Title: [164866] trunk
- Revision
- 164866
- Author
- joc...@chromium.org
- Date
- 2014-02-28 10:09:24 -0800 (Fri, 28 Feb 2014)
Log Message
Update meta-referrer behavior for invalid policies
https://bugs.webkit.org/show_bug.cgi?id=129475
Source/WebCore:
This patch aligns the behavior with the CSP 1.1 referrer directive,
where the fallback for an invalid value is the "never" policy.
Original patch from Mike West: https://src.chromium.org/viewvc/blink?view=rev&revision=165627
Reviewed by Alexey Proskuryakov.
Test: http/tests/security/referrer-policy-invalid.html
* dom/Document.cpp:
(WebCore::Document::processReferrerPolicy):
LayoutTests:
Reviewed by Alexey Proskuryakov.
* http/tests/security/referrer-policy-invalid-expected.txt: Added.
* http/tests/security/referrer-policy-invalid.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (164865 => 164866)
--- trunk/LayoutTests/ChangeLog 2014-02-28 17:53:30 UTC (rev 164865)
+++ trunk/LayoutTests/ChangeLog 2014-02-28 18:09:24 UTC (rev 164866)
@@ -1,3 +1,13 @@
+2014-02-28 Jochen Eisinger <joc...@chromium.org>
+
+ Update meta-referrer behavior for invalid policies
+ https://bugs.webkit.org/show_bug.cgi?id=129475
+
+ Reviewed by Alexey Proskuryakov.
+
+ * http/tests/security/referrer-policy-invalid-expected.txt: Added.
+ * http/tests/security/referrer-policy-invalid.html: Added.
+
2014-02-28 Daniel Bates <daba...@apple.com>
SubresourceLoader::didFinishLoading() should not assert when a decode error occurs
Added: trunk/LayoutTests/http/tests/security/referrer-policy-invalid-expected.txt (0 => 164866)
--- trunk/LayoutTests/http/tests/security/referrer-policy-invalid-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/referrer-policy-invalid-expected.txt 2014-02-28 18:09:24 UTC (rev 164866)
@@ -0,0 +1,11 @@
+CONSOLE MESSAGE: Failed to set referrer policy: The value 'invalid' is not one of 'always', 'default', 'never', or 'origin'. Defaulting to 'never'.
+This test checks an invalid referrer policy when navigating from an insecure URL to another insecure URL. The test passes if the printed referrer is empty.
+
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+HTTP Referer header is empty
+Referrer is empty
+
Added: trunk/LayoutTests/http/tests/security/referrer-policy-invalid.html (0 => 164866)
--- trunk/LayoutTests/http/tests/security/referrer-policy-invalid.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/referrer-policy-invalid.html 2014-02-28 18:09:24 UTC (rev 164866)
@@ -0,0 +1,18 @@
+<html>
+<head>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+ testRunner.waitUntilDone();
+}
+</script>
+</head>
+<body>
+<p>
+This test checks an invalid referrer policy when navigating from an insecure
+URL to another insecure URL. The test passes if the printed referrer is empty.
+</p>
+<iframe src=""
+</body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (164865 => 164866)
--- trunk/Source/WebCore/ChangeLog 2014-02-28 17:53:30 UTC (rev 164865)
+++ trunk/Source/WebCore/ChangeLog 2014-02-28 18:09:24 UTC (rev 164866)
@@ -1,3 +1,20 @@
+2014-02-28 Jochen Eisinger <joc...@chromium.org>
+
+ Update meta-referrer behavior for invalid policies
+ https://bugs.webkit.org/show_bug.cgi?id=129475
+
+ This patch aligns the behavior with the CSP 1.1 referrer directive,
+ where the fallback for an invalid value is the "never" policy.
+
+ Original patch from Mike West: https://src.chromium.org/viewvc/blink?view=rev&revision=165627
+
+ Reviewed by Alexey Proskuryakov.
+
+ Test: http/tests/security/referrer-policy-invalid.html
+
+ * dom/Document.cpp:
+ (WebCore::Document::processReferrerPolicy):
+
2014-02-28 Daniel Bates <daba...@apple.com>
SubresourceLoader::didFinishLoading() should not assert when a decode error occurs
Modified: trunk/Source/WebCore/dom/Document.cpp (164865 => 164866)
--- trunk/Source/WebCore/dom/Document.cpp 2014-02-28 17:53:30 UTC (rev 164865)
+++ trunk/Source/WebCore/dom/Document.cpp 2014-02-28 18:09:24 UTC (rev 164866)
@@ -2982,14 +2982,18 @@
{
ASSERT(!policy.isNull());
- m_referrerPolicy = ReferrerPolicyDefault;
-
if (equalIgnoringCase(policy, "never"))
m_referrerPolicy = ReferrerPolicyNever;
else if (equalIgnoringCase(policy, "always"))
m_referrerPolicy = ReferrerPolicyAlways;
else if (equalIgnoringCase(policy, "origin"))
m_referrerPolicy = ReferrerPolicyOrigin;
+ else if (equalIgnoringCase(policy, "default"))
+ m_referrerPolicy = ReferrerPolicyDefault;
+ else {
+ addConsoleMessage(MessageSource::Rendering, MessageLevel::Error, "Failed to set referrer policy: The value '" + policy + "' is not one of 'always', 'default', 'never', or 'origin'. Defaulting to 'never'.");
+ m_referrerPolicy = ReferrerPolicyNever;
+ }
}
MouseEventWithHitTestResults Document::prepareMouseEvent(const HitTestRequest& request, const LayoutPoint& documentPoint, const PlatformMouseEvent& event)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
