Changeset 247509 in webkit


Ignore:
Timestamp:
Jul 17, 2019 2:03:37 AM (5 years ago)
Author:
commit-queue@webkit.org
Message:

Add referrerpolicy attribute support for <script> elements
https://bugs.webkit.org/show_bug.cgi?id=185550

Patch by Rob Buis <rbuis@igalia.com> on 2019-07-17
Reviewed by Youenn Fablet.

Source/WebCore:

This patch adds 'referrerpolicy' attribute support for script elements.
If set, the value is restricted to the ReferrerPolicy enum, and
if valid it is used for the script fetch.
If not set or invalid, the current behavior is kept.

Tests: http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http.html

http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https.html
http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin.html
http/tests/referrer-policy-script/no-referrer/cross-origin-http-http.html
http/tests/referrer-policy-script/no-referrer/cross-origin-http.https.html
http/tests/referrer-policy-script/no-referrer/same-origin.html
http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http.html
http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https.html
http/tests/referrer-policy-script/origin-when-cross-origin/same-origin.html
http/tests/referrer-policy-script/origin/cross-origin-http-http.html
http/tests/referrer-policy-script/origin/cross-origin-http.https.html
http/tests/referrer-policy-script/origin/same-origin.html
http/tests/referrer-policy-script/same-origin/cross-origin-http-http.html
http/tests/referrer-policy-script/same-origin/cross-origin-http.https.html
http/tests/referrer-policy-script/same-origin/same-origin.html
http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http.html
http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https.html
http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin.html
http/tests/referrer-policy-script/strict-origin/cross-origin-http-http.html
http/tests/referrer-policy-script/strict-origin/cross-origin-http.https.html
http/tests/referrer-policy-script/strict-origin/same-origin.html
http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http.html
http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https.html
http/tests/referrer-policy-script/unsafe-url/same-origin.html

  • bindings/js/CachedScriptFetcher.cpp:

(WebCore::CachedScriptFetcher::requestScriptWithCache const):

  • bindings/js/CachedScriptFetcher.h:

(WebCore::CachedScriptFetcher::CachedScriptFetcher):

  • dom/InlineClassicScript.h:
  • dom/LoadableClassicScript.cpp:

(WebCore::LoadableClassicScript::create):

  • dom/LoadableClassicScript.h:
  • dom/LoadableModuleScript.cpp:

(WebCore::LoadableModuleScript::create):
(WebCore::LoadableModuleScript::LoadableModuleScript):

  • dom/LoadableModuleScript.h:
  • dom/LoadableScript.h:

(WebCore::LoadableScript::LoadableScript):

  • dom/ScriptElement.cpp:

(WebCore::ScriptElement::requestClassicScript):
(WebCore::ScriptElement::requestModuleScript):

  • dom/ScriptElement.h:
  • dom/ScriptElementCachedScriptFetcher.h:

(WebCore::ScriptElementCachedScriptFetcher::ScriptElementCachedScriptFetcher):

  • html/HTMLIFrameElement.cpp:

(WebCore::HTMLIFrameElement::referrerPolicyForBindings const):

  • html/HTMLScriptElement.cpp:

(WebCore::HTMLScriptElement::setReferrerPolicyForBindings):
(WebCore::HTMLScriptElement::referrerPolicyForBindings const):
(WebCore::HTMLScriptElement::referrerPolicy const):

  • html/HTMLScriptElement.h:
  • html/HTMLScriptElement.idl:
  • html/parser/CSSPreloadScanner.cpp:

(WebCore::CSSPreloadScanner::emitRule):

  • html/parser/HTMLPreloadScanner.cpp:

(WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

  • html/parser/HTMLResourcePreloader.cpp:

(WebCore::PreloadRequest::resourceRequest):

  • html/parser/HTMLResourcePreloader.h:

(WebCore::PreloadRequest::PreloadRequest):

  • platform/ReferrerPolicy.cpp:

(WebCore::referrerPolicyToString):

  • platform/ReferrerPolicy.h:
  • svg/SVGScriptElement.h:

LayoutTests:

Add tests for scripts with various referrerpolicy attribute values.

