mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1329065 - Check the correct policy when setting referrer header. r=mcmanus 

MozReview-Commit-ID: JG5DVBqGczS
This commit is contained in:
Thomas Nguyen 2017-01-06 11:26:24 +08:00
Родитель f1745c546c
Коммит 40bcddbe8a
2 изменённых файлов: 53 добавлений и 12 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

24
netwerk/protocol/http/HttpBaseChannel.cpp
Просмотреть файл

@ -1321,15 +1321,16 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
{
ENSURE_CALLED_BEFORE_CONNECT();
mReferrerPolicy = referrerPolicy;
// clear existing referrer, if any
mReferrer = nullptr;
nsresult rv = mRequestHead.ClearHeader(nsHttp::Referer);
if(NS_FAILED(rv)) {
return rv;
}
mReferrerPolicy = referrerPolicy;
if (referrerPolicy == REFERRER_POLICY_UNSET) {
if (mReferrerPolicy == REFERRER_POLICY_UNSET) {
mReferrerPolicy = NS_GetDefaultReferrerPolicy();
}
@ -1338,7 +1339,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
}
// Don't send referrer at all when the meta referrer setting is "no-referrer"
if (referrerPolicy == REFERRER_POLICY_NO_REFERRER) {
if (mReferrerPolicy == REFERRER_POLICY_NO_REFERRER) {
return NS_OK;
}
@ -1444,9 +1445,9 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
// It's ok to send referrer for https-to-http scenarios if the referrer
// policy is "unsafe-url", "origin", or "origin-when-cross-origin".
if (referrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
referrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
referrerPolicy != REFERRER_POLICY_ORIGIN) {
if (mReferrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
mReferrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
mReferrerPolicy != REFERRER_POLICY_ORIGIN) {
// in other referrer policies, https->http is not allowed...
if (!match) return NS_OK;
@ -1479,8 +1480,7 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
}
// Don't send referrer when the request is cross-origin and policy is "same-origin".
if (isCrossOrigin && referrerPolicy == REFERRER_POLICY_SAME_ORIGIN) {
mReferrerPolicy = REFERRER_POLICY_SAME_ORIGIN;
if (isCrossOrigin && mReferrerPolicy == REFERRER_POLICY_SAME_ORIGIN) {
return NS_OK;
}
@ -1560,10 +1560,10 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
// "Strict" request from https->http case was bailed out, so here:
// "strict-origin" behaves the same as "origin".
// "strict-origin-when-cross-origin" behaves the same as "origin-when-cross-origin"
if (referrerPolicy == REFERRER_POLICY_ORIGIN ||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN ||
(isCrossOrigin && (referrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN ||
referrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) {
if (mReferrerPolicy == REFERRER_POLICY_ORIGIN ||
mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN ||
(isCrossOrigin && (mReferrerPolicy == REFERRER_POLICY_ORIGIN_WHEN_XORIGIN ||
mReferrerPolicy == REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN))) {
// We can override the user trimming preference because "origin"
// (network.http.referer.trimmingPolicy = 2) is the strictest
// trimming policy that users can specify.

41
netwerk/test/unit/test_referrer_policy.js
Просмотреть файл

@ -3,6 +3,15 @@ Cu.import("resource://gre/modules/NetUtil.jsm");
function test_policy(test) {
do_print("Running test: " + test.toSource());
var prefs = Cc["@mozilla.org/preferences-service;1"]
.getService(Components.interfaces.nsIPrefBranch);
if (test.defaultReferrerPolicyPref !== undefined) {
prefs.setIntPref("network.http.referer.userControlPolicy",
test.defaultReferrerPolicyPref);
} else {
prefs.setIntPref("network.http.referer.userControlPolicy", 3);
}
var uri = NetUtil.newURI(test.url, "", null)
var chan = NetUtil.newChannel({
uri: uri,
@ -27,21 +36,53 @@ function test_policy(test) {
}
const nsIHttpChannel = Ci.nsIHttpChannel;
// Assuming cross origin because we have no triggering principal available
var gTests = [
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 0,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 1,
url: "http://test.example/foo",
referrer: "http://test1.example/referrer",
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 2,
url: "https://sub1.\xe4lt.example/foo",
referrer: "https://sub1.\xe4lt.example/referrer",
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 2,
url: "https://test.example/foo",
referrer: "https://test1.example/referrer",
expectedReferrerSpec: "https://test1.example/"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedReferrerSpec: "https://test.example/referrer"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "https://sub1.\xe4lt.example/foo",
referrer: "https://sub1.\xe4lt.example/referrer",
expectedReferrerSpec: "https://sub1.xn--lt-uia.example/referrer"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSET,
defaultReferrerPolicyPref: 3,
url: "http://test.example/foo",
referrer: "https://test.example/referrer",
expectedReferrerSpec: undefined