diff options
| author | joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-22 20:58:12 +0000 |
|---|---|---|
| committer | joth@chromium.org <joth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-22 20:58:12 +0000 |
| commit | f0f100d293b93a8f09ff9dc7c71561116628885c (patch) | |
| tree | 3e4dedec5dc17a32d5d72804fb227729fae09c39 /chrome/browser/geolocation/network_location_request.cc | |
| parent | 6f5b3b2951b0d7abd438ac04ec23e6e9e9a61620 (diff) | |
| download | chromium_src-f0f100d293b93a8f09ff9dc7c71561116628885c.zip chromium_src-f0f100d293b93a8f09ff9dc7c71561116628885c.tar.gz chromium_src-f0f100d293b93a8f09ff9dc7c71561116628885c.tar.bz2 | |
Fix geolocation network request to not send/save cookies or send authentication data when accessing the network location server. This is to conserve user privacy.
Remove obsolete todos whilst in there.
BUG=http://crbug.com/11246
TEST=use wireshark to inspect request headers sent.
Review URL: http://codereview.chromium.org/650144
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39629 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/geolocation/network_location_request.cc')
| -rw-r--r-- | chrome/browser/geolocation/network_location_request.cc | 23 |
1 files changed, 5 insertions, 18 deletions
diff --git a/chrome/browser/geolocation/network_location_request.cc b/chrome/browser/geolocation/network_location_request.cc index ecf41d9..6c3373c 100644 --- a/chrome/browser/geolocation/network_location_request.cc +++ b/chrome/browser/geolocation/network_location_request.cc @@ -10,6 +10,7 @@ #include "base/values.h" #include "chrome/browser/net/url_request_context_getter.h" #include "chrome/common/geoposition.h" +#include "net/base/load_flags.h" #include "net/url_request/url_request_status.h" namespace { @@ -92,6 +93,10 @@ bool NetworkLocationRequest::MakeRequest(const string16& access_token, url_, URLFetcher::POST, this)); url_fetcher_->set_upload_data(kMimeApplicationJson, post_body); url_fetcher_->set_request_context(url_context_); + url_fetcher_->set_load_flags( + net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE | + net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES | + net::LOAD_DO_NOT_SEND_AUTH_DATA); url_fetcher_->Start(); return true; } @@ -144,17 +149,7 @@ bool FormRequestBody(const string16& host_name, AddRadioData(radio_data, &body_object); AddWifiData(wifi_data, &body_object); - // TODO(joth): Do we need to mess with locales? - // We always use the platform independent 'C' locale when writing the JSON - // request, irrespective of the browser's locale. This avoids the need for - // the network location provider to determine the locale of the request and - // parse the JSON accordingly. -// char* current_locale = setlocale(LC_NUMERIC, "C"); - base::JSONWriter::Write(&body_object, false, data); - -// setlocale(LC_NUMERIC, current_locale); - DLOG(INFO) << "NetworkLocationRequest::FormRequestBody(): Formed body " << data << ".\n"; return true; @@ -282,17 +277,9 @@ bool ParseServerResponse(const std::string& response_body, << response_body << ".\n"; // Parse the response, ignoring comments. - // TODO(joth): Gears version stated: The JSON reponse from the network - // location provider should always use the 'C' locale. - // Chromium JSON parser works in UTF8 so hopefully we can ignore setlocale? - -// char* current_locale = setlocale(LC_NUMERIC, "C"); std::string error_msg; scoped_ptr<Value> response_value(base::JSONReader::ReadAndReturnError( response_body, false, &error_msg)); - -// setlocale(LC_NUMERIC, current_locale); - if (response_value == NULL) { LOG(WARNING) << "ParseServerResponse() : JSONReader failed : " << error_msg << ".\n"; |