  • http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin.html: Added.
  • http/tests/referrer-policy-script/no-referrer/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/no-referrer/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/no-referrer/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/no-referrer/same-origin.html: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/origin-when-cross-origin/same-origin.html: Added.
  • http/tests/referrer-policy-script/origin/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/origin/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/origin/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/origin/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/origin/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/origin/same-origin.html: Added.
  • http/tests/referrer-policy-script/same-origin/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/same-origin/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/same-origin/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/same-origin/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/same-origin/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/same-origin/same-origin.html: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin.html: Added.
  • http/tests/referrer-policy-script/strict-origin/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/strict-origin/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/strict-origin/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/strict-origin/same-origin.html: Added.
  • http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http-expected.txt: Added.
  • http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http.html: Added.
  • http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https-expected.txt: Added.
  • http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https.html: Added.
  • http/tests/referrer-policy-script/unsafe-url/same-origin-expected.txt: Added.
  • http/tests/referrer-policy-script/unsafe-url/same-origin.html: Added.
  • http/tests/referrer-policy/resources/script.php: Added.
  • platform/win/TestExpectations:
Location:
trunk
Files:
58 added
25 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r247501 r247509  
     12019-07-17  Rob Buis  <rbuis@igalia.com>
     2
     3        Add referrerpolicy attribute support for <script> elements
     4        https://bugs.webkit.org/show_bug.cgi?id=185550
     5
     6        Reviewed by Youenn Fablet.
     7
     8        Add tests for scripts with various referrerpolicy attribute values.
     9
     10        * http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http-expected.txt: Added.
     11        * http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http.html: Added.
     12        * http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https-expected.txt: Added.
     13        * http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https.html: Added.
     14        * http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin-expected.txt: Added.
     15        * http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin.html: Added.
     16        * http/tests/referrer-policy-script/no-referrer/cross-origin-http-http-expected.txt: Added.
     17        * http/tests/referrer-policy-script/no-referrer/cross-origin-http-http.html: Added.
     18        * http/tests/referrer-policy-script/no-referrer/cross-origin-http.https-expected.txt: Added.
     19        * http/tests/referrer-policy-script/no-referrer/cross-origin-http.https.html: Added.
     20        * http/tests/referrer-policy-script/no-referrer/same-origin-expected.txt: Added.
     21        * http/tests/referrer-policy-script/no-referrer/same-origin.html: Added.
     22        * http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http-expected.txt: Added.
     23        * http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http.html: Added.
     24        * http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https-expected.txt: Added.
     25        * http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https.html: Added.
     26        * http/tests/referrer-policy-script/origin-when-cross-origin/same-origin-expected.txt: Added.
     27        * http/tests/referrer-policy-script/origin-when-cross-origin/same-origin.html: Added.
     28        * http/tests/referrer-policy-script/origin/cross-origin-http-http-expected.txt: Added.
     29        * http/tests/referrer-policy-script/origin/cross-origin-http-http.html: Added.
     30        * http/tests/referrer-policy-script/origin/cross-origin-http.https-expected.txt: Added.
     31        * http/tests/referrer-policy-script/origin/cross-origin-http.https.html: Added.
     32        * http/tests/referrer-policy-script/origin/same-origin-expected.txt: Added.
     33        * http/tests/referrer-policy-script/origin/same-origin.html: Added.
     34        * http/tests/referrer-policy-script/same-origin/cross-origin-http-http-expected.txt: Added.
     35        * http/tests/referrer-policy-script/same-origin/cross-origin-http-http.html: Added.
     36        * http/tests/referrer-policy-script/same-origin/cross-origin-http.https-expected.txt: Added.
     37        * http/tests/referrer-policy-script/same-origin/cross-origin-http.https.html: Added.
     38        * http/tests/referrer-policy-script/same-origin/same-origin-expected.txt: Added.
     39        * http/tests/referrer-policy-script/same-origin/same-origin.html: Added.
     40        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http-expected.txt: Added.
     41        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http.html: Added.
     42        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https-expected.txt: Added.
     43        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https.html: Added.
     44        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin-expected.txt: Added.
     45        * http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin.html: Added.
     46        * http/tests/referrer-policy-script/strict-origin/cross-origin-http-http-expected.txt: Added.
     47        * http/tests/referrer-policy-script/strict-origin/cross-origin-http-http.html: Added.
     48        * http/tests/referrer-policy-script/strict-origin/cross-origin-http.https-expected.txt: Added.
     49        * http/tests/referrer-policy-script/strict-origin/cross-origin-http.https.html: Added.
     50        * http/tests/referrer-policy-script/strict-origin/same-origin-expected.txt: Added.
     51        * http/tests/referrer-policy-script/strict-origin/same-origin.html: Added.
     52        * http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http-expected.txt: Added.
     53        * http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http.html: Added.
     54        * http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https-expected.txt: Added.
     55        * http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https.html: Added.
     56        * http/tests/referrer-policy-script/unsafe-url/same-origin-expected.txt: Added.
     57        * http/tests/referrer-policy-script/unsafe-url/same-origin.html: Added.
     58        * http/tests/referrer-policy/resources/script.php: Added.
     59        * platform/win/TestExpectations:
     60
    1612019-07-16  Myles C. Maxfield  <mmaxfield@apple.com>
    262
  • trunk/LayoutTests/platform/win/TestExpectations

