Network Security : Implement StrictOrigin and StrictOriginWhenCrossOrigin

Referer policy strict-origin and strict-origin-when-cross-origin changes have been implemented. Relevant unit test cases have been added. Enum for RefererPolicy has been added to hyper codebase and v 0.9.11 of hyper contains these changes. This commit also contains changes related to upgrade of hyper from v0.9.10 to v0.9.11. Other dependencies changed are rayon, utils, num_cpus.
2025-08-04 21:20:23 +01:00 · 2016-11-04 03:17:04 -04:00 · 2016-11-04 03:17:04 -04:00 · c24aa56377
commit c24aa56377
parent 05f4512433
14 changed files with 246 additions and 55 deletions
--- a/components/script/dom/document.rs
+++ b/components/script/dom/document.rs
@ -3010,6 +3010,8 @@ pub fn determine_policy_for_token(token: &str) -> Option<ReferrerPolicy> {
        "default" | "no-referrer-when-downgrade" => Some(ReferrerPolicy::NoReferrerWhenDowngrade),
        "origin" => Some(ReferrerPolicy::Origin),
        "same-origin" => Some(ReferrerPolicy::SameOrigin),
+        "strict-origin" => Some(ReferrerPolicy::StrictOrigin),
+        "strict-origin-when-cross-origin" => Some(ReferrerPolicy::StrictOriginWhenCrossOrigin),
        "origin-when-cross-origin" => Some(ReferrerPolicy::OriginWhenCrossOrigin),
        "always" | "unsafe-url" => Some(ReferrerPolicy::UnsafeUrl),
        "" => Some(ReferrerPolicy::NoReferrer),
--- a/components/script/dom/request.rs
+++ b/components/script/dom/request.rs
@ -822,6 +822,9 @@ impl Into<MsgReferrerPolicy> for ReferrerPolicy {
            ReferrerPolicy::Origin => MsgReferrerPolicy::Origin,
            ReferrerPolicy::Origin_when_cross_origin => MsgReferrerPolicy::OriginWhenCrossOrigin,
            ReferrerPolicy::Unsafe_url => MsgReferrerPolicy::UnsafeUrl,
+            ReferrerPolicy::Strict_origin => MsgReferrerPolicy::StrictOrigin,
+            ReferrerPolicy::Strict_origin_when_cross_origin =>
+                MsgReferrerPolicy::StrictOriginWhenCrossOrigin,
        }
    }
 }
@ -836,6 +839,9 @@ impl Into<ReferrerPolicy> for MsgReferrerPolicy {
            MsgReferrerPolicy::SameOrigin => ReferrerPolicy::Origin,
            MsgReferrerPolicy::OriginWhenCrossOrigin => ReferrerPolicy::Origin_when_cross_origin,
            MsgReferrerPolicy::UnsafeUrl => ReferrerPolicy::Unsafe_url,
+            MsgReferrerPolicy::StrictOrigin => ReferrerPolicy::Strict_origin,
+            MsgReferrerPolicy::StrictOriginWhenCrossOrigin =>
+                ReferrerPolicy::Strict_origin_when_cross_origin,
        }
    }
 }
--- a/components/script/dom/webidls/Request.webidl
+++ b/components/script/dom/webidls/Request.webidl
@ -104,5 +104,7 @@ enum ReferrerPolicy {
  "no-referrer-when-downgrade",
  "origin",
  "origin-when-cross-origin",
-  "unsafe-url"
+  "unsafe-url",
+  "strict-origin",
+  "strict-origin-when-cross-origin"
 };
--- a/components/script/script_thread.rs
+++ b/components/script/script_thread.rs
@ -1756,6 +1756,10 @@ impl ScriptThread {
                    ReferrerPolicy::OriginWhenCrossOrigin,
                ReferrerPolicyHeader::UnsafeUrl =>
                    ReferrerPolicy::UnsafeUrl,
+                ReferrerPolicyHeader::StrictOrigin =>
+                    ReferrerPolicy::StrictOrigin,
+                ReferrerPolicyHeader::StrictOriginWhenCrossOrigin =>
+                    ReferrerPolicy::StrictOriginWhenCrossOrigin,
            })
        } else {
            None