diff options
author | jochen <jochen@chromium.org> | 2015-02-09 11:15:33 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-02-09 19:16:15 +0000 |
commit | 8dcfbfdca890446d10a601414fe240bf6e07f70d (patch) | |
tree | 53594a0817ba31055dae3fc74b7640f69c09d5a5 /components/pdf/renderer/pepper_pdf_host.cc | |
parent | 2567caca45d545c21cd81c7cb42edd29a4c68515 (diff) | |
download | chromium_src-8dcfbfdca890446d10a601414fe240bf6e07f70d.zip chromium_src-8dcfbfdca890446d10a601414fe240bf6e07f70d.tar.gz chromium_src-8dcfbfdca890446d10a601414fe240bf6e07f70d.tar.bz2 |
Sanitize referrers before we create them
Unless we reconstruct an already sanitized referrer from the referrer
url and the referrer policy, we should always sanitize it before
constructing a request from it.
BUG=454621,422871
R=mkwst@chromium.org,jam@chromium.org
Review URL: https://codereview.chromium.org/898613004
Cr-Commit-Position: refs/heads/master@{#315360}
Diffstat (limited to 'components/pdf/renderer/pepper_pdf_host.cc')
-rw-r--r-- | components/pdf/renderer/pepper_pdf_host.cc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/components/pdf/renderer/pepper_pdf_host.cc b/components/pdf/renderer/pepper_pdf_host.cc index 3a3f587..4c9641fa 100644 --- a/components/pdf/renderer/pepper_pdf_host.cc +++ b/components/pdf/renderer/pepper_pdf_host.cc @@ -153,8 +153,9 @@ int32_t PepperPDFHost::OnHostMsgSaveAs( content::RenderView* render_view = instance->GetRenderView(); blink::WebLocalFrame* frame = render_view->GetWebView()->mainFrame()->toWebLocalFrame(); - content::Referrer referrer(frame->document().url(), - frame->document().referrerPolicy()); + content::Referrer referrer = content::Referrer::SanitizeForRequest( + url, content::Referrer(frame->document().url(), + frame->document().referrerPolicy())); render_view->Send( new PDFHostMsg_PDFSaveURLAs(render_view->GetRoutingID(), url, referrer)); return PP_OK; |