OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2011 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 case ReferrerPolicyAlways: | 80 case ReferrerPolicyAlways: |
81 return Referrer(referrer, referrerPolicy); | 81 return Referrer(referrer, referrerPolicy); |
82 case ReferrerPolicyOrigin: { | 82 case ReferrerPolicyOrigin: { |
83 String origin = SecurityOrigin::createFromString(referrer)->toString(); | 83 String origin = SecurityOrigin::createFromString(referrer)->toString(); |
84 if (origin == "null") | 84 if (origin == "null") |
85 return Referrer(String(), referrerPolicy); | 85 return Referrer(String(), referrerPolicy); |
86 // A security origin is not a canonical URL as it lacks a path. Add / | 86 // A security origin is not a canonical URL as it lacks a path. Add / |
87 // to turn it into a canonical URL we can use as referrer. | 87 // to turn it into a canonical URL we can use as referrer. |
88 return Referrer(origin + "/", referrerPolicy); | 88 return Referrer(origin + "/", referrerPolicy); |
89 } | 89 } |
| 90 case ReferrerPolicyOriginWhenCrossOrigin: { |
| 91 RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString
(referrer); |
| 92 RefPtr<SecurityOrigin> urlOrigin = SecurityOrigin::create(url); |
| 93 if (!urlOrigin->isSameSchemeHostPort(referrerOrigin.get())) { |
| 94 String origin = referrerOrigin->toString(); |
| 95 if (origin == "null") |
| 96 return Referrer(String(), referrerPolicy); |
| 97 return Referrer(origin + "/", referrerPolicy); |
| 98 } |
| 99 break; |
| 100 } |
90 case ReferrerPolicyDefault: { | 101 case ReferrerPolicyDefault: { |
91 // If the flag is enabled, and we're dealing with a cross-origin request
, strip it. | 102 // If the flag is enabled, and we're dealing with a cross-origin request
, strip it. |
92 // Otherwise fallthrough to NoReferrerWhenDowngrade behavior. | 103 // Otherwise fallthrough to NoReferrerWhenDowngrade behavior. |
93 RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString
(referrer); | 104 RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString
(referrer); |
94 RefPtr<SecurityOrigin> urlOrigin = SecurityOrigin::create(url); | 105 RefPtr<SecurityOrigin> urlOrigin = SecurityOrigin::create(url); |
95 if (RuntimeEnabledFeatures::reducedReferrerGranularityEnabled() && !urlO
rigin->isSameSchemeHostPort(referrerOrigin.get())) { | 106 if (RuntimeEnabledFeatures::reducedReferrerGranularityEnabled() && !urlO
rigin->isSameSchemeHostPort(referrerOrigin.get())) { |
96 String origin = referrerOrigin->toString(); | 107 String origin = referrerOrigin->toString(); |
97 if (origin == "null") | 108 if (origin == "null") |
98 return Referrer(String(), referrerPolicy); | 109 return Referrer(String(), referrerPolicy); |
99 return Referrer(shouldHideReferrer(url, referrer) ? String() : origi
n + "/", referrerPolicy); | 110 return Referrer(shouldHideReferrer(url, referrer) ? String() : origi
n + "/", referrerPolicy); |
100 } | 111 } |
| 112 break; |
101 } | 113 } |
102 case ReferrerPolicyNoReferrerWhenDowngrade: | 114 case ReferrerPolicyNoReferrerWhenDowngrade: |
103 break; | 115 break; |
104 } | 116 } |
105 | 117 |
106 return Referrer(shouldHideReferrer(url, referrer) ? String() : referrer, ref
errerPolicy); | 118 return Referrer(shouldHideReferrer(url, referrer) ? String() : referrer, ref
errerPolicy); |
107 } | 119 } |
108 | 120 |
109 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con
st SecurityOrigin* targetOrigin) | 121 bool SecurityPolicy::isAccessWhiteListed(const SecurityOrigin* activeOrigin, con
st SecurityOrigin* targetOrigin) |
110 { | 122 { |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
163 map.remove(it); | 175 map.remove(it); |
164 } | 176 } |
165 | 177 |
166 void SecurityPolicy::resetOriginAccessWhitelists() | 178 void SecurityPolicy::resetOriginAccessWhitelists() |
167 { | 179 { |
168 ASSERT(isMainThread()); | 180 ASSERT(isMainThread()); |
169 originAccessMap().clear(); | 181 originAccessMap().clear(); |
170 } | 182 } |
171 | 183 |
172 } // namespace blink | 184 } // namespace blink |
OLD | NEW |