    r247481 r247509  
    43124312webkit.org/b/195461 http/tests/referrer-policy-iframe/unsafe-url/cross-origin-http.https.html [ Failure ]
    43134313
     4314webkit.org/b/195461 http/tests/referrer-policy-script [ Skip ]
     4315
    43144316# webkit.org/b/196463
    43154317[ Win10 ] fast/css/font-family-pictograph.html [ Failure ]
  • trunk/Source/WebCore/ChangeLog

    r247505 r247509  
     12019-07-17  Rob Buis  <rbuis@igalia.com>
     2
     3        Add referrerpolicy attribute support for <script> elements
     4        https://bugs.webkit.org/show_bug.cgi?id=185550
     5
     6        Reviewed by Youenn Fablet.
     7
     8        This patch adds 'referrerpolicy' attribute support for script elements.
     9        If set, the value is restricted to the ReferrerPolicy enum, and
     10        if valid it is used for the script fetch.
     11        If not set or invalid, the current behavior is kept.
     12
     13        Tests: http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http-http.html
     14               http/tests/referrer-policy-script/no-referrer-when-downgrade/cross-origin-http.https.html
     15               http/tests/referrer-policy-script/no-referrer-when-downgrade/same-origin.html
     16               http/tests/referrer-policy-script/no-referrer/cross-origin-http-http.html
     17               http/tests/referrer-policy-script/no-referrer/cross-origin-http.https.html
     18               http/tests/referrer-policy-script/no-referrer/same-origin.html
     19               http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http-http.html
     20               http/tests/referrer-policy-script/origin-when-cross-origin/cross-origin-http.https.html
     21               http/tests/referrer-policy-script/origin-when-cross-origin/same-origin.html
     22               http/tests/referrer-policy-script/origin/cross-origin-http-http.html
     23               http/tests/referrer-policy-script/origin/cross-origin-http.https.html
     24               http/tests/referrer-policy-script/origin/same-origin.html
     25               http/tests/referrer-policy-script/same-origin/cross-origin-http-http.html
     26               http/tests/referrer-policy-script/same-origin/cross-origin-http.https.html
     27               http/tests/referrer-policy-script/same-origin/same-origin.html
     28               http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http-http.html
     29               http/tests/referrer-policy-script/strict-origin-when-cross-origin/cross-origin-http.https.html
     30               http/tests/referrer-policy-script/strict-origin-when-cross-origin/same-origin.html
     31               http/tests/referrer-policy-script/strict-origin/cross-origin-http-http.html
     32               http/tests/referrer-policy-script/strict-origin/cross-origin-http.https.html
     33               http/tests/referrer-policy-script/strict-origin/same-origin.html
     34               http/tests/referrer-policy-script/unsafe-url/cross-origin-http-http.html
     35               http/tests/referrer-policy-script/unsafe-url/cross-origin-http.https.html
     36               http/tests/referrer-policy-script/unsafe-url/same-origin.html
     37
     38        * bindings/js/CachedScriptFetcher.cpp:
     39        (WebCore::CachedScriptFetcher::requestScriptWithCache const):
     40        * bindings/js/CachedScriptFetcher.h:
