Changeset 230208 in webkit
- Timestamp:
- Apr 3, 2018 10:15:17 AM (6 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 17 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/imported/w3c/ChangeLog
r230118 r230208 1 2018-04-03 Sihui Liu <sihui_liu@apple.com> 2 3 The referer header is not set after redirect 4 https://bugs.webkit.org/show_bug.cgi?id=182644 5 <rdar://problem/37479048> 6 7 Reviewed by Youenn Fablet. 8 9 Rebaseline some tests for fetch api as they are passing now. 10 11 * web-platform-tests/fetch/api/basic/referrer.any-expected.txt: 12 * web-platform-tests/fetch/api/basic/referrer.any.worker-expected.txt: 13 * web-platform-tests/fetch/api/redirect/redirect-referrer-expected.txt: 14 * web-platform-tests/fetch/api/redirect/redirect-referrer-worker-expected.txt: 15 1 16 2018-03-30 Youenn Fablet <youenn@apple.com> 2 17 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.any-expected.txt
r215515 r230208 2 2 PASS origin-when-cross-origin policy on a same-origin URL 3 3 PASS origin-when-cross-origin policy on a cross-origin URL 4 FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null 4 PASS origin-when-cross-origin policy on a cross-origin URL after same-origin redirection 5 5 PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection 6 6 PASS Referrer with credentials should be stripped -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.any.worker-expected.txt
r215515 r230208 2 2 PASS origin-when-cross-origin policy on a same-origin URL 3 3 PASS origin-when-cross-origin policy on a cross-origin URL 4 FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null 4 PASS origin-when-cross-origin policy on a cross-origin URL after same-origin redirection 5 5 PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection 6 6 PASS Referrer with credentials should be stripped -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-referrer-expected.txt
r220208 r230208 3 3 PASS Same origin redirection, empty init, no-referrer-when-downgrade redirect header 4 4 PASS Same origin redirection, empty init, same-origin redirect header 5 FAIL Same origin redirection, empty init, origin redirect header assert_equals: Check referrer header expected "http://localhost:8800/" but got "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" 5 PASS Same origin redirection, empty init, origin redirect header 6 6 PASS Same origin redirection, empty init, origin-when-cross-origin redirect header 7 FAIL Same origin redirection, empty init, no-referrer redirect header assert_equals: Check referrer header expected (object) null but got (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" 8 FAIL Same origin redirection, empty init, strict-origin redirect header assert_equals: Check referrer header expected "http://localhost:8800/" but got "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" 7 PASS Same origin redirection, empty init, no-referrer redirect header 8 PASS Same origin redirection, empty init, strict-origin redirect header 9 9 PASS Same origin redirection, empty init, strict-origin-when-cross-origin redirect header 10 10 PASS Same origin redirection, empty redirect header, unsafe-url init … … 16 16 PASS Same origin redirection, empty redirect header, strict-origin init 17 17 PASS Same origin redirection, empty redirect header, strict-origin-when-cross-origin init 18 FAIL Cross origin redirection, empty init, unsafe-url redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" but got (object) null 19 FAIL Cross origin redirection, empty init, no-referrer-when-downgrade redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" but got (object) null 18 PASS Cross origin redirection, empty init, unsafe-url redirect header 19 PASS Cross origin redirection, empty init, no-referrer-when-downgrade redirect header 20 20 PASS Cross origin redirection, empty init, same-origin redirect header 21 FAIL Cross origin redirection, empty init, origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 22 FAIL Cross origin redirection, empty init, origin-when-cross-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 21 PASS Cross origin redirection, empty init, origin redirect header 22 PASS Cross origin redirection, empty init, origin-when-cross-origin redirect header 23 23 PASS Cross origin redirection, empty init, no-referrer redirect header 24 FAIL Cross origin redirection, empty