mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-10 20:05:49 +00:00
Bug 1329065 - Check the correct policy when setting referrer header. r=mcmanus
MozReview-Commit-ID: JG5DVBqGczS
This commit is contained in:
parent
f1745c546c
commit
40bcddbe8a
@ -1321,15 +1321,16 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
|
|||||||
{
|
{
|
||||||
ENSURE_CALLED_BEFORE_CONNECT();
|
ENSURE_CALLED_BEFORE_CONNECT();
|
||||||
|
|
||||||
|
mReferrerPolicy = referrerPolicy;
|
||||||
|
|
||||||
// clear existing referrer, if any
|
// clear existing referrer, if any
|
||||||
mReferrer = nullptr;
|
mReferrer = nullptr;
|
||||||
nsresult rv = mRequestHead.ClearHeader(nsHttp::Referer);
|
nsresult rv = mRequestHead.ClearHeader(nsHttp::Referer);
|
||||||
if(NS_FAILED(rv)) {
|
if(NS_FAILED(rv)) {
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
mReferrerPolicy = referrerPolicy;
|
|
||||||
|
|
||||||
if (referrerPolicy == REFERRER_POLICY_UNSET) {
|
if (mReferrerPolicy == REFERRER_POLICY_UNSET) {
|
||||||
mReferrerPolicy = NS_GetDefaultReferrerPolicy();
|
mReferrerPolicy = NS_GetDefaultReferrerPolicy();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1338,7 +1339,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Don't send referrer at all when the meta referrer setting is "no-referrer"
|
// Don't send referrer at all when the meta referrer setting is "no-referrer"
|
||||||
if (referrerPolicy == REFERRER_POLICY_NO_REFERRER) {
|
if (mReferrerPolicy == REFERRER_POLICY_NO_REFERRER) {
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1444,9 +1445,9 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
|
|||||||
|
|
||||||
// It's ok to send referrer for https-to-http scenarios if the referrer
|
// It's ok to send referrer for https-to-http scenarios if the referrer
|
||||||
// policy is "unsafe-url", "origin", or "origin-when-cross-origin".
|
// policy is "unsafe-url", "origin", or "origin-when-cross-origin".
|
||||||
if (referrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
|
if (mReferrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
|
||||||
referrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
|
mReferrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
|
||||||
referrerPolicy != REFERRER_POLICY_ORIGIN) {
|
mReferrerPolicy != REFERRER_POLICY_ORIGIN) {
|
||||||
|
|
||||||
// in other referrer policies, https->http is not allowed...
|
// in other referrer policies, https->http is not allowed...
|
||||||
if (!match) return NS_OK;
|
if (!match) return NS_OK;
|
||||||
@ -1479,8 +1480,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Don't send referrer when the request is cross-origin and policy is "same-origin".
|
// Don't send referrer when the request is cross-origin and policy is "same-origin".
|
||||||
if (isCrossOrigin && referrerPolicy == REFERRER_POLICY_SAME_ORIGIN) {
|
if (isCrossOrigin && mReferrerPolicy == REFERRER_POLICY_SAME_ORIGIN) {
|
||||||
mReferrerPolicy = REFERRER_POLICY_SAME_ORIGIN;
|
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1560,10 +1560,10 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
|
|||||||
// "Strict" request from https->http case was bailed out, so here:
|
// "Strict" request from https->http case was bailed out, so here:
|
||||||
// "strict-origin" behaves the same as "origin".
|
// "strict-origin" behaves the same as "origin".
|
||||||
// "strict-origin-when-cross-origin" behaves the same as "origin-when-cross-origin"
|
// "strict-origin-when-cross-origin" behaves the same as "origin-when-cross-origin"
|
||||||
if (referrerPolicy == REFERRER_POLICY_ORIGIN ||
|
if (mReferrerPolicy == REFERRER_POLICY_ORIGIN ||
|
||||||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN ||
|
mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN ||
|
||||||
(isCrossOrigin && (referrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN ||
|
(isCrossOrigin && (mReferrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN ||
|
||||||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) {
|
mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) {
|
||||||
// We can override the user trimming preference because "origin"
|
// We can override the user trimming preference because "origin"
|
||||||
// (network.http.referer.trimmingPolicy = 2) is the strictest
|
// (network.http.referer.trimmingPolicy = 2) is the strictest
|
||||||
// trimming policy that users can specify.
