Sanitize referrers before we create them

Unless we reconstruct an already sanitized referrer from the referrer
url and the referrer policy, we should always sanitize it before
constructing a request from it.

BUG=454621,422871
R=mkwst@chromium.org,jam@chromium.org

Review URL: https://codereview.chromium.org/898613004

Cr-Commit-Position: refs/heads/master@{#315360}

1 files changed, 5 insertions, 5 deletions

diff --git a/components/sessions/content/content_serialized_navigation_builder.cc b/components/sessions/content/content_serialized_navigation_builder.cc
index a9bd244..a033c64 100644
--- a/components/sessions/content/content_serialized_navigation_builder.cc
+++ b/components/sessions/content/content_serialized_navigation_builder.cc
@@ -57,14 +57,14 @@ ContentSerializedNavigationBuilder::ToNavigationEntry(
   scoped_ptr<content::NavigationEntry> entry(
       content::NavigationController::CreateNavigationEntry(
           navigation->virtual_url_,
-          content::Referrer(navigation->referrer_url_, policy),
+          content::Referrer::SanitizeForRequest(
+              navigation->virtual_url_,
+              content::Referrer(navigation->referrer_url_, policy)),
           // Use a transition type of reload so that we don't incorrectly
           // increase the typed count.
-          ui::PAGE_TRANSITION_RELOAD,
-          false,
+          ui::PAGE_TRANSITION_RELOAD, false,
           // The extra headers are not sync'ed across sessions.
-          std::string(),
-          browser_context));
+          std::string(), browser_context));
 
   entry->SetTitle(navigation->title_);
   entry->SetPageState(content::PageState::CreateFromEncodedData(