init, strict-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 25 FAIL Cross origin redirection, empty init, strict-origin-when-cross-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 26 FAIL Cross origin redirection, empty redirect header, unsafe-url init assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" but got (object) null 27 FAIL Cross origin redirection, empty redirect header, no-referrer-when-downgrade init assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.html" but got (object) null 24 PASS Cross origin redirection, empty init, strict-origin redirect header 25 PASS Cross origin redirection, empty init, strict-origin-when-cross-origin redirect header 26 PASS Cross origin redirection, empty redirect header, unsafe-url init 27 PASS Cross origin redirection, empty redirect header, no-referrer-when-downgrade init 28 28 PASS Cross origin redirection, empty redirect header, same-origin init 29 FAIL Cross origin redirection, empty redirect header, origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 30 FAIL Cross origin redirection, empty redirect header, origin-when-cross-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 29 PASS Cross origin redirection, empty redirect header, origin init 30 PASS Cross origin redirection, empty redirect header, origin-when-cross-origin init 31 31 PASS Cross origin redirection, empty redirect header, no-referrer init 32 FAIL Cross origin redirection, empty redirect header, strict-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 33 FAIL Cross origin redirection, empty redirect header, strict-origin-when-cross-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 32 PASS Cross origin redirection, empty redirect header, strict-origin init 33 PASS Cross origin redirection, empty redirect header, strict-origin-when-cross-origin init 34 34 -
trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-referrer-worker-expected.txt
r220208 r230208 3 3 PASS Same origin redirection, empty init, no-referrer-when-downgrade redirect header 4 4 PASS Same origin redirection, empty init, same-origin redirect header 5 FAIL Same origin redirection, empty init, origin redirect header assert_equals: Check referrer header expected "http://localhost:8800/" but got "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" 5 PASS Same origin redirection, empty init, origin redirect header 6 6 PASS Same origin redirection, empty init, origin-when-cross-origin redirect header 7 FAIL Same origin redirection, empty init, no-referrer redirect header assert_equals: Check referrer header expected (object) null but got (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" 8 FAIL Same origin redirection, empty init, strict-origin redirect header assert_equals: Check referrer header expected "http://localhost:8800/" but got "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" 7 PASS Same origin redirection, empty init, no-referrer redirect header 8 PASS Same origin redirection, empty init, strict-origin redirect header 9 9 PASS Same origin redirection, empty init, strict-origin-when-cross-origin redirect header 10 10 PASS Same origin redirection, empty redirect header, unsafe-url init … … 16 16 PASS Same origin redirection, empty redirect header, strict-origin init 17 17 PASS Same origin redirection, empty redirect header, strict-origin-when-cross-origin init 18 FAIL Cross origin redirection, empty init, unsafe-url redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" but got (object) null 19 FAIL Cross origin redirection, empty init, no-referrer-when-downgrade redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" but got (object) null 18 PASS Cross origin redirection, empty init, unsafe-url redirect header 19 PASS Cross origin redirection, empty init, no-referrer-when-downgrade redirect header 20 20 PASS Cross origin redirection, empty init, same-origin redirect header 21 FAIL Cross origin redirection, empty init, origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 22 FAIL Cross origin redirection, empty init, origin-when-cross-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 21 PASS Cross origin redirection, empty init, origin redirect header 22 PASS Cross origin redirection, empty init, origin-when-cross-origin redirect header 23 23 PASS Cross origin redirection, empty init, no-referrer redirect header 24 FAIL Cross origin redirection, empty