|
// trimming policy that users can specify.
|
||||||
|
@ -3,6 +3,15 @@ Cu.import("resource://gre/modules/NetUtil.jsm");
|
|||||||
function test_policy(test) {
|
function test_policy(test) {
|
||||||
do_print("Running test: " + test.toSource());
|
do_print("Running test: " + test.toSource());
|
||||||
|
|
||||||
|
var prefs = Cc["@mozilla.org/preferences-service;1"]
|
||||||
|
.getService(Components.interfaces.nsIPrefBranch);
|
||||||
|
if (test.defaultReferrerPolicyPref !== undefined) {
|
||||||
|
prefs.setIntPref("network.http.referer.userControlPolicy",
|
||||||
|
test.defaultReferrerPolicyPref);
|
||||||
|
} else {
|
||||||
|
prefs.setIntPref("network.http.referer.userControlPolicy", 3);
|
||||||
|
}
|
||||||
|
|
||||||
var uri = NetUtil.newURI(test.url, "", null)
|
var uri = NetUtil.newURI(test.url, "", null)
|
||||||
var chan = NetUtil.newChannel({
|
var chan = NetUtil.newChannel({
|
||||||
uri: uri,
|
uri: uri,
|
||||||
@ -27,21 +36,53 @@ function test_policy(test) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
const nsIHttpChannel = Ci.nsIHttpChannel;
|
const nsIHttpChannel = Ci.nsIHttpChannel;
|
||||||
|
// Assuming cross origin because we have no triggering principal available
|
||||||
var gTests = [
|
var gTests = [
|
||||||
{
|
{
|
||||||
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 0,
|
||||||
|
url: "https://test.example/foo",
|
||||||
|
referrer: "https://test.example/referrer",
|
||||||
|
expectedReferrerSpec: undefined
|
||||||
|
},
|
||||||
|
{
|
||||||
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 1,
|
||||||
|
url: "http://test.example/foo",
|
||||||
|
referrer: "http://test1.example/referrer",
|
||||||
|
expectedReferrerSpec: undefined
|
||||||
|
},
|
||||||
|
{
|
||||||
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 2,
|
||||||
|
url: "https://sub1.\xe4lt.example/foo",
|
||||||
|
referrer: "https://sub1.\xe4lt.example/referrer",
|
||||||
|
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 2,
|
||||||
|
url: "https://test.example/foo",
|
||||||
|
referrer: "https://test1.example/referrer",
|
||||||
|
expectedReferrerSpec: "https://test1.example/"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 3,
|
||||||
url: "https://test.example/foo",
|
url: "https://test.example/foo",
|
||||||
referrer: "https://test.example/referrer",
|
referrer: "https://test.example/referrer",
|
||||||
expectedReferrerSpec: "https://test.example/referrer"
|
expectedReferrerSpec: "https://test.example/referrer"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 3,
|
||||||
url: "https://sub1.\xe4lt.example/foo",
|
url: "https://sub1.\xe4lt.example/foo",
|
||||||
referrer: "https://sub1.\xe4lt.example/referrer",
|
referrer: "https://sub1.\xe4lt.example/referrer",
|
||||||
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/referrer"
|
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/referrer"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
|
||||||
|
defaultReferrerPolicyPref: 3,
|
||||||
url: "http://test.example/foo",
|
url: "http://test.example/foo",
|
||||||
referrer: "https://test.example/referrer",
|
referrer: "https://test.example/referrer",
|
||||||
expectedReferrerSpec: undefined
|
expectedReferrerSpec: undefined
|
||||||
|
Loading…
Reference in New Issue
Block a user