     41        (WebCore::CachedScriptFetcher::CachedScriptFetcher):
     42        * dom/InlineClassicScript.h:
     43        * dom/LoadableClassicScript.cpp:
     44        (WebCore::LoadableClassicScript::create):
     45        * dom/LoadableClassicScript.h:
     46        * dom/LoadableModuleScript.cpp:
     47        (WebCore::LoadableModuleScript::create):
     48        (WebCore::LoadableModuleScript::LoadableModuleScript):
     49        * dom/LoadableModuleScript.h:
     50        * dom/LoadableScript.h:
     51        (WebCore::LoadableScript::LoadableScript):
     52        * dom/ScriptElement.cpp:
     53        (WebCore::ScriptElement::requestClassicScript):
     54        (WebCore::ScriptElement::requestModuleScript):
     55        * dom/ScriptElement.h:
     56        * dom/ScriptElementCachedScriptFetcher.h:
     57        (WebCore::ScriptElementCachedScriptFetcher::ScriptElementCachedScriptFetcher):
     58        * html/HTMLIFrameElement.cpp:
     59        (WebCore::HTMLIFrameElement::referrerPolicyForBindings const):
     60        * html/HTMLScriptElement.cpp:
     61        (WebCore::HTMLScriptElement::setReferrerPolicyForBindings):
     62        (WebCore::HTMLScriptElement::referrerPolicyForBindings const):
     63        (WebCore::HTMLScriptElement::referrerPolicy const):
     64        * html/HTMLScriptElement.h:
     65        * html/HTMLScriptElement.idl:
     66        * html/parser/CSSPreloadScanner.cpp:
     67        (WebCore::CSSPreloadScanner::emitRule):
     68        * html/parser/HTMLPreloadScanner.cpp:
     69        (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
     70        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
     71        * html/parser/HTMLResourcePreloader.cpp:
     72        (WebCore::PreloadRequest::resourceRequest):
     73        * html/parser/HTMLResourcePreloader.h:
     74        (WebCore::PreloadRequest::PreloadRequest):
     75        * platform/ReferrerPolicy.cpp:
     76        (WebCore::referrerPolicyToString):
     77        * platform/ReferrerPolicy.h:
     78        * svg/SVGScriptElement.h:
     79
    1802019-07-16  Christopher Reid  <chris.reid@sony.com>
    281
  • trunk/Source/WebCore/bindings/js/CachedScriptFetcher.cpp

    r235617 r247509  
    5757    options.sameOriginDataURLFlag = SameOriginDataURLFlag::Set;
    5858    options.integrity = WTFMove(integrity);
     59    options.referrerPolicy = m_referrerPolicy;
    5960
    6061    auto request = createPotentialAccessControlRequest(sourceURL, document, crossOriginMode, WTFMove(options));
  • trunk/Source/WebCore/bindings/js/CachedScriptFetcher.h

    r246490 r247509  
    2727
    2828#include "CachedResourceHandle.h"
     29#include "ReferrerPolicy.h"
    2930#include <JavaScriptCore/ScriptFetcher.h>
    3031#include <wtf/text/WTFString.h>
     
    4243
    4344protected:
    44     CachedScriptFetcher(const String& nonce, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     45    CachedScriptFetcher(const String& nonce, ReferrerPolicy referrerPolicy, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    4546        : m_nonce(nonce)
    4647        , m_charset(charset)
    4748        , m_initiatorName(initiatorName)
    4849        , m_isInUserAgentShadowTree(isInUserAgentShadowTree)
     50        , m_referrerPolicy(referrerPolicy)
    4951    {
    5052    }
     
