Changeset 141981 in webkit
- Timestamp:
- Feb 6, 2013 3:24:03 AM (11 years ago)
- Location:
- trunk
- Files:
-
- 35 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r141980 r141981 1 2013-02-06 Marja Hölttä <marja@chromium.org> 2 3 Take referrer policy into account when clearing the referrer header 4 https://bugs.webkit.org/show_bug.cgi?id=86000 5 6 Reviewed by Alexey Proskuryakov. 7 8 Unskip http/tests/security/referrer-policy-redirect-link.html 9 10 Skipping the tests on wk2, because other referrer policy tests are 11 skipped, too ( https://bugs.webkit.org/show_bug.cgi?id=73913 ). 12 13 * platform/gtk/TestExpectations: 14 * platform/mac/TestExpectations: 15 * platform/qt/TestExpectations: 16 * platform/win/TestExpectations: 17 * platform/wk2/TestExpectations: 18 1 19 2013-02-06 Allan Sandfeld Jensen <allan.jensen@digia.com> 2 20 -
trunk/LayoutTests/platform/gtk/TestExpectations
r141974 r141981 1246 1246 webkit.org/b/85969 http/tests/loading/post-in-iframe-with-back-navigation.html [ Failure ] 1247 1247 1248 # Started failing after it was added in r1165631249 webkit.org/b/86061 http/tests/security/referrer-policy-redirect-link.html [ Failure ]1250 1251 1248 webkit.org/b/85308 [ Release ] ietestcenter/css3/valuesandunits/units-000.htm [ ImageOnlyFailure ] 1252 1249 -
trunk/LayoutTests/platform/mac/TestExpectations
r141801 r141981 773 773 http/tests/loading/post-in-iframe-with-back-navigation.html 774 774 775 # https://bugs.webkit.org/show_bug.cgi?id=86000776 http/tests/security/referrer-policy-redirect-link.html777 778 775 # Inspector only supports evaluation in content script world with v8, see https://bugs.webkit.org/show_bug.cgi?id=85709 779 776 inspector/extensions/extensions-eval-content-script.html -
trunk/LayoutTests/platform/qt/TestExpectations
r141980 r141981 1889 1889 security/block-test.html 1890 1890 1891 # https://bugs.webkit.org/show_bug.cgi?id=860001892 http/tests/security/referrer-policy-redirect-link.html1893 1894 1891 # ============================================================================= # 1895 1892 # failing tables tests -
trunk/LayoutTests/platform/win/TestExpectations
r141933 r141981 1853 1853 # https://bugs.webkit.org/show_bug.cgi?id=85689 1854 1854 fast/animation/request-animation-frame-disabled.html 1855 1856 # https://bugs.webkit.org/show_bug.cgi?id=860001857 http/tests/security/referrer-policy-redirect-link.html1858 1855 1859 1856 # Inspector only supports evaluation in content script world with v8, see https://bugs.webkit.org/show_bug.cgi?id=85709 -
trunk/LayoutTests/platform/wk2/TestExpectations
r141802 r141981 314 314 http/tests/security/referrer-policy-https-origin.html 315 315 http/tests/security/referrer-policy-redirect.html 316 http/tests/security/referrer-policy-redirect-link.html 316 317 http/tests/security/referrer-policy-https-never.html 317 318 http/tests/security/referrer-policy-https-default.html … … 334 335 # autoZoomPageToFitWidth(). 335 336 inspector/styles/override-screen-size.html 336 337 # The network stack unconditionally strips the header on transitions from338 # secure to insecure. It should take the referrer policy into account instead.339 # https://bugs.webkit.org/show_bug.cgi?id=86000340 http/tests/security/referrer-policy-redirect-link.html341 337 342 338 # css3-conditionals support is not yet enabled. -
trunk/Source/WebCore/ChangeLog
r141979 r141981 1 2013-02-06 Marja Hölttä <marja@chromium.org> 2 3 Take referrer policy into account when clearing the referrer header 4 https://bugs.webkit.org/show_bug.cgi?id=86000 5 6 Reviewed by Alexey Proskuryakov. 7 8 The referrer should only be cleared when doing a https -> http redirect, 9 if the policy is "default". Otherwise the referrer should be left intact. 10 11 In order to do that, added a function for checking the policy in 12 NetworkingContext, and stored the NetworkingContext in ResourceHandle 13 (like some ports already did). 14 15 No new tests (unskipped old tests). 