Implement PolicyContainer and update the default ReferrerPolicy (#33977)

* Implement PolicyContainer Signed-off-by: Shane Handley <shanehandley@fastmail.com> * implement small parts of fetch that interact with policy container Signed-off-by: Shane Handley <shanehandley@fastmail.com> * fix: allow policy container's csp list to be unset Signed-off-by: Shane Handley <shanehandley@fastmail.com> * fix: use the correct default policy when parsing from a token Signed-off-by: Shane Handley <shanehandley@fastmail.com> --------- Signed-off-by: Shane Handley <shanehandley@fastmail.com>
2025-08-05 13:40:08 +01:00 · 2024-11-08 18:19:23 +11:00 · 2024-11-08 18:19:23 +11:00 · 6451767428
commit 6451767428
parent 4f6283d7fe
201 changed files with 210 additions and 5178 deletions
--- a/components/shared/net/lib.rs
+++ b/components/shared/net/lib.rs
@ -39,6 +39,7 @@ pub mod blob_url_store;
 pub mod filemanager_thread;
 pub mod http_status;
 pub mod image_cache;
+pub mod policy_container;
 pub mod pub_domains;
 pub mod quality;
 pub mod request;
@ -104,7 +105,7 @@ pub struct CustomResponseMediator {

 /// [Policies](https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-states)
 /// for providing a referrer header for a request
-#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, Serialize)]
+#[derive(Clone, Copy, Debug, Default, Deserialize, MallocSizeOf, Serialize)]
 pub enum ReferrerPolicy {
    /// "no-referrer"
    NoReferrer,
@ -121,6 +122,7 @@ pub enum ReferrerPolicy {
    /// "strict-origin"
    StrictOrigin,
    /// "strict-origin-when-cross-origin"
+    #[default]
    StrictOriginWhenCrossOrigin,
 }