    6264    AtomString m_initiatorName;
    6365    bool m_isInUserAgentShadowTree { false };
     66    ReferrerPolicy m_referrerPolicy { ReferrerPolicy::EmptyString };
    6467};
    6568
  • trunk/Source/WebCore/dom/InlineClassicScript.h

    r246490 r247509  
    4141private:
    4242    InlineClassicScript(const String& nonce, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    43         : ScriptElementCachedScriptFetcher(nonce, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
     43        : ScriptElementCachedScriptFetcher(nonce, ReferrerPolicy::EmptyString, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
    4444    {
    4545    }
  • trunk/Source/WebCore/dom/LoadableClassicScript.cpp

    r246490 r247509  
    3636namespace WebCore {
    3737
    38 Ref<LoadableClassicScript> LoadableClassicScript::create(const String& nonce, const String& integrityMetadata, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     38Ref<LoadableClassicScript> LoadableClassicScript::create(const String& nonce, const String& integrityMetadata, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    3939{
    40     return adoptRef(*new LoadableClassicScript(nonce, integrityMetadata, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree));
     40    return adoptRef(*new LoadableClassicScript(nonce, integrityMetadata, policy, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree));
    4141}
    4242
  • trunk/Source/WebCore/dom/LoadableClassicScript.h

    r246490 r247509  
    3030#include "CachedScript.h"
    3131#include "LoadableScript.h"
     32#include "ReferrerPolicy.h"
    3233#include <wtf/TypeCasts.h>
    3334
     
    4142    virtual ~LoadableClassicScript();
    4243
    43     static Ref<LoadableClassicScript> create(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
     44    static Ref<LoadableClassicScript> create(const String& nonce, const String& integrity, ReferrerPolicy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
    4445    bool isLoaded() const final;
    4546    Optional<Error> error() const final;
     
    5657
    5758private:
    58     LoadableClassicScript(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    59         : LoadableScript(nonce, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
     59    LoadableClassicScript(const String& nonce, const String& integrity, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     60        : LoadableScript(nonce, policy, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
    6061        , m_integrity(integrity)
    6162    {
  • trunk/Source/WebCore/dom/LoadableModuleScript.cpp

    r246490 r247509  
    3535namespace WebCore {
    3636
    37 Ref<LoadableModuleScript> LoadableModuleScript::create(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     37Ref<LoadableModuleScript> LoadableModuleScript::create(const String& nonce, const String& integrity, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    3838{
    39     return adoptRef(*new LoadableModuleScript(nonce, integrity, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree));
     39    return adoptRef(*new LoadableModuleScript(nonce, integrity, policy, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree));
    4040}
    4141
    42 LoadableModuleScript::LoadableModuleScript(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    43     : LoadableScript(nonce, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
     42LoadableModuleScript::LoadableModuleScript(const String& nonce, const String& integrity, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     43    : LoadableScript(nonce, policy, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
    4444    , m_parameters(ModuleFetchParameters::create(integrity))
    4545{
  • trunk/Source/WebCore/dom/LoadableModuleScript.h

    r246490 r247509  
    3838    virtual ~LoadableModuleScript();
    3939
    40     static Ref<LoadableModuleScript> create(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
     40    static Ref<LoadableModuleScript> create(const String& nonce, const String& integrity, ReferrerPolicy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
    4141
    4242    bool isLoaded() const final;
     
    6161
    6262private:
    63     LoadableModuleScript(const String& nonce, const String& integrity, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
     63    LoadableModuleScript(const String& nonce, const String& integrity, ReferrerPolicy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree);
    6464
    6565    Ref<ModuleFetchParameters> m_parameters;
  • trunk/Source/WebCore/dom/LoadableScript.h

    r246490 r247509  
    6969
    7070protected:
    71     LoadableScript(const String& nonce, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    72         : ScriptElementCachedScriptFetcher(nonce, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
     71    LoadableScript(const String& nonce, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     72        : ScriptElementCachedScriptFetcher(nonce, policy, crossOriginMode, charset, initiatorName, isInUserAgentShadowTree)
    7373    {
    7474    }
  • trunk/Source/WebCore/dom/ScriptElement.cpp

    r240237 r247509  
    285285            m_element.attributeWithoutSynchronization(HTMLNames::nonceAttr),
    286286            m_element.document().settings().subresourceIntegrityEnabled() ? m_element.attributeWithoutSynchronization(HTMLNames::integrityAttr).string() : emptyString(),
     287            referrerPolicy(),
    287288            m_element.attributeWithoutSynchronization(HTMLNames::crossoriginAttr),
    288289            scriptCharset(),
     