16 17 * loader/FrameNetworkingContext.h: 18 (WebCore::FrameNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect): 19 (FrameNetworkingContext): 20 * platform/network/BlobResourceHandle.cpp: 21 (WebCore::BlobResourceHandle::BlobResourceHandle): 22 * platform/network/NetworkingContext.h: 23 (NetworkingContext): 24 * platform/network/ResourceHandle.cpp: 25 (WebCore::ResourceHandle::ResourceHandle): 26 (WebCore::ResourceHandle::create): 27 (WebCore::ResourceHandle::context): 28 (WebCore): 29 * platform/network/ResourceHandle.h: 30 (ResourceHandle): 31 * platform/network/ResourceHandleInternal.h: 32 (WebCore::ResourceHandleInternal::ResourceHandleInternal): 33 (ResourceHandleInternal): 34 * platform/network/blackberry/ResourceHandleBlackBerry.cpp: 35 (WebCore::ResourceHandle::start): 36 (WebCore::ResourceHandle::loadResourceSynchronously): 37 * platform/network/cf/ResourceHandleCFNet.cpp: 38 (WebCore::willSendRequest): 39 (WebCore::ResourceHandle::start): 40 (WebCore::ResourceHandle::loadResourceSynchronously): 41 * platform/network/chromium/ResourceHandle.cpp: 42 (WebCore::ResourceHandleInternal::ResourceHandleInternal): 43 (WebCore::ResourceHandle::ResourceHandle): 44 (WebCore::ResourceHandle::create): 45 (WebCore::ResourceHandle::context): 46 (WebCore): 47 (WebCore::ResourceHandle::start): 48 * platform/network/chromium/ResourceHandleInternal.h: 49 (WebCore): 50 (ResourceHandleInternal): 51 (WebCore::ResourceHandleInternal::context): 52 * platform/network/curl/ResourceHandleCurl.cpp: 53 (WebCore::ResourceHandle::start): 54 (WebCore::ResourceHandle::loadResourceSynchronously): 55 * platform/network/mac/ResourceHandleMac.mm: 56 (WebCore::ResourceHandle::start): 57 (WebCore::ResourceHandle::loadResourceSynchronously): 58 (-[WebCoreResourceHandleAsDelegate connection:willSendRequest:redirectResponse:]): 59 * platform/network/qt/QNetworkReplyHandler.cpp: 60 (WebCore::QNetworkReplyHandler::redirect): 61 * platform/network/qt/ResourceHandleQt.cpp: 62 (WebCore::ResourceHandle::start): 63 (WebCore::ResourceHandle::loadResourceSynchronously): 64 * platform/network/soup/ResourceHandleSoup.cpp: 65 (WebCore::doRedirect): 66 (WebCore::ResourceHandle::start): 67 * platform/network/win/ResourceHandleWin.cpp: 68 (WebCore::ResourceHandle::start): 69 (WebCore::ResourceHandle::loadResourceSynchronously): 70 1 71 2013-02-06 Pavel Feldman <pfeldman@chromium.org> 2 72 -
trunk/Source/WebCore/loader/FrameNetworkingContext.h
r134960 r141981 21 21 #define FrameNetworkingContext_h 22 22 23 #include "Document.h" 23 24 #include "Frame.h" 24 25 #include "NetworkingContext.h" 26 #include "ReferrerPolicy.h" 25 27 26 28 namespace WebCore { … … 31 33 { 32 34 m_frame = 0; 35 } 36 37 virtual bool shouldClearReferrerOnHTTPSToHTTPRedirect() const 38 { 39 return m_frame->document()->referrerPolicy() == ReferrerPolicyDefault; 33 40 } 34 41 -
trunk/Source/WebCore/platform/network/BlobResourceHandle.cpp
r138413 r141981 41 41 #include "HTTPParsers.h" 42 42 #include "KURL.h" 43 #include "NetworkingContext.h"44 43 #include "ResourceError.h" 45 44 #include "ResourceHandleClient.h" … … 143 142 144 143 BlobResourceHandle::BlobResourceHandle(PassRefPtr<BlobStorageData> blobData, const ResourceRequest& request, ResourceHandleClient* client, bool async) 145 : ResourceHandle( request, client, false, false)144 : ResourceHandle(0, request, client, false, false) 146 145 , m_blobData(blobData) 147 146 , m_async(async) … … 637 636 638 637 #endif // ENABLE(BLOB) 639 -
trunk/Source/WebCore/platform/network/NetworkingContext.h
r141749 r141981 66 66 virtual bool isValid() const { return true; } 67 67 68 virtual bool shouldClearReferrerOnHTTPSToHTTPRedirect() const = 0; 69 68 70 #if PLATFORM(CHROMIUM) 69 71 // FIXME: Wrap WebCookieJar into a NetworkStorageSession to make the code cross-platform. -
trunk/Source/WebCore/platform/network/ResourceHandle.cpp
r141684 r141981 54 54 } 55 55 56 ResourceHandle::ResourceHandle( const ResourceRequest& request, ResourceHandleClient* client, bool defersLoading, bool shouldContentSniff)57 : d(adoptPtr(new ResourceHandleInternal(this, request, client, defersLoading, shouldContentSniff && shouldContentSniffURL(request.url()))))56 ResourceHandle::ResourceHandle(NetworkingContext* context, const ResourceRequest& request, ResourceHandleClient* client, bool defersLoading, bool shouldContentSniff) 57 : d(adoptPtr(new ResourceHandleInternal(this, context, request, client, defersLoading, shouldContentSniff && shouldContentSniffURL(request.url())))) 58 58 { 59 59 if (!request.url().isValid()) { … … 75 75 return protocolMapItem->value(request, client); 76 76 77 RefPtr<ResourceHandle> newHandle(adoptRef(new ResourceHandle( request, client, defersLoading, shouldContentSniff)));77 RefPtr<ResourceHandle> newHandle(adoptRef(new ResourceHandle(context, request, client, defersLoading, shouldContentSniff))); 78 78 79 79 if (newHandle->d->m_scheduledFailureType != NoFailure) 80 80 return newHandle.release(); 81 81 82 if (newHandle->start( context))82 if (newHandle->start()) 83 83 return newHandle.release(); 84 84 … … 129 129 } 130 130 131 NetworkingContext* ResourceHandle::context() const 132 { 133 return d->m_context.get(); 134 } 135 131 136 const String& ResourceHandle::lastHTTPMethod() const 132 137 { -
