Implement PolicyContainer and update the default ReferrerPolicy (#33977)

* Implement PolicyContainer Signed-off-by: Shane Handley <shanehandley@fastmail.com> * implement small parts of fetch that interact with policy container Signed-off-by: Shane Handley <shanehandley@fastmail.com> * fix: allow policy container's csp list to be unset Signed-off-by: Shane Handley <shanehandley@fastmail.com> * fix: use the correct default policy when parsing from a token Signed-off-by: Shane Handley <shanehandley@fastmail.com> --------- Signed-off-by: Shane Handley <shanehandley@fastmail.com>
2025-08-06 22:15:33 +01:00 · 2024-11-08 18:19:23 +11:00 · 2024-11-08 18:19:23 +11:00 · 6451767428
commit 6451767428
parent 4f6283d7fe
201 changed files with 210 additions and 5178 deletions
--- a/components/shared/net/policy_container.rs
+++ b/components/shared/net/policy_container.rs
@ -0,0 +1,51 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+
+use content_security_policy::CspList;
+use malloc_size_of_derive::MallocSizeOf;
+use serde::{Deserialize, Serialize};
+
+use crate::ReferrerPolicy;
+
+/// When a policy container is associated with a request, it has an additional state of "Client". As
+/// per the spec:
+///
+/// `"client" is changed to a policy container during fetching. It provides a convenient way for
+/// standards to not have to set request’s policy container.`
+///
+/// This can be achieved with an `Option` however this struct is used with the intent to reduce
+/// ambiguity when mapping our implementation to the spec.
+///
+/// <https://fetch.spec.whatwg.org/#concept-request-policy-container>
+#[derive(Clone, Debug, Default, Deserialize, MallocSizeOf, Serialize)]
+pub enum RequestPolicyContainer {
+    #[default]
+    Client,
+    PolicyContainer(PolicyContainer),
+}
+
+/// <https://html.spec.whatwg.org/multipage/#policy-containers>
+#[derive(Clone, Debug, Default, Deserialize, MallocSizeOf, Serialize)]
+pub struct PolicyContainer {
+    #[ignore_malloc_size_of = "Defined in rust-content-security-policy"]
+    /// <https://html.spec.whatwg.org/multipage/#policy-container-csp-list>
+    pub csp_list: Option<CspList>,
+    /// <https://html.spec.whatwg.org/multipage/#policy-container-referrer-policy>
+    pub referrer_policy: ReferrerPolicy,
+    // https://html.spec.whatwg.org/multipage/#policy-container-embedder-policy
+    // TODO: Embedder Policy
+}
+
+impl PolicyContainer {
+    pub fn new(csp_list: Option<CspList>, referrer_policy: Option<ReferrerPolicy>) -> Self {
+        PolicyContainer {
+            csp_list,
+            referrer_policy: referrer_policy.unwrap_or_default(),
+        }
+    }
+
+    pub fn set_csp_list(&mut self, csp_list: Option<CspList>) {
+        self.csp_list = csp_list;
+    }
+}