    336337            nonce,
    337338            m_element.document().settings().subresourceIntegrityEnabled() ? m_element.attributeWithoutSynchronization(HTMLNames::integrityAttr).string() : emptyString(),
     339            referrerPolicy(),
    338340            crossOriginMode,
    339341            scriptCharset(),
     
    345347    }
    346348
    347     auto script = LoadableModuleScript::create(nonce, emptyString(), crossOriginMode, scriptCharset(), m_element.localName(), m_element.isInUserAgentShadowTree());
     349    auto script = LoadableModuleScript::create(nonce, emptyString(), referrerPolicy(), crossOriginMode, scriptCharset(), m_element.localName(), m_element.isInUserAgentShadowTree());
    348350
    349351    TextPosition position = m_element.document().isInDocumentWrite() ? TextPosition() : scriptStartPosition;
  • trunk/Source/WebCore/dom/ScriptElement.h

    r239427 r247509  
    2424#include "ContainerNode.h"
    2525#include "LoadableScript.h"
     26#include "ReferrerPolicy.h"
    2627#include "UserGestureIndicator.h"
    2728#include <wtf/MonotonicTime.h>
     
    114115    virtual bool hasSourceAttribute() const = 0;
    115116    virtual bool hasNoModuleAttribute() const = 0;
     117    virtual ReferrerPolicy referrerPolicy() const = 0;
    116118
    117119    Element& m_element;
  • trunk/Source/WebCore/dom/ScriptElementCachedScriptFetcher.h

    r246490 r247509  
    4040
    4141protected:
    42     ScriptElementCachedScriptFetcher(const String& nonce, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
    43         : CachedScriptFetcher(nonce, charset, initiatorName, isInUserAgentShadowTree)
     42    ScriptElementCachedScriptFetcher(const String& nonce, ReferrerPolicy policy, const String& crossOriginMode, const String& charset, const AtomString& initiatorName, bool isInUserAgentShadowTree)
     43        : CachedScriptFetcher(nonce, policy, charset, initiatorName, isInUserAgentShadowTree)
    4444        , m_crossOriginMode(crossOriginMode)
    4545    {
  • trunk/Source/WebCore/html/HTMLIFrameElement.cpp

    r246490 r247509  
    120120String HTMLIFrameElement::referrerPolicyForBindings() const
    121121{
    122     switch (referrerPolicy()) {
    123     case ReferrerPolicy::NoReferrer:
    124         return "no-referrer"_s;
    125     case ReferrerPolicy::UnsafeUrl:
    126         return "unsafe-url"_s;
    127     case ReferrerPolicy::Origin:
    128         return "origin"_s;
    129     case ReferrerPolicy::OriginWhenCrossOrigin:
    130         return "origin-when-cross-origin"_s;
    131     case ReferrerPolicy::SameOrigin:
    132         return "same-origin"_s;
    133     case ReferrerPolicy::StrictOrigin:
    134         return "strict-origin"_s;
    135     case ReferrerPolicy::StrictOriginWhenCrossOrigin:
    136         return "strict-origin-when-cross-origin"_s;
    137     case ReferrerPolicy::NoReferrerWhenDowngrade:
    138         return "no-referrer-when-downgrade"_s;
    139     case ReferrerPolicy::EmptyString:
    140         return { };
    141     }
    142     ASSERT_NOT_REACHED();
    143     return { };
     122    return referrerPolicyToString(referrerPolicy());
    144123}
    145124
  • trunk/Source/WebCore/html/HTMLScriptElement.cpp