trunk/Source/WebCore/platform/network/ResourceHandle.h
r141684 r141981 200 200 void fireFailure(Timer<ResourceHandle>*); 201 201 202 NetworkingContext* context() const; 203 202 204 using RefCounted<ResourceHandle>::ref; 203 205 using RefCounted<ResourceHandle>::deref; … … 215 217 216 218 protected: 217 ResourceHandle( const ResourceRequest&, ResourceHandleClient*, bool defersLoading, bool shouldContentSniff);219 ResourceHandle(NetworkingContext*, const ResourceRequest&, ResourceHandleClient*, bool defersLoading, bool shouldContentSniff); 218 220 219 221 private: … … 228 230 void scheduleFailure(FailureType); 229 231 230 bool start( NetworkingContext*);232 bool start(); 231 233 232 234 virtual void refAuthenticationClient() { ref(); } -
trunk/Source/WebCore/platform/network/ResourceHandleInternal.h
r141821 r141981 84 84 WTF_MAKE_NONCOPYABLE(ResourceHandleInternal); WTF_MAKE_FAST_ALLOCATED; 85 85 public: 86 ResourceHandleInternal(ResourceHandle* loader, const ResourceRequest& request, ResourceHandleClient* c, bool defersLoading, bool shouldContentSniff) 87 : m_client(c) 86 ResourceHandleInternal(ResourceHandle* loader, NetworkingContext* context, const ResourceRequest& request, ResourceHandleClient* client, bool defersLoading, bool shouldContentSniff) 87 : m_context(context) 88 , m_client(client) 88 89 , m_firstRequest(request) 89 90 , m_lastHTTPMethod(request.httpMethod()) … … 139 140 140 141 ResourceHandleClient* client() { return m_client; } 142 143 RefPtr<NetworkingContext> m_context; 141 144 ResourceHandleClient* m_client; 142 143 145 ResourceRequest m_firstRequest; 144 146 String m_lastHTTPMethod; … … 205 207 unsigned long m_bodySize; 206 208 unsigned long m_bodyDataSent; 207 RefPtr<NetworkingContext> m_context;208 209 SoupSession* soupSession(); 209 210 int m_redirectCount; … … 217 218 #if PLATFORM(QT) 218 219 QNetworkReplyHandler* m_job; 219 RefPtr<NetworkingContext> m_context;220 220 #endif 221 221 -
trunk/Source/WebCore/platform/network/blackberry/ResourceHandleBlackBerry.cpp
r138962 r141981 108 108 } 109 109 110 bool ResourceHandle::start( NetworkingContext* context)110 bool ResourceHandle::start() 111 111 { 112 if (! context || !context->isValid())112 if (!d->m_context || !d->m_context->isValid()) 113 113 return false; 114 114 … … 157 157 bool shouldContentSniff = false; 158 158 159 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle( request, &syncLoader, defersLoading, shouldContentSniff));159 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, &syncLoader, defersLoading, shouldContentSniff)); 160 160 NetworkManager::instance()->startJob(playerId, handle, frame, defersLoading); 161 161 -
trunk/Source/WebCore/platform/network/cf/ResourceHandleCFNet.cpp
r138962 r141981 185 185 186 186 // Should not set Referer after a redirect from a secure resource to non-secure one. 187 if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") )187 if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect()) 188 188 request.clearHTTPReferrer(); 189 189 … … 497 497 } 498 498 499 bool ResourceHandle::start( NetworkingContext* context)500 { 501 if (! context)499 bool ResourceHandle::start() 500 { 501 if (!d->m_context) 502 502 return false; 503 503 504 504 // If NetworkingContext is invalid then we are no longer attached to a Page, 505 505 // this must be an attempted load from an unload handler, so let's just block it. 506 if (! context->isValid())506 if (!d->m_context->isValid()) 507 507 return false; 508 508 509 d->m_storageSession = context->storageSession().platformSession();509 d->m_storageSession = d->m_context->storageSession().platformSession(); 510 510 511 511 bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this); 512 512 513 createCFURLConnection(shouldUseCredentialStorage, shouldRelaxThirdPartyCookiePolicy( context, firstRequest().url()), d->m_shouldContentSniff);513 createCFURLConnection(shouldUseCredentialStorage, shouldRelaxThirdPartyCookiePolicy(d->m_context.get(), firstRequest().url()), d->m_shouldContentSniff); 514 514 515 515 #if PLATFORM(WIN) … … 740 740 client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials); 741 741 742 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle( request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));742 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/)); 743 743 744 744 handle->d->m_storageSession = context->storageSession().platformSession(); … … 925 925 926 926 } // namespace WebCore 927 -
trunk/Source/WebCore/platform/network/chromium/ResourceHandle.cpp
