Context Navigation

← Previous Changeset
Next Changeset →

Changeset 193984 in webkit

Timestamp:

Dec 11, 2015, 2:43:49 PM (9 years ago)

Author:

jiewen_tan@apple.com

Message:

Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/22124230>

Reviewed by Andy Estes.

Source/WebCore:

Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
"Content-Disposition: attachment".

Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html

dom/Document.cpp:

(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):

LayoutTests:

http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.

Location:

trunk

Files:

: 4 added
: 3 edited

Legend:

: Unmodified
: Added
: Removed

trunk/LayoutTests/ChangeLog

-              r193982
+              r193984
+-12-11  Jiewen Tan  <jiewen_tan@apple.com>
+        Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
+        https://bugs.webkit.org/show_bug.cgi?id=152102
+        <rdar://problem/22124230>
+        Reviewed by Andy Estes.
+        * http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
+        * http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
+        * http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
+        * http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.
 -12-11  Ryan Haddad  <ryanhaddad@apple.com>

trunk/Source/WebCore/ChangeLog

-              r193981
+              r193984
+-12-11  Jiewen Tan  <jiewen_tan@apple.com>
+        Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
+        https://bugs.webkit.org/show_bug.cgi?id=152102
+        <rdar://problem/22124230>
+        Reviewed by Andy Estes.
+        Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
+        "Content-Disposition: attachment".
+        Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html
+        * dom/Document.cpp:
+        (WebCore::Document::processReferrerPolicy):
+        (WebCore::Document::applyContentDispositionAttachmentSandbox):
 -12-11  Brady Eidson  <beidson@apple.com>

trunk/Source/WebCore/dom/Document.cpp

-              r193957
+              r193984
     ASSERT(!policy.isNull());
+    // Documents in a Content-Disposition: attachment sandbox should never send a Referer header,
+    // even if the document has a meta tag saying otherwise.
+    if (shouldEnforceContentDispositionAttachmentSandbox())
+        return;
     // Note that we're supporting both the standard and legacy keywords for referrer
     // policies, as defined by http://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-meta
 …
     ASSERT(shouldEnforceContentDispositionAttachmentSandbox());
+    setReferrerPolicy(ReferrerPolicyNever);
     if (!isMediaDocument())
         enforceSandboxFlags(SandboxAll);

Note: See TracChangeset for help on using the changeset viewer.