    r246490 r247509  
    185185}
    186186
    187 }
     187void HTMLScriptElement::setReferrerPolicyForBindings(const AtomString& value)
     188{
     189    setAttributeWithoutSynchronization(referrerpolicyAttr, value);
     190}
     191
     192String HTMLScriptElement::referrerPolicyForBindings() const
     193{
     194    return referrerPolicyToString(referrerPolicy());
     195}
     196
     197ReferrerPolicy HTMLScriptElement::referrerPolicy() const
     198{
     199    if (RuntimeEnabledFeatures::sharedFeatures().referrerPolicyAttributeEnabled())
     200        return parseReferrerPolicy(attributeWithoutSynchronization(referrerpolicyAttr), ReferrerPolicySource::ReferrerPolicyAttribute).valueOr(ReferrerPolicy::EmptyString);
     201    return ReferrerPolicy::EmptyString;
     202}
     203
     204}
  • trunk/Source/WebCore/html/HTMLScriptElement.h

    r246490 r247509  
    4545    WEBCORE_EXPORT String crossOrigin() const;
    4646
     47    void setReferrerPolicyForBindings(const AtomString&);
     48    String referrerPolicyForBindings() const;
     49    ReferrerPolicy referrerPolicy() const final;
     50
    4751    using HTMLElement::ref;
    4852    using HTMLElement::deref;
  • trunk/Source/WebCore/html/HTMLScriptElement.idl

    r238748 r247509  
    3232    [CEReactions=NotNeeded, Reflect] attribute boolean noModule;
    3333    [CEReactions=NotNeeded, Reflect, EnabledBySetting=SubresourceIntegrity] attribute DOMString integrity;
     34    [EnabledAtRuntime=ReferrerPolicyAttribute, ImplementedAs=referrerPolicyForBindings, CEReactions=NotNeeded] attribute DOMString referrerPolicy;
    3435};
  • trunk/Source/WebCore/html/parser/CSSPreloadScanner.cpp

    r233668 r247509  
    202202            URL baseElementURL; // FIXME: This should be passed in from the HTMLPreloadScanner via scan(): without it we will get relative URLs wrong.
    203203            // FIXME: Should this be including the charset in the preload request?
    204             m_requests->append(std::make_unique<PreloadRequest>("css", url, baseElementURL, CachedResource::Type::CSSStyleSheet, String(), PreloadRequest::ModuleScript::No));
     204            m_requests->append(std::make_unique<PreloadRequest>("css", url, baseElementURL, CachedResource::Type::CSSStyleSheet, String(), PreloadRequest::ModuleScript::No, ReferrerPolicy::EmptyString));
    205205        }
    206206        m_state = Initial;
  • trunk/Source/WebCore/html/parser/HTMLPreloadScanner.cpp

    r246490 r247509  
    162162            return nullptr;
    163163
    164         auto request = std::make_unique<PreloadRequest>(initiatorFor(m_tagId), m_urlToLoad, predictedBaseURL, type.value(), m_mediaAttribute, m_moduleScript);
     164        auto request = std::make_unique<PreloadRequest>(initiatorFor(m_tagId), m_urlToLoad, predictedBaseURL, type.value(), m_mediaAttribute, m_moduleScript, m_referrerPolicy);
    165165        request->setCrossOriginMode(m_crossOriginMode);
    166166        request->setNonce(m_nonceAttribute);
     
    237237                m_moduleScript = equalLettersIgnoringASCIICase(attributeValue, "module") ? PreloadRequest::ModuleScript::Yes : PreloadRequest::ModuleScript::No;
    238238                break;
    239             } else if (match(attributeName, nonceAttr))
     239            } else if (match(attributeName, nonceAttr)) {
    240240                m_nonceAttribute = attributeValue;
     241                break;
     242            } else if (match(attributeName, referrerpolicyAttr)) {
     243                m_referrerPolicy = parseReferrerPolicy(attributeValue, ReferrerPolicySource::ReferrerPolicyAttribute).valueOr(ReferrerPolicy::EmptyString);
     244                break;
     245            }
    241246            processImageAndScriptAttribute(attributeName, attributeValue);
    242247            break;
     
