Add referrer policy pass-through and referrer header logic

add pass-through from doc to http-loader for referrer_policy, ref_URL add logic for setting referer header add script pass-through for referrer add unit tests for setting referer header
2025-08-06 14:10:11 +01:00 · 2016-04-05 13:08:45 -04:00 · 2016-04-05 13:08:45 -04:00 · 526525b835
commit 526525b835
parent 78041737de
19 changed files with 369 additions and 68 deletions
--- a/components/script/dom/bindings/trace.rs
+++ b/components/script/dom/bindings/trace.rs
@ -56,7 +56,7 @@ use js::rust::Runtime;
 use layout_interface::{LayoutChan, LayoutRPC};
 use libc;
 use msg::constellation_msg::ConstellationChan;
-use msg::constellation_msg::{PipelineId, SubpageId, WindowSizeData, WindowSizeType};
+use msg::constellation_msg::{PipelineId, SubpageId, WindowSizeData, WindowSizeType, ReferrerPolicy};
 use net_traits::image::base::{Image, ImageMetadata};
 use net_traits::image_cache_thread::{ImageCacheChan, ImageCacheThread};
 use net_traits::response::HttpsState;
@ -325,6 +325,7 @@ no_jsmanaged_fields!(ElementSnapshot);
 no_jsmanaged_fields!(HttpsState);
 no_jsmanaged_fields!(SharedRt);
 no_jsmanaged_fields!(TouchpadPressurePhase);
+no_jsmanaged_fields!(ReferrerPolicy);

 impl JSTraceable for ConstellationChan<ScriptMsg> {
    #[inline]
--- a/components/script/dom/document.rs
+++ b/components/script/dom/document.rs
@ -88,7 +88,7 @@ use js::jsapi::{JSContext, JSObject, JSRuntime};
 use layout_interface::{LayoutChan, Msg, ReflowQueryType};
 use msg::constellation_msg::{ALT, CONTROL, SHIFT, SUPER};
 use msg::constellation_msg::{ConstellationChan, Key, KeyModifiers, KeyState};
-use msg::constellation_msg::{PipelineId, SubpageId};
+use msg::constellation_msg::{PipelineId, ReferrerPolicy, SubpageId};
 use net_traits::ControlMsg::{GetCookiesForUrl, SetCookiesForUrl};
 use net_traits::CookieSource::NonHTTP;
 use net_traits::response::HttpsState;
@ -226,6 +226,8 @@ pub struct Document {
    touchpad_pressure_phase: Cell<TouchpadPressurePhase>,
    /// The document's origin.
    origin: Origin,
+    ///  https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-states
+    referrer_policy: Option<ReferrerPolicy>,
 }

 #[derive(JSTraceable, HeapSizeOf)]
@ -1326,12 +1328,12 @@ impl Document {

    pub fn prepare_async_load(&self, load: LoadType) -> PendingAsyncLoad {
        let mut loader = self.loader.borrow_mut();
-        loader.prepare_async_load(load)
+        loader.prepare_async_load(load, self)
    }

    pub fn load_async(&self, load: LoadType, listener: AsyncResponseTarget) {
        let mut loader = self.loader.borrow_mut();
-        loader.load_async(load, listener)
+        loader.load_async(load, listener, self)
    }

    pub fn finish_load(&self, load: LoadType) {
@ -1684,6 +1686,8 @@ impl Document {
            https_state: Cell::new(HttpsState::None),
            touchpad_pressure_phase: Cell::new(TouchpadPressurePhase::BeforeClick),
            origin: origin,
+            //TODO - setting this for now so no Referer header set
+            referrer_policy: Some(ReferrerPolicy::NoReferrer),
        }
    }

@ -1812,6 +1816,11 @@ impl Document {
            snapshot.attrs = Some(attrs);
        }
    }
+
+    //TODO - for now, returns no-referrer for all until reading in the value
+    pub fn get_referrer_policy(&self) -> Option<ReferrerPolicy> {
+        return self.referrer_policy.clone();
+    }
 }


--- a/components/script/dom/htmlformelement.rs
+++ b/components/script/dom/htmlformelement.rs
@ -283,7 +283,7 @@ impl HTMLFormElement {
        let _target = submitter.target();
        // TODO: Handle browsing contexts, partially loaded documents (step 16-17)

-        let mut load_data = LoadData::new(action_components);
+        let mut load_data = LoadData::new(action_components, doc.get_referrer_policy(), Some(doc.url().clone()));

        let parsed_data = match enctype {
            FormEncType::UrlEncoded => {
--- a/components/script/dom/window.rs
+++ b/components/script/dom/window.rs
@ -1199,8 +1199,10 @@ impl Window {

    /// Commence a new URL load which will either replace this window or scroll to a fragment.
    pub fn load_url(&self, url: Url) {
+        let doc = self.Document();
        self.main_thread_script_chan().send(
-            MainThreadScriptMsg::Navigate(self.id, LoadData::new(url))).unwrap();
+            MainThreadScriptMsg::Navigate(self.id,
+                LoadData::new(url, doc.get_referrer_policy(), Some(doc.url().clone())))).unwrap();
    }

    pub fn handle_fire_timer(&self, timer_id: TimerEventId) {
--- a/components/script/dom/xmlhttprequest.rs
+++ b/components/script/dom/xmlhttprequest.rs
@ -576,10 +576,13 @@ impl XMLHttpRequestMethods for XMLHttpRequest {
        // Step 5
        let global = self.global();
        let pipeline_id = global.r().pipeline();
+        //TODO - set referrer_policy/referrer_url in load_data
        let mut load_data =
            LoadData::new(LoadContext::Browsing,
                          self.request_url.borrow().clone().unwrap(),
-                          Some(pipeline_id));
+                          Some(pipeline_id),
+                          None,
+                          None);
        if load_data.url.origin().ne(&global.r().get_url().origin()) {
            load_data.credentials_flag = self.WithCredentials();
        }