[webkit-changes] [144360] trunk

[jochen]

Title: [144360] trunk

Revision

144360

Author

joc...@chromium.org

Date

2013-02-28 13:45:58 -0800 (Thu, 28 Feb 2013)

Log Message

Meta referrer isn't honored for window.open
https://bugs.webkit.org/show_bug.cgi?id=111076

Reviewed by Adam Barth.

Source/WebCore:

Test: http/tests/security/referrer-policy-window-open.html

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::urlSelected): loadFrameRequest() will set the correct referrer
(WebCore::createWindow): This code is required for the inspector which doesn't set the referrer
* page/DOMWindow.cpp:
(WebCore::DOMWindow::createWindow):

LayoutTests:

* http/tests/security/referrer-policy-window-open-expected.txt: Added.
* http/tests/security/referrer-policy-window-open.html: Added.

Modified Paths

• trunk/LayoutTests/ChangeLog
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/loader/FrameLoader.cpp
• trunk/Source/WebCore/page/DOMWindow.cpp

Added Paths

• trunk/LayoutTests/http/tests/security/referrer-policy-window-open-expected.txt
• trunk/LayoutTests/http/tests/security/referrer-policy-window-open.html

Diff

Modified: trunk/LayoutTests/ChangeLog (144359 => 144360)

--- trunk/LayoutTests/ChangeLog	2013-02-28 21:37:47 UTC (rev 144359)
+++ trunk/LayoutTests/ChangeLog	2013-02-28 21:45:58 UTC (rev 144360)
@@ -1,3 +1,13 @@
+2013-02-28  Jochen Eisinger  <joc...@chromium.org>
+
+        Meta referrer isn't honored for window.open
+        https://bugs.webkit.org/show_bug.cgi?id=111076
+
+        Reviewed by Adam Barth.
+
+        * http/tests/security/referrer-policy-window-open-expected.txt: Added.
+        * http/tests/security/referrer-policy-window-open.html: Added.
+
 2013-02-28  Kondapally Kalyan  <kalyan.kondapa...@intel.com>
 
         [EFL][WebGL] Enable compositing/webgl/webgl-reflection.html.

Added: trunk/LayoutTests/http/tests/security/referrer-policy-window-open-expected.txt (0 => 144360)

--- trunk/LayoutTests/http/tests/security/referrer-policy-window-open-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/referrer-policy-window-open-expected.txt	2013-02-28 21:45:58 UTC (rev 144360)
@@ -0,0 +1,5 @@
+This test opens a new window. It passes, if the referrer is the origin only.
+
+HTTP Referer header is http://127.0.0.1:8000/
+Referrer is http://127.0.0.1:8000/
+

Added: trunk/LayoutTests/http/tests/security/referrer-policy-window-open.html (0 => 144360)

--- trunk/LayoutTests/http/tests/security/referrer-policy-window-open.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/security/referrer-policy-window-open.html	2013-02-28 21:45:58 UTC (rev 144360)
@@ -0,0 +1,34 @@
+<html>
+<head>
+<meta name="referrer" content="origin" />
+<script>
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.waitUntilDone();
+    testRunner.setCanOpenWindows();
+}
+
+window.addEventListener("message", receiveMessage, false);
+
+function receiveMessage(evt) {
+    if (evt.data == "done") {
+        if (window.testRunner)
+            testRunner.notifyDone();
+    } else {
+        document.getElementById("log").innerHTML += evt.data + "<br>";
+    }
+}
+</script>
+</head>
+<body>
+<p>
+    This test opens a new window. It passes, if the referrer is the origin
+    only.
+</p>
+<div id="log">
+</div>
+<script>
+window.open("resources/referrer-policy-postmessage.php");
+</script>
+</body>
+</html>

Modified: trunk/Source/WebCore/ChangeLog (144359 => 144360)