init, strict-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 25 FAIL Cross origin redirection, empty init, strict-origin-when-cross-origin redirect header assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 26 FAIL Cross origin redirection, empty redirect header, unsafe-url init assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" but got (object) null 27 FAIL Cross origin redirection, empty redirect header, no-referrer-when-downgrade init assert_equals: Check referrer header expected (string) "http://localhost:8800/fetch/api/redirect/redirect-referrer.js" but got (object) null 24 PASS Cross origin redirection, empty init, strict-origin redirect header 25 PASS Cross origin redirection, empty init, strict-origin-when-cross-origin redirect header 26 PASS Cross origin redirection, empty redirect header, unsafe-url init 27 PASS Cross origin redirection, empty redirect header, no-referrer-when-downgrade init 28 28 PASS Cross origin redirection, empty redirect header, same-origin init 29 FAIL Cross origin redirection, empty redirect header, origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 30 FAIL Cross origin redirection, empty redirect header, origin-when-cross-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 29 PASS Cross origin redirection, empty redirect header, origin init 30 PASS Cross origin redirection, empty redirect header, origin-when-cross-origin init 31 31 PASS Cross origin redirection, empty redirect header, no-referrer init 32 FAIL Cross origin redirection, empty redirect header, strict-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 33 FAIL Cross origin redirection, empty redirect header, strict-origin-when-cross-origin init assert_equals: Check referrer header expected (string) "http://localhost:8800/" but got (object) null 32 PASS Cross origin redirection, empty redirect header, strict-origin init 33 PASS Cross origin redirection, empty redirect header, strict-origin-when-cross-origin init 34 34 -
trunk/Source/WebCore/ChangeLog
r230205 r230208 1 2018-04-03 Sihui Liu <sihui_liu@apple.com> 2 3 The referer header is not set after redirect 4 https://bugs.webkit.org/show_bug.cgi?id=182644 5 <rdar://problem/37479048> 6 7 Reviewed by Youenn Fablet. 8 9 Update referrer policy and recompute referrer in redirection check, so Referer header would be set after it's removed from cross-origin request. 10 11 Add support for Referrer-Policy header, so referrer policy would be changed based on redirect response. 12 13 * Sources.txt: 14 * WebCore.xcodeproj/project.pbxproj: 15 * dom/Document.cpp: 16 (WebCore::Document::processReferrerPolicy): 17 * loader/CrossOriginAccessControl.cpp: 18 (WebCore::updateRequestReferrer): 19 * loader/CrossOriginAccessControl.h: 20 * loader/ResourceLoader.h: 21 (WebCore::ResourceLoader::setReferrerPolicy): 22 (WebCore::ResourceLoader::referrerPolicy const): 23 * loader/SubresourceLoader.cpp: 24 (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl): 25 (WebCore::SubresourceLoader::updateReferrerPolicy): 26 * loader/SubresourceLoader.h: 27 * loader/cache/CachedResourceRequest.cpp: 28 (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin): 29 (WebCore::CachedResourceRequest::updateForAccessControl): 30 (WebCore::CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders): 31 * platform/ReferrerPolicy.cpp: Added. 32 (WebCore::parseReferrerPolicy): 33 * platform/ReferrerPolicy.h: 34 * platform/network/HTTPHeaderNames.in: 35 1 36 2018-04-03 Chris Dumez <cdumez@apple.com> 2 37 -
trunk/Source/WebCore/Sources.txt
r229694 r230208 1466 1466 platform/PlatformStrategies.cpp 1467 1467 platform/Process.cpp 1468 platform/ReferrerPolicy.cpp 1468 1469 platform/RemoteCommandListener.cpp 1469 1470 platform/RuntimeApplicationChecks.cpp -
trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj
r230015 r230208 13005 13005 C9DADBCA1B1D3B25001F17D8 /* JSMediaSession.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSMediaSession.h; sourceTree = "<group>"; }; 13006 13006 C9F87CFD1B28E5F600979B83 /* MediaSessionEvents.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; path = MediaSessionEvents.h; sourceTree = "<group>"; }; 13007 CA1635DC2072E76900E7D2CE /* ReferrerPolicy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReferrerPolicy.cpp; sourceTree = "<group>"; }; 13007 13008 CA3BF67B10D99BAE00E6CE53 /* ScrollAnimator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ScrollAnimator.cpp; sourceTree = "<group>"; }; 13008 13009 CA3BF67D10D99BAE00E6CE53 /* ScrollAnimator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ScrollAnimator.h; sourceTree = "<group>"; }; … … 24190 24191 0081FEFD16B0A244008AAA7A /* PublicSuffix.h */, 24191 24192 5C97A3361F5F7A6500105207 /* RectEdges.h */, 24193 CA1635DC2072E76900E7D2CE /* ReferrerPolicy.cpp */, 24192 24194 9831AE49154225A200FE2644 /* ReferrerPolicy.h */, 24193 24195 CDFC360318CA61C20026E56F /* RemoteCommandListener.cpp */, -
