mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-18 07:45:30 +00:00
Bug 1632204 - Backed out Bug 1341689 for Confluence compat issue, r=valentin
Differential Revision: https://phabricator.services.mozilla.com/D72202
This commit is contained in:
parent
142e06a293
commit
78955d748f
@ -412,13 +412,11 @@ bool ReferrerInfo::ShouldSetNullOriginHeader(net::HttpBaseChannel* aChannel,
|
||||
}
|
||||
}
|
||||
|
||||
// When deal with CORS (mode is "cors") and go through a cross-origin URL,
|
||||
// response tainting is "cors" and we shouldn't take the Referrer-Policy into
|
||||
// account
|
||||
// When we're dealing with CORS (mode is "cors"), we shouldn't take the
|
||||
// Referrer-Policy into account
|
||||
uint32_t corsMode = CORS_NONE;
|
||||
NS_ENSURE_SUCCESS(aChannel->GetCorsMode(&corsMode), false);
|
||||
bool isCrossOriginRequest = ReferrerInfo::IsCrossOriginRequest(aChannel);
|
||||
if (corsMode == CORS_USE_CREDENTIALS && isCrossOriginRequest) {
|
||||
if (corsMode == CORS_USE_CREDENTIALS) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -444,7 +442,7 @@ bool ReferrerInfo::ShouldSetNullOriginHeader(net::HttpBaseChannel* aChannel,
|
||||
}
|
||||
|
||||
if (policy == ReferrerPolicy::Same_origin) {
|
||||
return isCrossOriginRequest;
|
||||
return ReferrerInfo::IsCrossOriginRequest(aChannel);
|
||||
}
|
||||
|
||||
return false;
|
||||
|
@ -4,3 +4,7 @@
|
||||
|
||||
[Origin header and POST navigation]
|
||||
expected: FAIL
|
||||
|
||||
[Origin header and POST same-origin fetch cors mode with Referrer-Policy no-referrer]
|
||||
expected: FAIL
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user