content/public/common/referrer.cc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "base/command_line.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/referrer.h"

namespace content {

// static.
Referrer Referrer::SanitizeForRequest(const GURL& request,
                                      const Referrer& referrer) {
  Referrer sanitized_referrer(referrer.url.GetAsReferrer(), referrer.policy);

  if (!request.SchemeIsHTTPOrHTTPS() ||
      !sanitized_referrer.url.SchemeIsHTTPOrHTTPS()) {
    sanitized_referrer.url = GURL();
    return sanitized_referrer;
  }

  bool is_downgrade =
      sanitized_referrer.url.SchemeIsSecure() && !request.SchemeIsSecure();

  switch (sanitized_referrer.policy) {
    case blink::WebReferrerPolicyDefault:
      if (is_downgrade) {
        sanitized_referrer.url = GURL();
      } else if (request.GetOrigin() != sanitized_referrer.url.GetOrigin() &&
                 base::CommandLine::ForCurrentProcess()->HasSwitch(
                     switches::kReducedReferrerGranularity)) {
        sanitized_referrer.url = sanitized_referrer.url.GetOrigin();
      }
      break;
    case blink::WebReferrerPolicyNoReferrerWhenDowngrade:
      if (is_downgrade)
        sanitized_referrer.url = GURL();
      break;
    case blink::WebReferrerPolicyAlways:
      break;
    case blink::WebReferrerPolicyNever:
      sanitized_referrer.url = GURL();
      break;
    case blink::WebReferrerPolicyOrigin:
      sanitized_referrer.url = sanitized_referrer.url.GetOrigin();
      break;
    default:
      NOTREACHED();
      break;
  }
  return sanitized_referrer;
}

}  // namespace content