trunk/Source/WebCore/dom/Document.cpp
r229694 r230208 3461 3461 return; 3462 3462 #endif 3463 3464 // "never" / "default" / "always" are legacy keywords that we will support. They were defined in: 3465 // https://www.w3.org/TR/2014/WD-referrer-policy-20140807/#referrer-policy-delivery-meta 3466 if (equalLettersIgnoringASCIICase(policy, "no-referrer") || equalLettersIgnoringASCIICase(policy, "never")) 3467 setReferrerPolicy(ReferrerPolicy::NoReferrer); 3468 else if (equalLettersIgnoringASCIICase(policy, "unsafe-url") || equalLettersIgnoringASCIICase(policy, "always")) 3469 setReferrerPolicy(ReferrerPolicy::UnsafeUrl); 3470 else if (equalLettersIgnoringASCIICase(policy, "origin")) 3471 setReferrerPolicy(ReferrerPolicy::Origin); 3472 else if (equalLettersIgnoringASCIICase(policy, "origin-when-cross-origin")) 3473 setReferrerPolicy(ReferrerPolicy::OriginWhenCrossOrigin); 3474 else if (equalLettersIgnoringASCIICase(policy, "same-origin")) 3475 setReferrerPolicy(ReferrerPolicy::SameOrigin); 3476 else if (equalLettersIgnoringASCIICase(policy, "strict-origin")) 3477 setReferrerPolicy(ReferrerPolicy::StrictOrigin); 3478 else if (equalLettersIgnoringASCIICase(policy, "strict-origin-when-cross-origin")) 3479 setReferrerPolicy(ReferrerPolicy::StrictOriginWhenCrossOrigin); 3480 else if (equalLettersIgnoringASCIICase(policy, "no-referrer-when-downgrade") || equalLettersIgnoringASCIICase(policy, "default")) 3481 setReferrerPolicy(ReferrerPolicy::NoReferrerWhenDowngrade); 3482 else { 3463 3464 auto referrerPolicy = parseReferrerPolicy(policy, ShouldParseLegacyKeywords::Yes); 3465 if (!referrerPolicy) { 3483 3466 addConsoleMessage(MessageSource::Rendering, MessageLevel::Error, "Failed to set referrer policy: The value '" + policy + "' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'same-origin', 'origin', 'strict-origin', 'origin-when-cross-origin', 'strict-origin-when-cross-origin' or 'unsafe-url'. Defaulting to 'no-referrer'."); 3484 3467 setReferrerPolicy(ReferrerPolicy::NoReferrer); 3485 } 3468 return; 3469 } 3470 setReferrerPolicy(referrerPolicy.value()); 3486 3471 } 3487 3472 -
trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp
r226400 r230208 35 35 #include "SchemeRegistry.h" 36 36 #include "SecurityOrigin.h" 37 #include "SecurityPolicy.h" 37 38 #include <mutex> 38 39 #include <wtf/NeverDestroyed.h> … … 58 59 59 60 return true; 61 } 62 63 void updateRequestReferrer(ResourceRequest& request, ReferrerPolicy referrerPolicy, const String& outgoingReferrer) 64 { 65 String newOutgoingReferrer = SecurityPolicy::generateReferrerHeader(referrerPolicy, request.url(), outgoingReferrer); 66 if (newOutgoingReferrer.isEmpty()) 67 request.clearHTTPReferrer(); 68 else 69 request.setHTTPReferrer(newOutgoingReferrer); 60 70 } 61 71 -
trunk/Source/WebCore/loader/CrossOriginAccessControl.h
r226126 r230208 43 43 bool isOnAccessControlSimpleRequestMethodWhitelist(const String&); 44 44 45 void updateRequestReferrer(ResourceRequest&, ReferrerPolicy, const String&); 46 45 47 WEBCORE_EXPORT void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin&, StoredCredentialsPolicy); 46 48 WEBCORE_EXPORT ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&, const String&); -
trunk/Source/WebCore/loader/ResourceLoader.h
r230203 r230208 160 160 161 161 void didReceiveDataOrBuffer(const char*, unsigned, RefPtr<SharedBuffer>&&, long long encodedDataLength, DataPayloadType); 162 163 void setReferrerPolicy(ReferrerPolicy referrerPolicy) { m_options.referrerPolicy = referrerPolicy; } 164 ReferrerPolicy referrerPolicy() const { return m_options.referrerPolicy; } 162 165 163 166 #if PLATFORM(COCOA) -
trunk/Source/WebCore/loader/SubresourceLoader.cpp
