Remove referrer policy from document (#34263)

* Remove the referrer policy from document and rely on its policy container Signed-off-by: Shane Handley <shanehandley@fastmail.com> * Make ReferrerPolicy non-optional, instead using a new enum value to represent the empty string case Signed-off-by: Shane Handley <shanehandley@fastmail.com> * Fix clippy issue Signed-off-by: Shane Handley <shanehandley@fastmail.com> * Fix usage of Option<ReferrerPolicy> in unit test Signed-off-by: Shane Handley <shanehandley@fastmail.com> --------- Signed-off-by: Shane Handley <shanehandley@fastmail.com>
2025-08-08 15:05:35 +01:00 · 2024-11-19 23:45:10 +11:00 · 2024-11-19 23:45:10 +11:00 · 975e2ae859
commit 975e2ae859
parent 83f8e88818
108 changed files with 171 additions and 1509 deletions
--- a/components/shared/net/lib.rs
+++ b/components/shared/net/lib.rs
@ -105,8 +105,10 @@ pub struct CustomResponseMediator {

 /// [Policies](https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-states)
 /// for providing a referrer header for a request
-#[derive(Clone, Copy, Debug, Default, Deserialize, MallocSizeOf, Serialize)]
+#[derive(Clone, Copy, Debug, Default, Deserialize, MallocSizeOf, PartialEq, Serialize)]
 pub enum ReferrerPolicy {
+    /// ""
+    EmptyString,
    /// "no-referrer"
    NoReferrer,
    /// "no-referrer-when-downgrade"
@ -129,6 +131,7 @@ pub enum ReferrerPolicy {
 impl Display for ReferrerPolicy {
    fn fmt(&self, formatter: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        let string = match self {
+            ReferrerPolicy::EmptyString => "",
            ReferrerPolicy::NoReferrer => "no-referrer",
            ReferrerPolicy::NoReferrerWhenDowngrade => "no-referrer-when-downgrade",
            ReferrerPolicy::Origin => "origin",
@ -142,9 +145,9 @@ impl Display for ReferrerPolicy {
    }
 }

-impl From<ReferrerPolicyHeader> for ReferrerPolicy {
-    fn from(policy: ReferrerPolicyHeader) -> Self {
-        match policy {
+impl From<Option<ReferrerPolicyHeader>> for ReferrerPolicy {
+    fn from(header: Option<ReferrerPolicyHeader>) -> Self {
+        header.map_or(ReferrerPolicy::EmptyString, |policy| match policy {
            ReferrerPolicyHeader::NO_REFERRER => ReferrerPolicy::NoReferrer,
            ReferrerPolicyHeader::NO_REFERRER_WHEN_DOWNGRADE => {
                ReferrerPolicy::NoReferrerWhenDowngrade
@ -157,7 +160,7 @@ impl From<ReferrerPolicyHeader> for ReferrerPolicy {
            ReferrerPolicyHeader::STRICT_ORIGIN_WHEN_CROSS_ORIGIN => {
                ReferrerPolicy::StrictOriginWhenCrossOrigin
            },
-        }
+        })
    }
 }

@ -173,7 +176,7 @@ impl From<ReferrerPolicy> for ReferrerPolicyHeader {
            ReferrerPolicy::OriginWhenCrossOrigin => ReferrerPolicyHeader::ORIGIN_WHEN_CROSS_ORIGIN,
            ReferrerPolicy::UnsafeUrl => ReferrerPolicyHeader::UNSAFE_URL,
            ReferrerPolicy::StrictOrigin => ReferrerPolicyHeader::STRICT_ORIGIN,
-            ReferrerPolicy::StrictOriginWhenCrossOrigin => {
+            ReferrerPolicy::EmptyString | ReferrerPolicy::StrictOriginWhenCrossOrigin => {
                ReferrerPolicyHeader::STRICT_ORIGIN_WHEN_CROSS_ORIGIN
            },
        }
@ -789,7 +792,7 @@ pub struct Metadata {
    pub referrer: Option<ServoUrl>,

    /// Referrer Policy of the Request used to obtain Response
-    pub referrer_policy: Option<ReferrerPolicy>,
+    pub referrer_policy: ReferrerPolicy,
    /// Performance information for navigation events
    pub timing: Option<ResourceFetchTiming>,
    /// True if the request comes from a redirection
@ -808,7 +811,7 @@ impl Metadata {
            status: HttpStatus::default(),
            https_state: HttpsState::None,
            referrer: None,
-            referrer_policy: None,
+            referrer_policy: ReferrerPolicy::EmptyString,
            timing: None,
            redirected: false,
        }
@ -833,18 +836,21 @@ impl Metadata {
    }

    /// Set the referrer policy associated with the loaded resource.
-    pub fn set_referrer_policy(&mut self, referrer_policy: Option<ReferrerPolicy>) {
+    pub fn set_referrer_policy(&mut self, referrer_policy: ReferrerPolicy) {
+        if referrer_policy == ReferrerPolicy::EmptyString {
+            return;
+        }
+
        if self.headers.is_none() {
            self.headers = Some(Serde(HeaderMap::new()));
        }

        self.referrer_policy = referrer_policy;
-        if let Some(referrer_policy) = referrer_policy {
-            self.headers
-                .as_mut()
-                .unwrap()
-                .typed_insert::<ReferrerPolicyHeader>(referrer_policy.into());
-        }
+
+        self.headers
+            .as_mut()
+            .unwrap()
+            .typed_insert::<ReferrerPolicyHeader>(referrer_policy.into());
    }
 }