r141684 r141981 53 53 54 54 // ResourceHandleInternal ----------------------------------------------------- 55 ResourceHandleInternal::ResourceHandleInternal(const ResourceRequest& request, ResourceHandleClient* client) 56 : m_request(request) 55 ResourceHandleInternal::ResourceHandleInternal(NetworkingContext* context, const ResourceRequest& request, ResourceHandleClient* client) 56 : m_context(context) 57 , m_request(request) 57 58 , m_owner(0) 58 59 , m_client(client) … … 179 180 // ResourceHandle ------------------------------------------------------------- 180 181 181 ResourceHandle::ResourceHandle(const ResourceRequest& request, 182 ResourceHandleClient* client, 183 bool defersLoading, 184 bool shouldContentSniff) 185 : d(adoptPtr(new ResourceHandleInternal(request, client))) 182 ResourceHandle::ResourceHandle(NetworkingContext* context, const ResourceRequest& request, ResourceHandleClient* client, bool defersLoading, bool shouldContentSniff) 183 : d(adoptPtr(new ResourceHandleInternal(context, request, client))) 186 184 { 187 185 d->setOwner(this); … … 197 195 { 198 196 RefPtr<ResourceHandle> newHandle = adoptRef(new ResourceHandle( 199 request, client, defersLoading, shouldContentSniff));200 201 if (newHandle->start( context))197 context, request, client, defersLoading, shouldContentSniff)); 198 199 if (newHandle->start()) 202 200 return newHandle.release(); 203 201 … … 210 208 } 211 209 210 NetworkingContext* ResourceHandle::context() const 211 { 212 return d->context(); 213 } 214 212 215 ResourceHandleClient* ResourceHandle::client() const 213 216 { … … 225 228 } 226 229 227 bool ResourceHandle::start( NetworkingContext* context)228 { 229 if (! context)230 bool ResourceHandle::start() 231 { 232 if (!d->context()) 230 233 return false; 231 234 -
trunk/Source/WebCore/platform/network/chromium/ResourceHandleInternal.h
r141684 r141981 40 40 namespace WebCore { 41 41 42 class NetworkingContext; 42 43 class ResourceHandle; 43 44 class ResourceHandleClient; … … 45 46 class ResourceHandleInternal : public WebKit::WebURLLoaderClient { 46 47 public: 47 ResourceHandleInternal( const ResourceRequest&, ResourceHandleClient*);48 ResourceHandleInternal(NetworkingContext*, const ResourceRequest&, ResourceHandleClient*); 48 49 49 50 virtual ~ResourceHandleInternal() { } … … 81 82 void setClient(ResourceHandleClient* client) { m_client = client; } 82 83 WebKit::WebURLLoader* loader() const { return m_loader.get(); } 84 NetworkingContext* context() const { return m_context.get(); } 83 85 84 86 static ResourceHandleInternal* FromResourceHandle(ResourceHandle*); 85 87 86 88 private: 89 RefPtr<NetworkingContext> m_context; 87 90 ResourceRequest m_request; 88 91 ResourceHandle* m_owner; -
trunk/Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp
r138962 r141981 97 97 } 98 98 99 bool ResourceHandle::start( NetworkingContext* context)99 bool ResourceHandle::start() 100 100 { 101 101 // The frame could be null if the ResourceHandle is not associated to any … … 104 104 // load from an unload handler, so let's just block it. 105 105 // If both the frame and the page are not null the context is valid. 106 if ( context && !context->isValid())106 if (d->m_context && !d->m_context->isValid()) 107 107 return false; 108 108 … … 176 176 { 177 177 WebCoreSynchronousLoader syncLoader; 178 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle( request, &syncLoader, true, false));178 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, &syncLoader, true, false)); 179 179 180 180 ResourceHandleManager* manager = ResourceHandleManager::sharedInstance(); -
trunk/Source/WebCore/platform/network/mac/ResourceHandleMac.mm
r138962 r141981 219 219 } 220 220 221 bool ResourceHandle::start( NetworkingContext* context)222 { 223 if (! context)221 bool ResourceHandle::start() 222 { 223 if (!d->m_context) 224 224 return false; 225 225 … … 228 228 // If NetworkingContext is invalid then we are no longer attached to a Page, 229 229 // this must be an attempted load from an unload event handler, so let's just block it. 230 if (! context->isValid())230 if (!d->m_context->isValid()) 231 231 return false; 232 232 233 d->m_storageSession = context->storageSession().platformSession();233 d->m_storageSession = d->m_context->storageSession().platformSession(); 234 234 235 235 ASSERT(!d->m_proxy); … … 239 239 bool shouldUseCredentialStorage = !client() || client()->shouldUseCredentialStorage(this); 240 240 241 d->m_needsSiteSpecificQuirks = context->needsSiteSpecificQuirks();241 d->m_needsSiteSpecificQuirks = d->m_context->needsSiteSpecificQuirks(); 242 242 243 243 createNSURLConnection( 244 244 d->m_proxy.get(), 245 245 