request/url_request_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698