Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 20:05:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1329065 - Check the correct policy when setting referrer header. r=mcmanus

Browse Source 
MozReview-Commit-ID: JG5DVBqGczS
This commit is contained in:
Thomas Nguyen 2017-01-06 11:26:24 +08:00
parent f1745c546c
commit 40bcddbe8a
2 changed files with 53 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
netwerk/protocol/http/HttpBaseChannel.cpp
View File

@ -1321,15 +1321,16 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
{ {
ENSURE_CALLED_BEFORE_CONNECT(); ENSURE_CALLED_BEFORE_CONNECT();
mReferrerPolicy = referrerPolicy;
// clear existing referrer, if any // clear existing referrer, if any
mReferrer = nullptr; mReferrer = nullptr;
nsresult rv = mRequestHead.ClearHeader(nsHttp::Referer); nsresult rv = mRequestHead.ClearHeader(nsHttp::Referer);
if(NS_FAILED(rv)) { if(NS_FAILED(rv)) {
return rv; return rv;
} }
mReferrerPolicy = referrerPolicy;
if (referrerPolicy == REFERRER_POLICY_UNSET) { if (mReferrerPolicy == REFERRER_POLICY_UNSET) {
mReferrerPolicy = NS_GetDefaultReferrerPolicy(); mReferrerPolicy = NS_GetDefaultReferrerPolicy();
} }
@ -1338,7 +1339,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
} }
// Don't send referrer at all when the meta referrer setting is "no-referrer" // Don't send referrer at all when the meta referrer setting is "no-referrer"
if (referrerPolicy == REFERRER_POLICY_NO_REFERRER) { if (mReferrerPolicy == REFERRER_POLICY_NO_REFERRER) {
return NS_OK; return NS_OK;
} }
@ -1444,9 +1445,9 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
// It's ok to send referrer for https-to-http scenarios if the referrer // It's ok to send referrer for https-to-http scenarios if the referrer
// policy is "unsafe-url", "origin", or "origin-when-cross-origin". // policy is "unsafe-url", "origin", or "origin-when-cross-origin".
if (referrerPolicy != REFERRER_POLICY_UNSAFE_URL && if (mReferrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
referrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN && mReferrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
referrerPolicy != REFERRER_POLICY_ORIGIN) { mReferrerPolicy != REFERRER_POLICY_ORIGIN) {
// in other referrer policies, https->http is not allowed... // in other referrer policies, https->http is not allowed...
if (!match) return NS_OK; if (!match) return NS_OK;
@ -1479,8 +1480,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
} }
// Don't send referrer when the request is cross-origin and policy is "same-origin". // Don't send referrer when the request is cross-origin and policy is "same-origin".
if (isCrossOrigin && referrerPolicy == REFERRER_POLICY_SAME_ORIGIN) { if (isCrossOrigin && mReferrerPolicy == REFERRER_POLICY_SAME_ORIGIN) {
mReferrerPolicy = REFERRER_POLICY_SAME_ORIGIN;
return NS_OK; return NS_OK;
} }
@ -1560,10 +1560,10 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
// "Strict" request from https->http case was bailed out, so here: // "Strict" request from https->http case was bailed out, so here:
// "strict-origin" behaves the same as "origin". // "strict-origin" behaves the same as "origin".
// "strict-origin-when-cross-origin" behaves the same as "origin-when-cross-origin" // "strict-origin-when-cross-origin" behaves the same as "origin-when-cross-origin"
if (referrerPolicy == REFERRER_POLICY_ORIGIN || if (mReferrerPolicy == REFERRER_POLICY_ORIGIN ||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN || mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN ||
(isCrossOrigin && (referrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN || (isCrossOrigin && (mReferrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN ||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) { mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) {
// We can override the user trimming preference because "origin" // We can override the user trimming preference because "origin"
// (network.http.referer.trimmingPolicy = 2) is the strictest // (network.http.referer.trimmingPolicy = 2) is the strictest
// trimming policy that users can specify. // trimming policy that users can specify.

41
netwerk/test/unit/test_referrer_policy.js
View File

@ -3,6 +3,15 @@ Cu.import("resource://gre/modules/NetUtil.jsm");
function test_policy(test) { function test_policy(test) {
do_print("Running test: " + test.toSource()); do_print("Running test: " + test.toSource());
var prefs = Cc["@mozilla.org/preferences-service;1"]
.getService(Components.interfaces.nsIPrefBranch);
if (test.defaultReferrerPolicyPref !== undefined) {
prefs.setIntPref("network.http.referer.userControlPolicy",
test.defaultReferrerPolicyPref);
} else {
prefs.setIntPref("network.http.referer.userControlPolicy", 3);
}
var uri = NetUtil.newURI(test.url, "", null) var uri = NetUtil.newURI(test.url, "", null)
var chan = NetUtil.newChannel({ var chan = NetUtil.newChannel({
uri: uri, uri: uri,
@ -27,21 +36,53 @@ function test_policy(test) {
} }
const nsIHttpChannel = Ci.nsIHttpChannel; const nsIHttpChannel = Ci.nsIHttpChannel;
// Assuming cross origin because we have no triggering principal available
var gTests = [ var gTests = [
{ {
policy: nsIHttpChannel.REFERRER_POLICY_UNSET, policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 0,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 1,
url: "http://test.example/foo",
referrer: "http://test1.example/referrer",
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 2,
url: "https://sub1.\xe4lt.example/foo",
referrer: "https://sub1.\xe4lt.example/referrer",
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 2,
url: "https://test.example/foo",
referrer: "https://test1.example/referrer",
expectedReferrerSpec: "https://test1.example/"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "https://test.example/foo", url: "https://test.example/foo",
referrer: "https://test.example/referrer", referrer: "https://test.example/referrer",
expectedReferrerSpec: "https://test.example/referrer" expectedReferrerSpec: "https://test.example/referrer"
}, },
{ {
policy: nsIHttpChannel.REFERRER_POLICY_UNSET, policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "https://sub1.\xe4lt.example/foo", url: "https://sub1.\xe4lt.example/foo",
referrer: "https://sub1.\xe4lt.example/referrer", referrer: "https://sub1.\xe4lt.example/referrer",
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/referrer" expectedReferrerSpec: "https://sub1.xn--lt-uia.example/referrer"
}, },
{ {
policy: nsIHttpChannel.REFERRER_POLICY_UNSET, policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "http://test.example/foo", url: "http://test.example/foo",
referrer: "https://test.example/referrer", referrer: "https://test.example/referrer",
expectedReferrerSpec: undefined expectedReferrerSpec: undefined