diff options
| author | tommi@chromium.org <tommi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-31 16:57:08 +0000 |
|---|---|---|
| committer | tommi@chromium.org <tommi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-08-31 16:57:08 +0000 |
| commit | e600c8212f8922d77815316ff41fd8ce9d95bca7 (patch) | |
| tree | 8cd918171785907306eefd67c5b80c3716da8343 /net | |
| parent | 9c1dab0943654879f843fc58337d0a936a215271 (diff) | |
| download | chromium_src-e600c8212f8922d77815316ff41fd8ce9d95bca7.zip chromium_src-e600c8212f8922d77815316ff41fd8ce9d95bca7.tar.gz chromium_src-e600c8212f8922d77815316ff41fd8ce9d95bca7.tar.bz2 | |
Sanitizing the referrer header before starting the automation request.TEST=Run automation unit tests.BUG=none
Review URL: http://codereview.chromium.org/183004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24888 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/url_request/url_request.cc | 14 | ||||
| -rw-r--r-- | net/url_request/url_request.h | 2 | ||||
| -rw-r--r-- | net/url_request/url_request_http_job.cc | 10 |
3 files changed, 17 insertions, 9 deletions
diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc index 9f0f500..d94c8dc 100644 --- a/net/url_request/url_request.cc +++ b/net/url_request/url_request.cc @@ -240,6 +240,20 @@ void URLRequest::set_referrer(const std::string& referrer) { referrer_ = referrer; } +GURL URLRequest::GetSanitizedReferrer() const { + GURL ret(referrer()); + + // Ensure that we do not send username and password fields in the referrer. + if (ret.has_username() || ret.has_password()) { + GURL::Replacements referrer_mods; + referrer_mods.ClearUsername(); + referrer_mods.ClearPassword(); + ret = ret.ReplaceComponents(referrer_mods); + } + + return ret; +} + void URLRequest::Start() { StartJob(GetJobManager()->CreateJob(this)); } diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h index bdd76e7..c395125 100644 --- a/net/url_request/url_request.h +++ b/net/url_request/url_request.h @@ -270,6 +270,8 @@ class URLRequest { // may only be changed before Start() is called. const std::string& referrer() const { return referrer_; } void set_referrer(const std::string& referrer); + // Returns the referrer header with potential username and password removed. + GURL GetSanitizedReferrer() const; // The delegate of the request. This value may be changed at any time, // and it is permissible for it to be null. diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index ada94c3..d432f54 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -151,16 +151,8 @@ void URLRequestHttpJob::SetExtraRequestHeaders( void URLRequestHttpJob::Start() { DCHECK(!transaction_.get()); - // TODO(darin): URLRequest::referrer() should return a GURL - GURL referrer(request_->referrer()); - // Ensure that we do not send username and password fields in the referrer. - if (referrer.has_username() || referrer.has_password()) { - GURL::Replacements referrer_mods; - referrer_mods.ClearUsername(); - referrer_mods.ClearPassword(); - referrer = referrer.ReplaceComponents(referrer_mods); - } + GURL referrer(request_->GetSanitizedReferrer()); request_info_.url = request_->url(); request_info_.referrer = referrer; |