shouldUseCredentialStorage, 246 shouldRelaxThirdPartyCookiePolicy( context, firstRequest().url()),247 d->m_shouldContentSniff || context->localFileContentSniffingEnabled());246 shouldRelaxThirdPartyCookiePolicy(d->m_context.get(), firstRequest().url()), 247 d->m_shouldContentSniff || d->m_context->localFileContentSniffingEnabled()); 248 248 249 249 bool scheduled = false; 250 if (SchedulePairHashSet* scheduledPairs = context->scheduledRunLoopPairs()) {250 if (SchedulePairHashSet* scheduledPairs = d->m_context->scheduledRunLoopPairs()) { 251 251 SchedulePairHashSet::iterator end = scheduledPairs->end(); 252 252 for (SchedulePairHashSet::iterator it = scheduledPairs->begin(); it != end; ++it) { … … 258 258 } 259 259 260 if (NSOperationQueue *operationQueue = context->scheduledOperationQueue()) {260 if (NSOperationQueue *operationQueue = d->m_context->scheduledOperationQueue()) { 261 261 ASSERT(!scheduled); 262 262 [connection() setDelegateQueue:operationQueue]; … … 382 382 client->setAllowStoredCredentials(storedCredentials == AllowStoredCredentials); 383 383 384 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle( request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/));384 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, client.get(), false /*defersLoading*/, true /*shouldContentSniff*/)); 385 385 386 386 handle->d->m_storageSession = context->storageSession().platformSession(); … … 669 669 670 670 // Should not set Referer after a redirect from a secure resource to non-secure one. 671 if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") )671 if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && m_handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect()) 672 672 request.clearHTTPReferrer(); 673 673 -
trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp
r138413 r141981 648 648 649 649 // Should not set Referer after a redirect from a secure resource to non-secure one. 650 if (!newRequest.url().protocolIs("https") && protocolIs(newRequest.httpReferrer(), "https") )650 if (!newRequest.url().protocolIs("https") && protocolIs(newRequest.httpReferrer(), "https") && m_resourceHandle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect()) 651 651 newRequest.clearHTTPReferrer(); 652 652 -
trunk/Source/WebCore/platform/network/qt/ResourceHandleQt.cpp
r138962 r141981 91 91 } 92 92 93 bool ResourceHandle::start( NetworkingContext* context)93 bool ResourceHandle::start() 94 94 { 95 95 // If NetworkingContext is invalid then we are no longer attached to a Page, 96 96 // this must be an attempted load from an unload event handler, so let's just block it. 97 if ( context && !context->isValid())97 if (d->m_context && !d->m_context->isValid()) 98 98 return false; 99 99 … … 107 107 } 108 108 109 getInternal()->m_context = context;110 109 ResourceHandleInternal *d = getInternal(); 111 110 d->m_job = new QNetworkReplyHandler(this, QNetworkReplyHandler::AsynchronousLoad, d->m_defersLoading); … … 135 134 #endif 136 135 WebCoreSynchronousLoader syncLoader(error, response, data); 137 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle( request, &syncLoader, true, false));136 RefPtr<ResourceHandle> handle = adoptRef(new ResourceHandle(context, request, &syncLoader, true, false)); 138 137 139 138 ResourceHandleInternal* d = handle->getInternal(); … … 146 145 d->m_firstRequest.setURL(urlWithCredentials); 147 146 } 148 d->m_context = context;149 147 150 148 // starting in deferred mode gives d->m_job the chance of being set before sending the request. -
trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp
r141822 r141981 469 469 470 470 // Should not set Referer after a redirect from a secure resource to non-secure one. 471 if (!newURL.protocolIs("https") && protocolIs(request.httpReferrer(), "https") )471 if (!newURL.protocolIs("https") && protocolIs(request.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect()) 472 472 request.clearHTTPReferrer(); 473 473 … … 1019 1019 } 1020 1020 1021 bool ResourceHandle::start( NetworkingContext* context)1021 bool ResourceHandle::start() 1022 1022 { 1023 1023 ASSERT(!d->m_soupMessage); … … 1028 1028 // load from an unload handler, so let's just block it. 1029 1029 // If both the frame and the page are not null the context is valid. 1030 if ( context && !context->isValid())1030 if (d->m_context && !d->m_context->isValid()) 1031 1031 return false; 1032 1033 // Used to set the keep track of custom SoupSessions for ports that support it (EFL).1034 d->m_context = context;1035 1032 1036 1033 // Only allow the POST and GET methods for non-HTTP requests. … … 1049 1046 } 1050 1047 1051 setSoupRequestInitiatingPageIDFromNetworkingContext(d->m_soupRequest.get(), context);1048 setSoupRequestInitiatingPageIDFromNetworkingContext(d->m_soupRequest.get(), d->m_context.get()); 1052 1049 1053 1050 // Send the request only if it's not been explicitly deferred. -