r229563 r230208 39 39 #include "Frame.h" 40 40 #include "FrameLoader.h" 41 #include "HTTPParsers.h" 41 42 #include "LinkLoader.h" 42 43 #include "Logging.h" … … 569 570 m_origin = SecurityOrigin::createUnique(); 570 571 572 updateReferrerPolicy(redirectResponse.httpHeaderField(HTTPHeaderName::ReferrerPolicy)); 573 571 574 if (redirectingToNewOrigin) { 572 575 cleanHTTPRequestHeadersForAccessControl(newRequest); 573 576 updateRequestForAccessControl(newRequest, *m_origin, options().storedCredentialsPolicy); 574 577 } 578 579 updateRequestReferrer(newRequest, referrerPolicy(), previousRequest.httpReferrer()); 575 580 576 581 return true; 582 } 583 584 void SubresourceLoader::updateReferrerPolicy(const String& referrerPolicyValue) 585 { 586 if (referrerPolicyValue.isEmpty()) 587 return; 588 589 // Implementing https://www.w3.org/TR/2017/CR-referrer-policy-20170126/#parse-referrer-policy-from-header. 590 ReferrerPolicy referrerPolicy = ReferrerPolicy::EmptyString; 591 for (auto tokenView : StringView { referrerPolicyValue }.split(',')) { 592 auto token = parseReferrerPolicy(stripLeadingAndTrailingHTTPSpaces(tokenView), ShouldParseLegacyKeywords::No); 593 if (token && token.value() != ReferrerPolicy::EmptyString) 594 referrerPolicy = token.value(); 595 } 596 if (referrerPolicy != ReferrerPolicy::EmptyString) 597 setReferrerPolicy(referrerPolicy); 577 598 } 578 599 -
trunk/Source/WebCore/loader/SubresourceLoader.h
r229977 r230208 80 80 void didCancel(const ResourceError&) override; 81 81 void didRetrieveDerivedDataFromCache(const String& type, SharedBuffer&) override; 82 83 void updateReferrerPolicy(const String&); 82 84 83 85 #if PLATFORM(COCOA) -
trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp
r226904 r230208 36 36 #include "ImageDecoder.h" 37 37 #include "MemoryCache.h" 38 #include "SecurityPolicy.h"39 38 #include "ServiceWorkerRegistrationData.h" 40 39 #include <wtf/NeverDestroyed.h> … … 103 102 m_options.credentials = credentials; 104 103 m_options.storedCredentialsPolicy = credentials == FetchOptions::Credentials::Include ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse; 105 WebCore::updateRequestForAccessControl(m_resourceRequest, document.securityOrigin(), m_options.storedCredentialsPolicy);104 updateRequestForAccessControl(m_resourceRequest, document.securityOrigin(), m_options.storedCredentialsPolicy); 106 105 } 107 106 … … 111 110 112 111 m_origin = &document.securityOrigin(); 113 WebCore::updateRequestForAccessControl(m_resourceRequest, *m_origin, m_options.storedCredentialsPolicy);112 updateRequestForAccessControl(m_resourceRequest, *m_origin, m_options.storedCredentialsPolicy); 114 113 } 115 114 … … 232 231 void CachedResourceRequest::updateReferrerOriginAndUserAgentHeaders(FrameLoader& frameLoader) 233 232 { 234 // Implementing step 7 to 9 of https://fetch.spec.whatwg.org/#http-network-or-cache-fetch235 236 String outgoingOrigin ;237 String outgoingReferrer = m_resourceRequest.httpReferrer();238 if (!outgoingReferrer.isNull())233 // Implementing step 9 to 11 of https://fetch.spec.whatwg.org/#http-network-or-cache-fetch as of 16 March 2018 234 String outgoingReferrer = frameLoader.outgoingReferrer(); 235 String outgoingOrigin = frameLoader.outgoingOrigin(); 236 if (m_resourceRequest.hasHTTPReferrer()) { 237 outgoingReferrer = m_resourceRequest.httpReferrer(); 239 238 outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString(); 240 else {241 outgoingReferrer = frameLoader.outgoingReferrer();242 outgoingOrigin = frameLoader.outgoingOrigin();243 239 } 244 245 outgoingReferrer = SecurityPolicy::generateReferrerHeader(m_options.referrerPolicy, m_resourceRequest.url(), outgoingReferrer); 246 if (outgoingReferrer.isEmpty()) 247 m_resourceRequest.clearHTTPReferrer(); 248 else 249 m_resourceRequest.setHTTPReferrer(outgoingReferrer); 240 updateRequestReferrer(m_resourceRequest, m_options.referrerPolicy, outgoingReferrer); 241 250 242 FrameLoader::addHTTPOriginIfNeeded(m_resourceRequest, outgoingOrigin); 251 243 -
trunk/Source/WebCore/platform/ReferrerPolicy.h
r221086 r230208 34 34 35 35 #include <wtf/EnumTraits.h> 36 #include <wtf/Forward.h> 36 37 37 38 namespace WebCore { … … 48 49 UnsafeUrl 49 50 }; 51 52 enum class ShouldParseLegacyKeywords { No, Yes }; 53 54 std::optional<ReferrerPolicy> parseReferrerPolicy(StringView, ShouldParseLegacyKeywords); 50 55 51 56 } -
trunk/Source/WebCore/platform/network/HTTPHeaderNames.in
r226141 r230208 78 78 Range 79 79 Referer 80 Referrer-Policy 80 81 Refresh 81 82 Sec-WebSocket-Accept
Note: See TracChangeset
for help on using the changeset viewer.