    371376    float m_deviceScaleFactor;
    372377    PreloadRequest::ModuleScript m_moduleScript { PreloadRequest::ModuleScript::No };
     378    ReferrerPolicy m_referrerPolicy { ReferrerPolicy::EmptyString };
    373379};
    374380
  • trunk/Source/WebCore/html/parser/HTMLResourcePreloader.cpp

    r235617 r247509  
    6060            crossOriginMode = "omit"_s;
    6161    }
     62    if (m_resourceType == CachedResource::Type::Script)
     63        options.referrerPolicy = m_referrerPolicy;
    6264    auto request = createPotentialAccessControlRequest(completeURL(document), document, crossOriginMode, WTFMove(options));
    6365    request.setInitiator(m_initiator);
  • trunk/Source/WebCore/html/parser/HTMLResourcePreloader.h

    r232613 r247509  
    3838        No,
    3939    };
    40     PreloadRequest(const String& initiator, const String& resourceURL, const URL& baseURL, CachedResource::Type resourceType, const String& mediaAttribute, ModuleScript moduleScript)
     40    PreloadRequest(const String& initiator, const String& resourceURL, const URL& baseURL, CachedResource::Type resourceType, const String& mediaAttribute, ModuleScript moduleScript, const ReferrerPolicy& referrerPolicy)
    4141        : m_initiator(initiator)
    4242        , m_resourceURL(resourceURL)
     
    4545        , m_mediaAttribute(mediaAttribute)
    4646        , m_moduleScript(moduleScript)
     47        , m_referrerPolicy(referrerPolicy)
    4748    {
    4849    }
     
    6970    String m_nonceAttribute;
    7071    ModuleScript m_moduleScript;
     72    ReferrerPolicy m_referrerPolicy;
    7173};
    7274
  • trunk/Source/WebCore/platform/ReferrerPolicy.cpp

    r242776 r247509  
    9090}
    9191
     92String referrerPolicyToString(const ReferrerPolicy& referrerPolicy)
     93{
     94    switch (referrerPolicy) {
     95    case ReferrerPolicy::NoReferrer:
     96        return "no-referrer"_s;
     97    case ReferrerPolicy::UnsafeUrl:
     98        return "unsafe-url"_s;
     99    case ReferrerPolicy::Origin:
     100        return "origin"_s;
     101    case ReferrerPolicy::OriginWhenCrossOrigin:
     102        return "origin-when-cross-origin"_s;
     103    case ReferrerPolicy::SameOrigin:
     104        return "same-origin"_s;
     105    case ReferrerPolicy::StrictOrigin:
     106        return "strict-origin"_s;
     107    case ReferrerPolicy::StrictOriginWhenCrossOrigin:
     108        return "strict-origin-when-cross-origin"_s;
     109    case ReferrerPolicy::NoReferrerWhenDowngrade:
     110        return "no-referrer-when-downgrade"_s;
     111    case ReferrerPolicy::EmptyString:
     112        return { };
     113    }
     114    ASSERT_NOT_REACHED();
     115    return { };
     116}
     117
    92118} // namespace WebCore
  • trunk/Source/WebCore/platform/ReferrerPolicy.h

    r242776 r247509  
    5151enum class ReferrerPolicySource : uint8_t { MetaTag, HTTPHeader, ReferrerPolicyAttribute };
    5252Optional<ReferrerPolicy> parseReferrerPolicy(StringView, ReferrerPolicySource);
     53String referrerPolicyToString(const ReferrerPolicy&);
    5354
    5455}
  • trunk/Source/WebCore/svg/SVGScriptElement.h

    r246490 r247509  
    6666    bool hasDeferAttribute() const final { return false; }
    6767    bool hasNoModuleAttribute() const final { return false; }
     68    ReferrerPolicy referrerPolicy() const final { return ReferrerPolicy::EmptyString; }
    6869    bool hasSourceAttribute() const final { return hasAttribute(SVGNames::hrefAttr) || hasAttribute(XLinkNames::hrefAttr); }
    6970
Note: See TracChangeset for help on using the changeset viewer.