trunk/Source/WebCore/platform/network/win/ResourceHandleWin.cpp
r138962 r141981 266 266 } 267 267 268 bool ResourceHandle::start( NetworkingContext* context)268 bool ResourceHandle::start() 269 269 { 270 270 if (firstRequest().url().isLocalFile() || firstRequest().url().protocolIsData()) { … … 278 278 279 279 if (!d->m_internetHandle) 280 d->m_internetHandle = asynchronousInternetHandle( context->userAgent());280 d->m_internetHandle = asynchronousInternetHandle(d->m_context->userAgent()); 281 281 282 282 if (!d->m_internetHandle) … … 420 420 421 421 WebCoreSynchronousLoader syncLoader(error, response, data, request.httpUserAgent()); 422 ResourceHandle handle(request, &syncLoader, true, false );422 ResourceHandle handle(request, &syncLoader, true, false, context); 423 423 424 424 handle.setSynchronousInternetHandle(syncLoader.internetHandle()); 425 handle.start( context);425 handle.start(); 426 426 } 427 427 -
trunk/Source/WebKit2/ChangeLog
r141978 r141981 1 2013-02-06 Marja Hölttä <marja@chromium.org> 2 3 Take referrer policy into account when clearing the referrer header 4 https://bugs.webkit.org/show_bug.cgi?id=86000 5 6 Reviewed by Alexey Proskuryakov. 7 8 The referrer should only be cleared when doing a https -> http redirect, 9 if the policy is "default". Otherwise the referrer should be left intact. 10 11 * NetworkProcess/NetworkResourceLoader.cpp: 12 (WebKit::NetworkResourceLoader::start): 13 * NetworkProcess/SchedulableLoader.cpp: 14 (WebKit::SchedulableLoader::SchedulableLoader): 15 * NetworkProcess/SchedulableLoader.h: 16 (WebKit::SchedulableLoader::shouldClearReferrerOnHTTPSToHTTPRedirect): 17 (SchedulableLoader): 18 * NetworkProcess/SyncNetworkResourceLoader.cpp: 19 (WebKit::SyncNetworkResourceLoader::start): 20 * NetworkProcess/mac/RemoteNetworkingContext.h: 21 (WebKit::RemoteNetworkingContext::create): 22 (RemoteNetworkingContext): 23 * NetworkProcess/mac/RemoteNetworkingContext.mm: 24 (WebKit::RemoteNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect): 25 (WebKit): 26 (WebKit::RemoteNetworkingContext::RemoteNetworkingContext): 27 * Shared/Network/NetworkResourceLoadParameters.cpp: 28 (WebKit::NetworkResourceLoadParameters::NetworkResourceLoadParameters): 29 (WebKit::NetworkResourceLoadParameters::encode): 30 (WebKit::NetworkResourceLoadParameters::decode): 31 * Shared/Network/NetworkResourceLoadParameters.h: 32 (NetworkResourceLoadParameters): 33 (WebKit::NetworkResourceLoadParameters::shouldClearReferrerOnHTTPSToHTTPRedirect): 34 * WebProcess/Network/WebResourceLoadScheduler.cpp: 35 (WebKit::WebResourceLoadScheduler::scheduleSubresourceLoad): 36 (WebKit::WebResourceLoadScheduler::schedulePluginStreamLoad): 37 (WebKit::WebResourceLoadScheduler::scheduleLoad): 38 * WebProcess/Network/WebResourceLoadScheduler.h: 39 (WebResourceLoadScheduler): 40 * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp: 41 (WebKit::WebPlatformStrategies::loadResourceSynchronously): 42 1 43 2013-02-06 Mikhail Pozdnyakov <mikhail.pozdnyakov@intel.com> 2 44 -
trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp
r140921 r141981 79 79 80 80 // FIXME (NetworkProcess): Create RemoteNetworkingContext with actual settings. 81 m_networkingContext = RemoteNetworkingContext::create(false, false, inPrivateBrowsingMode() );81 m_networkingContext = RemoteNetworkingContext::create(false, false, inPrivateBrowsingMode(), shouldClearReferrerOnHTTPSToHTTPRedirect()); 82 82 83 83 consumeSandboxExtensions(); -
trunk/Source/WebKit2/NetworkProcess/SchedulableLoader.cpp
r140874 r141981 41 41 , m_inPrivateBrowsingMode(parameters.inPrivateBrowsingMode()) 42 42 , m_connection(connection) 43 , m_shouldClearReferrerOnHTTPSToHTTPRedirect(parameters.shouldClearReferrerOnHTTPSToHTTPRedirect()) 43 44 { 44 45 for (size_t i = 0, count = parameters.requestBodySandboxExtensions().size(); i < count; ++i) { -
trunk/Source/WebKit2/NetworkProcess/SchedulableLoader.h
r140874 r141981 66 66 void invalidateSandboxExtensions(); 67 67 68 bool shouldClearReferrerOnHTTPSToHTTPRedirect() const { return m_shouldClearReferrerOnHTTPSToHTTPRedirect; } 69 68 70 private: 69 71 ResourceLoadIdentifier m_identifier; … … 82 84 83 85 RefPtr<HostRecord> m_hostRecord; 86 87 bool m_shouldClearReferrerOnHTTPSToHTTPRedirect; 84 88 }; 85 89 -
trunk/Source/WebKit2/NetworkProcess/SyncNetworkResourceLoader.cpp
