Index: Source/platform/weborigin/SecurityPolicy.cpp |
diff --git a/Source/platform/weborigin/SecurityPolicy.cpp b/Source/platform/weborigin/SecurityPolicy.cpp |
index 631b1bbdcf78f064f97bda8f079a3e6772de8a4a..3778877d6119c3d2b992cc5993f9f2fe92730494 100644 |
--- a/Source/platform/weborigin/SecurityPolicy.cpp |
+++ b/Source/platform/weborigin/SecurityPolicy.cpp |
@@ -87,6 +87,17 @@ Referrer SecurityPolicy::generateReferrer(ReferrerPolicy referrerPolicy, const K |
// to turn it into a canonical URL we can use as referrer. |
return Referrer(origin + "/", referrerPolicy); |
} |
+ case ReferrerPolicyOriginWhenCrossOrigin: { |
+ RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString(referrer); |
+ RefPtr<SecurityOrigin> urlOrigin = SecurityOrigin::create(url); |
+ if (!urlOrigin->isSameSchemeHostPort(referrerOrigin.get())) { |
+ String origin = referrerOrigin->toString(); |
+ if (origin == "null") |
+ return Referrer(String(), referrerPolicy); |
+ return Referrer(origin + "/", referrerPolicy); |
+ } |
+ break; |
+ } |
case ReferrerPolicyDefault: { |
// If the flag is enabled, and we're dealing with a cross-origin request, strip it. |
// Otherwise fallthrough to NoReferrerWhenDowngrade behavior. |
@@ -98,6 +109,7 @@ Referrer SecurityPolicy::generateReferrer(ReferrerPolicy referrerPolicy, const K |
return Referrer(String(), referrerPolicy); |
return Referrer(shouldHideReferrer(url, referrer) ? String() : origin + "/", referrerPolicy); |
} |
+ break; |
} |
case ReferrerPolicyNoReferrerWhenDowngrade: |
break; |