--- a/components/shared/net/policy_container.rs
+++ b/components/shared/net/policy_container.rs
@ -32,20 +32,26 @@ pub struct PolicyContainer {
    /// <https://html.spec.whatwg.org/multipage/#policy-container-csp-list>
    pub csp_list: Option<CspList>,
    /// <https://html.spec.whatwg.org/multipage/#policy-container-referrer-policy>
-    pub referrer_policy: ReferrerPolicy,
+    referrer_policy: ReferrerPolicy,
    // https://html.spec.whatwg.org/multipage/#policy-container-embedder-policy
    // TODO: Embedder Policy
 }

 impl PolicyContainer {
-    pub fn new(csp_list: Option<CspList>, referrer_policy: Option<ReferrerPolicy>) -> Self {
-        PolicyContainer {
-            csp_list,
-            referrer_policy: referrer_policy.unwrap_or_default(),
-        }
-    }
-
    pub fn set_csp_list(&mut self, csp_list: Option<CspList>) {
        self.csp_list = csp_list;
    }
+
+    pub fn set_referrer_policy(&mut self, referrer_policy: ReferrerPolicy) {
+        self.referrer_policy = referrer_policy;
+    }
+
+    pub fn get_referrer_policy(&self) -> ReferrerPolicy {
+        // https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-empty-string
+        if self.referrer_policy == ReferrerPolicy::EmptyString {
+            return ReferrerPolicy::default();
+        }
+
+        self.referrer_policy
+    }
 }
--- a/components/shared/net/request.rs
+++ b/components/shared/net/request.rs
@ -265,7 +265,7 @@ pub struct RequestBuilder {
    pub policy_container: RequestPolicyContainer,
    // XXXManishearth these should be part of the client object
    pub referrer: Referrer,
-    pub referrer_policy: Option<ReferrerPolicy>,
+    pub referrer_policy: ReferrerPolicy,
    pub pipeline_id: Option<PipelineId>,
    pub redirect_mode: RedirectMode,
    pub integrity_metadata: String,
@ -299,7 +299,7 @@ impl RequestBuilder {
            origin: ImmutableOrigin::new_opaque(),
            policy_container: RequestPolicyContainer::default(),
            referrer,
-            referrer_policy: None,
+            referrer_policy: ReferrerPolicy::EmptyString,
            pipeline_id: None,
            redirect_mode: RedirectMode::Follow,
            integrity_metadata: "".to_owned(),
@ -372,7 +372,7 @@ impl RequestBuilder {
        self
    }

-    pub fn referrer_policy(mut self, referrer_policy: Option<ReferrerPolicy>) -> RequestBuilder {
+    pub fn referrer_policy(mut self, referrer_policy: ReferrerPolicy) -> RequestBuilder {
        self.referrer_policy = referrer_policy;
        self
    }
@ -494,7 +494,7 @@ pub struct Request {
    /// <https://fetch.spec.whatwg.org/#concept-request-referrer>
    pub referrer: Referrer,
    /// <https://fetch.spec.whatwg.org/#concept-request-referrer-policy>
-    pub referrer_policy: Option<ReferrerPolicy>,
+    pub referrer_policy: ReferrerPolicy,
    pub pipeline_id: Option<PipelineId>,
    /// <https://fetch.spec.whatwg.org/#synchronous-flag>
    pub synchronous: bool,
@ -553,7 +553,7 @@ impl Request {
            destination: Destination::None,
            origin: origin.unwrap_or(Origin::Client),
            referrer,
-            referrer_policy: None,
+            referrer_policy: ReferrerPolicy::EmptyString,
            pipeline_id,
            synchronous: false,
            mode: RequestMode::NoCors,
--- a/components/shared/net/response.rs
+++ b/components/shared/net/response.rs
@ -104,7 +104,7 @@ pub struct Response {
    pub cache_state: CacheState,
    pub https_state: HttpsState,
    pub referrer: Option<ServoUrl>,
-    pub referrer_policy: Option<ReferrerPolicy>,
+    pub referrer_policy: ReferrerPolicy,
    /// [CORS-exposed header-name list](https://fetch.spec.whatwg.org/#concept-response-cors-exposed-header-name-list)
    pub cors_exposed_header_name_list: Vec<String>,
    /// [Location URL](https://fetch.spec.whatwg.org/#concept-response-location-url)
@ -135,7 +135,7 @@ impl Response {
            cache_state: CacheState::None,
            https_state: HttpsState::None,
            referrer: None,
-            referrer_policy: None,
+            referrer_policy: ReferrerPolicy::EmptyString,
            cors_exposed_header_name_list: vec![],
            location_url: None,
            internal_response: None,
@ -166,7 +166,7 @@ impl Response {
            cache_state: CacheState::None,
            https_state: HttpsState::None,
            referrer: None,
-            referrer_policy: None,
+            referrer_policy: ReferrerPolicy::EmptyString,
            cors_exposed_header_name_list: vec![],
            location_url: None,
            internal_response: None,