r140843 r141981 60 60 61 61 // FIXME (NetworkProcess): Create RemoteNetworkingContext with actual settings. 62 RefPtr<RemoteNetworkingContext> networkingContext = RemoteNetworkingContext::create(false, false, inPrivateBrowsingMode() );62 RefPtr<RemoteNetworkingContext> networkingContext = RemoteNetworkingContext::create(false, false, inPrivateBrowsingMode(), shouldClearReferrerOnHTTPSToHTTPRedirect()); 63 63 64 64 consumeSandboxExtensions(); -
trunk/Source/WebKit2/NetworkProcess/mac/RemoteNetworkingContext.h
r138413 r141981 33 33 class RemoteNetworkingContext : public WebCore::NetworkingContext { 34 34 public: 35 static PassRefPtr<RemoteNetworkingContext> create(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled )35 static PassRefPtr<RemoteNetworkingContext> create(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled, bool shouldClearReferrerOnHTTPSToHTTPRedirect) 36 36 { 37 return adoptRef(new RemoteNetworkingContext(needsSiteSpecificQuirks, localFileContentSniffingEnabled, privateBrowsingEnabled ));37 return adoptRef(new RemoteNetworkingContext(needsSiteSpecificQuirks, localFileContentSniffingEnabled, privateBrowsingEnabled, shouldClearReferrerOnHTTPSToHTTPRedirect)); 38 38 } 39 39 virtual ~RemoteNetworkingContext(); … … 45 45 static WebCore::NetworkStorageSession& privateBrowsingSession(); // Can only be called when the session exists. 46 46 47 virtual bool shouldClearReferrerOnHTTPSToHTTPRedirect() const OVERRIDE; 48 47 49 private: 48 RemoteNetworkingContext(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled );50 RemoteNetworkingContext(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled, bool m_shouldClearReferrerOnHTTPSToHTTPRedirect); 49 51 50 52 virtual bool isValid() const OVERRIDE; … … 59 61 bool m_localFileContentSniffingEnabled; 60 62 bool m_privateBrowsingEnabled; 63 bool m_shouldClearReferrerOnHTTPSToHTTPRedirect; 61 64 }; 62 65 -
trunk/Source/WebKit2/NetworkProcess/mac/RemoteNetworkingContext.mm
r138413 r141981 43 43 } 44 44 45 RemoteNetworkingContext::RemoteNetworkingContext(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled) 45 bool RemoteNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect() const 46 { 47 return m_shouldClearReferrerOnHTTPSToHTTPRedirect; 48 } 49 50 RemoteNetworkingContext::RemoteNetworkingContext(bool needsSiteSpecificQuirks, bool localFileContentSniffingEnabled, bool privateBrowsingEnabled, bool shouldClearReferrerOnHTTPSToHTTPRedirect) 46 51 : m_needsSiteSpecificQuirks(needsSiteSpecificQuirks) 47 52 , m_localFileContentSniffingEnabled(localFileContentSniffingEnabled) 48 53 , m_privateBrowsingEnabled(privateBrowsingEnabled) 54 , m_shouldClearReferrerOnHTTPSToHTTPRedirect(shouldClearReferrerOnHTTPSToHTTPRedirect) 49 55 { 50 56 } -
trunk/Source/WebKit2/Shared/Network/NetworkResourceLoadParameters.cpp
r141619 r141981 46 46 , m_allowStoredCredentials(DoNotAllowStoredCredentials) 47 47 , m_inPrivateBrowsingMode(false) 48 , m_shouldClearReferrerOnHTTPSToHTTPRedirect(true) 48 49 { 49 50 } 50 51 51 NetworkResourceLoadParameters::NetworkResourceLoadParameters(ResourceLoadIdentifier identifier, uint64_t webPageID, uint64_t webFrameID, const ResourceRequest& request, ResourceLoadPriority priority, ContentSniffingPolicy contentSniffingPolicy, StoredCredentials allowStoredCredentials, bool inPrivateBrowsingMode )52 NetworkResourceLoadParameters::NetworkResourceLoadParameters(ResourceLoadIdentifier identifier, uint64_t webPageID, uint64_t webFrameID, const ResourceRequest& request, ResourceLoadPriority priority, ContentSniffingPolicy contentSniffingPolicy, StoredCredentials allowStoredCredentials, bool inPrivateBrowsingMode, bool shouldClearReferrerOnHTTPSToHTTPRedirect) 52 53 : m_identifier(identifier) 53 54 , m_webPageID(webPageID) … … 58 59 , m_allowStoredCredentials(allowStoredCredentials) 59 60 , m_inPrivateBrowsingMode(inPrivateBrowsingMode) 61 , m_shouldClearReferrerOnHTTPSToHTTPRedirect(shouldClearReferrerOnHTTPSToHTTPRedirect) 60 62 { 61 63 } … … 104 106 encoder.encodeEnum(m_allowStoredCredentials); 105 107 encoder.encode(m_inPrivateBrowsingMode); 108 encoder.encode(m_shouldClearReferrerOnHTTPSToHTTPRedirect); 106 109 } 107 110 … … 148 151 if (!decoder.decode(result.m_inPrivateBrowsingMode)) 149 152 return false; 153 if (!decoder.decode(result.m_shouldClearReferrerOnHTTPSToHTTPRedirect)) 154 return false; 150 155 151 156 return true; -
trunk/Source/WebKit2/Shared/Network/NetworkResourceLoadParameters.h
r141619 r141981 46 46 public: 47 47 NetworkResourceLoadParameters(); 48 NetworkResourceLoadParameters(ResourceLoadIdentifier, uint64_t webPageID, uint64_t webFrameID, const WebCore::ResourceRequest&, WebCore::ResourceLoadPriority, WebCore::ContentSniffingPolicy, WebCore::StoredCredentials, bool inPrivateBrowsingMode );48 NetworkResourceLoadParameters(ResourceLoadIdentifier, uint64_t webPageID, uint64_t webFrameID, const WebCore::ResourceRequest&, WebCore::ResourceLoadPriority, WebCore::ContentSniffingPolicy, WebCore::StoredCredentials, bool inPrivateBrowsingMode, bool shouldClearReferrerOnHTTPSToHTTPRedirect); 49 49 50 50 void encode(CoreIPC::ArgumentEncoder&) const; … … 61 61 WebCore::StoredCredentials allowStoredCredentials() const { return m_allowStoredCredentials; } 62 62 bool inPrivateBrowsingMode() const { return m_inPrivateBrowsingMode; } 63 bool shouldClearReferrerOnHTTPSToHTTPRedirect() const { return m_shouldClearReferrerOnHTTPSToHTTPRedirect; } 63 64 64 65 private: … … 73 74 WebCore::StoredCredentials m_allowStoredCredentials; 74 75 bool m_inPrivateBrowsingMode; 76 bool m_shouldClearReferrerOnHTTPSToHTTPRedirect; 75 77 }; 76 78 -
trunk/Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.cpp
r141824 r141981 38 38 #include "WebProcess.h" 39 39 #include "WebResourceLoader.h" 40 #include <WebCore/Document.h> 40 41 #include <WebCore/DocumentLoader.h> 41 42 #include <WebCore/Frame.h> 42 43 #include <WebCore/FrameLoader.h> 43 44 #include <WebCore/NetscapePlugInStreamLoader.h> 45 #include <WebCore/ReferrerPolicy.h> 44 46 #include <WebCore/ResourceBuffer.h> 45 47 #include <WebCore/ResourceLoader.h> … … 68 70 RefPtr<SubresourceLoader> loader = SubresourceLoader::create(frame, resource, request, options); 69 71 if (loader) 70 scheduleLoad(loader.get(), priority );72 scheduleLoad(loader.get(), priority, frame->document()->referrerPolicy() == ReferrerPolicyDefault); 71 73 return loader.release(); 72 74 } … … 76 78 RefPtr<NetscapePlugInStreamLoader> loader = NetscapePlugInStreamLoader::create(frame, client, request); 77 79 if (loader) 78 scheduleLoad(loader.get(), ResourceLoadPriorityLow );80 scheduleLoad(loader.get(), ResourceLoadPriorityLow, frame->document()->referrerPolicy() == ReferrerPolicyDefault); 79 81 return loader.release(); 80 82 } 81 83 82 void WebResourceLoadScheduler::scheduleLoad(ResourceLoader* resourceLoader, ResourceLoadPriority priority )84 void WebResourceLoadScheduler::scheduleLoad(ResourceLoader* resourceLoader, ResourceLoadPriority priority, bool shouldClearReferrerOnHTTPSToHTTPRedirect) 83 85 { 84 86 ASSERT(resourceLoader); … … 106 108 WebPage* webPage = webFrame->page(); 107 109 108 NetworkResourceLoadParameters loadParameters(identifier, webPage->pageID(), webFrame->frameID(), resourceLoader->request(), priority, contentSniffingPolicy, allowStoredCredentials, privateBrowsingEnabled );110 NetworkResourceLoadParameters loadParameters(identifier, webPage->pageID(), webFrame->frameID(), resourceLoader->request(), priority, contentSniffingPolicy, allowStoredCredentials, privateBrowsingEnabled, shouldClearReferrerOnHTTPSToHTTPRedirect); 109 111 if (!WebProcess::shared().networkConnection()->connection()->send(Messages::NetworkConnectionToWebProcess::ScheduleResourceLoad(loadParameters), 0)) { 110 112 // We probably failed to schedule this load with the NetworkProcess because it had crashed. -
trunk/Source/WebKit2/WebProcess/Network/WebResourceLoadScheduler.h
r141824 r141981 64 64 65 65 private: 66 void scheduleLoad(WebCore::ResourceLoader*, WebCore::ResourceLoadPriority );66 void scheduleLoad(WebCore::ResourceLoader*, WebCore::ResourceLoadPriority, bool shouldClearReferrerOnHTTPSToHTTPRedirect); 67 67 void scheduleInternallyFailedLoad(WebCore::ResourceLoader*); 68 68 void internallyFailedLoadTimerFired(); -
trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp
r141017 r141981 235 235 CoreIPC::DataReference dataReference; 236 236 237 NetworkResourceLoadParameters loadParameters(resourceLoadIdentifier, 0, 0, request, ResourceLoadPriorityHighest, SniffContent, storedCredentials, context->storageSession().isPrivateBrowsingSession() );237 NetworkResourceLoadParameters loadParameters(resourceLoadIdentifier, 0, 0, request, ResourceLoadPriorityHighest, SniffContent, storedCredentials, context->storageSession().isPrivateBrowsingSession(), context->shouldClearReferrerOnHTTPSToHTTPRedirect()); 238 238 if (!WebProcess::shared().networkConnection()->connection()->sendSync(Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad(loadParameters), Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::Reply(error, response, dataReference), 0)) { 239 239 response = ResourceResponse();
Note: See TracChangeset
for help on using the changeset viewer.