mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1251873 - Store the trimmed referrer URL on HTTP channel if a trimming referrer policy is in effect; r=mcmanus 

Failure to do this will result in the consumers of
nsIHttpChannel::GetReferrer() observing the wrong referrer.  The test in this
patch shows the scenarios which would fail under such conditions.
This commit is contained in:
Ehsan Akhgari 2016-02-29 14:50:20 -05:00 коммит произвёл Ehsan Akhgari
Родитель b14c9d9cba
Коммит baf9a67550
15 изменённых файлов: 84 добавлений и 60 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

6
netwerk/protocol/http/HttpBaseChannel.cpp
Просмотреть файл

@ -1505,6 +1505,12 @@ HttpBaseChannel::SetReferrerWithPolicy(nsIURI *referrer,
break;
}
// If any user trimming policy is in effect, use the trimmed URI.
if (userReferrerTrimmingPolicy) {
rv = NS_NewURI(getter_AddRefs(clone), spec);
if (NS_FAILED(rv)) return rv;
}
// finally, remember the referrer URI and set the Referer header.
rv = SetRequestHeader(NS_LITERAL_CSTRING("Referer"), spec, false);
if (NS_FAILED(rv)) return rv;

77
netwerk/test/unit/test_referrer_policy.js Normal file
Просмотреть файл

@ -0,0 +1,77 @@
Cu.import("resource://gre/modules/NetUtil.jsm");
function test_policy(test) {
do_print("Running test: " + test.toSource());
var uri = NetUtil.newURI(test.url, "", null)
var chan = NetUtil.newChannel({
uri: uri,
loadUsingSystemPrincipal: true
});
var referrer = NetUtil.newURI(test.referrer, "", null);
chan.QueryInterface(Components.interfaces.nsIHttpChannel);
chan.setReferrerWithPolicy(referrer, test.policy);
if (test.expectedHeader === undefined) {
try {
chan.getRequestHeader("Referer");
do_throw("Should not find a Referer header!");
} catch(e) {
}
do_check_eq(chan.referrer, null);
} else {
var header = chan.getRequestHeader("Referer");
do_check_eq(header, test.expectedHeader);
do_check_eq(chan.referrer.spec, test.expectedReferrerSpec);
}
}
const nsIHttpChannel = Ci.nsIHttpChannel;
var gTests = [
{
policy: nsIHttpChannel.REFERRER_POLICY_DEFAULT,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: "https://test.example/referrer",
expectedReferrerSpec: "https://test.example/referrer"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_DEFAULT,
url: "http://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: undefined,
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_NO_REFERRER,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: undefined,
expectedReferrerSpec: undefined
},
{
policy: nsIHttpChannel.REFERRER_POLICY_ORIGIN,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: "https://test.example",
expectedReferrerSpec: "https://test.example/"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSAFE_URL,
url: "https://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: "https://test.example/referrer",
expectedReferrerSpec: "https://test.example/referrer"
},
{
policy: nsIHttpChannel.REFERRER_POLICY_UNSAFE_URL,
url: "http://test.example/foo",
referrer: "https://test.example/referrer",
expectedHeader: "https://test.example/referrer",
expectedReferrerSpec: "https://test.example/referrer"
},
];
function run_test() {
gTests.forEach(test => test_policy(test));
}

1
netwerk/test/unit/xpcshell.ini
Просмотреть файл

@ -315,6 +315,7 @@ skip-if = os == "android"
[test_about_networking.js]
[test_ping_aboutnetworking.js]
[test_referrer.js]
[test_referrer_policy.js]
[test_predictor.js]
# Android version detection w/in gecko does not work right on infra, so we just
# disable this test on all android versions, even though it's enabled on 2.3+ in

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/http-csp/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via fetch-request using the http-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/http-csp/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via iframe-tag using the http-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/http-csp/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via script-tag using the http-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/http-csp/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via xhr-request using the http-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-csp/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via fetch-request using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-csp/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via iframe-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-csp/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via script-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-csp/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via xhr-request using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via fetch-request using the meta-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via iframe-tag using the meta-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via script-tag using the meta-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL

5
testing/web-platform/meta/referrer-policy/origin-when-cross-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html.ini
Просмотреть файл

@ -1,5 +0,0 @@
[cross-origin.swap-origin-redirect.http.html]
type: testharness
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via xhr-request using the meta-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
expected: FAIL