--- trunk/Source/WebCore/ChangeLog	2013-02-28 21:37:47 UTC (rev 144359)
+++ trunk/Source/WebCore/ChangeLog	2013-02-28 21:45:58 UTC (rev 144360)
@@ -1,3 +1,18 @@
+2013-02-28  Jochen Eisinger  <joc...@chromium.org>
+
+        Meta referrer isn't honored for window.open
+        https://bugs.webkit.org/show_bug.cgi?id=111076
+
+        Reviewed by Adam Barth.
+
+        Test: http/tests/security/referrer-policy-window-open.html
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::urlSelected): loadFrameRequest() will set the correct referrer
+        (WebCore::createWindow): This code is required for the inspector which doesn't set the referrer
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::createWindow):
+
 2013-02-28  Bruno de Oliveira Abinader  <bruno.abina...@basyskom.com>
 
         [texmap] Remove redundant defines on TextureMapperGL

Modified: trunk/Source/WebCore/loader/FrameLoader.cpp (144359 => 144360)

--- trunk/Source/WebCore/loader/FrameLoader.cpp	2013-02-28 21:37:47 UTC (rev 144359)
+++ trunk/Source/WebCore/loader/FrameLoader.cpp	2013-02-28 21:45:58 UTC (rev 144360)
@@ -311,8 +311,6 @@
 
     if (shouldSendReferrer == NeverSendReferrer)
         m_suppressOpenerInNewFrame = true;
-    if (frameRequest.resourceRequest().httpReferrer().isEmpty())
-        frameRequest.resourceRequest().setHTTPReferrer(outgoingReferrer());
     addHTTPOriginIfNeeded(frameRequest.resourceRequest(), outgoingOrigin());
 
     loadFrameRequest(frameRequest, lockHistory, lockBackForwardList, triggeringEvent, 0, shouldSendReferrer);
@@ -3349,7 +3347,9 @@
 
     // FIXME: Setting the referrer should be the caller's responsibility.
     FrameLoadRequest requestWithReferrer = request;
-    requestWithReferrer.resourceRequest().setHTTPReferrer(openerFrame->loader()->outgoingReferrer());
+    String referrer = SecurityPolicy::generateReferrerHeader(openerFrame->document()->referrerPolicy(), request.resourceRequest().url(), openerFrame->loader()->outgoingReferrer());
+    if (!referrer.isEmpty())
+        requestWithReferrer.resourceRequest().setHTTPReferrer(referrer);
     FrameLoader::addHTTPOriginIfNeeded(requestWithReferrer.resourceRequest(), openerFrame->loader()->outgoingOrigin());
 
     if (openerFrame->settings() && !openerFrame->settings()->supportsMultipleWindows()) {

Modified: trunk/Source/WebCore/page/DOMWindow.cpp (144359 => 144360)

--- trunk/Source/WebCore/page/DOMWindow.cpp	2013-02-28 21:37:47 UTC (rev 144359)
+++ trunk/Source/WebCore/page/DOMWindow.cpp	2013-02-28 21:45:58 UTC (rev 144360)
@@ -85,6 +85,7 @@
 #include "ScriptCallStack.h"
 #include "ScriptCallStackFactory.h"
 #include "SecurityOrigin.h"
+#include "SecurityPolicy.h"
 #include "SerializedScriptValue.h"
 #include "Settings.h"
 #include "Storage.h"
@@ -1867,9 +1868,6 @@
 {
     Frame* activeFrame = activeWindow->frame();
 
-    // For whatever reason, Firefox uses the first frame to determine the outgoingReferrer. We replicate that behavior here.
-    String referrer = firstFrame->loader()->outgoingReferrer();
-
     KURL completedURL = urlString.isEmpty() ? KURL(ParsedURLString, emptyString()) : firstFrame->document()->completeURL(urlString);
     if (!completedURL.isEmpty() && !completedURL.isValid()) {
         // Don't expose client code to invalid URLs.
@@ -1877,6 +1875,9 @@
         return 0;
     }
 
+    // For whatever reason, Firefox uses the first frame to determine the outgoingReferrer. We replicate that behavior here.
+    String referrer = SecurityPolicy::generateReferrerHeader(firstFrame->document()->referrerPolicy(), completedURL, firstFrame->loader()->outgoingReferrer());
+
     ResourceRequest request(completedURL, referrer);
     FrameLoader::addHTTPOriginIfNeeded(request, firstFrame->loader()->outgoingOrigin());
     FrameLoadRequest frameRequest(activeWindow->document()->securityOrigin(), request, frameName);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes