2018-04-03 17:15:17 +00:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) 2018 Apple Inc. All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
|
* are met:
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND ANY
|
|
|
|
|
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
|
|
|
|
|
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
|
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
|
|
|
|
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
|
|
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
|
#include "ReferrerPolicy.h"
|
|
|
|
|
|
2018-05-30 21:30:21 +00:00
|
|
|
#include "HTTPParsers.h"
|
|
|
|
|
|
2018-04-03 17:15:17 +00:00
|
|
|
namespace WebCore {
|
2018-05-30 21:30:21 +00:00
|
|
|
|
|
|
|
|
enum class ShouldParseLegacyKeywords { No, Yes };
|
|
|
|
|
|
2021-05-30 16:11:40 +00:00
|
|
|
static std::optional<ReferrerPolicy> parseReferrerPolicyToken(StringView policy, ShouldParseLegacyKeywords shouldParseLegacyKeywords)
|
2018-04-03 17:15:17 +00:00
|
|
|
{
|
2018-05-30 21:30:21 +00:00
|
|
|
// "never" / "default" / "always" are legacy keywords that we support and still defined in the HTML specification:
|
|
|
|
|
// https://html.spec.whatwg.org/#meta-referrer
|
2018-04-03 17:15:17 +00:00
|
|
|
if (shouldParseLegacyKeywords == ShouldParseLegacyKeywords::Yes) {
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "never"))
|
|
|
|
|
return ReferrerPolicy::NoReferrer;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "always"))
|
|
|
|
|
return ReferrerPolicy::UnsafeUrl;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "default"))
|
2021-07-20 16:42:40 +00:00
|
|
|
return ReferrerPolicy::Default;
|
2018-04-03 17:15:17 +00:00
|
|
|
}
|
2018-05-30 21:30:21 +00:00
|
|
|
|
2018-04-03 17:15:17 +00:00
|
|
|
if (equalLettersIgnoringASCIICase(policy, "no-referrer"))
|
|
|
|
|
return ReferrerPolicy::NoReferrer;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "unsafe-url"))
|
|
|
|
|
return ReferrerPolicy::UnsafeUrl;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "origin"))
|
|
|
|
|
return ReferrerPolicy::Origin;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "origin-when-cross-origin"))
|
|
|
|
|
return ReferrerPolicy::OriginWhenCrossOrigin;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "same-origin"))
|
|
|
|
|
return ReferrerPolicy::SameOrigin;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "strict-origin"))
|
|
|
|
|
return ReferrerPolicy::StrictOrigin;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "strict-origin-when-cross-origin"))
|
|
|
|
|
return ReferrerPolicy::StrictOriginWhenCrossOrigin;
|
|
|
|
|
if (equalLettersIgnoringASCIICase(policy, "no-referrer-when-downgrade"))
|
|
|
|
|
return ReferrerPolicy::NoReferrerWhenDowngrade;
|
|
|
|
|
if (!policy.isNull() && policy.isEmpty())
|
|
|
|
|
return ReferrerPolicy::EmptyString;
|
2018-05-30 21:30:21 +00:00
|
|
|
|
Next step toward using std::optional directly instead of through WTF::Optional typedef
https://bugs.webkit.org/show_bug.cgi?id=226280
Reviewed by Chris Dumez.
Source/JavaScriptCore:
* <many files>: Accept the renaming done by do-webcore-rename.
* yarr/YarrSyntaxChecker.cpp: Since the style checker complained about this file,
tweaked style to make it happy after the renaming done by do-webcore-rename, and
also hand-updated Optional to std::optional as long as we were touching it.
Source/WebCore:
* <many files>: Accept the renaming done by do-webcore-rename.
* Modules/webauthn/fido/DeviceRequestConverter.h: Since style checker complained
about the names of some arguments, fixed them, and also hand-updated Optional to
std::optional as long as we were touching it.
* loader/EmptyClients.cpp: Since style checker complained about the mix of
WEBCORE_EXPORT and inlined functions, moved them out of line, and
also hand-updated Optional to std::optional as long as we were touching it.
Also removed is<EmptyFrameLoaderClient>().
* loader/EmptyFrameLoaderClient.h: Ditto.
Source/WebCore/PAL:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebDriver:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKit:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy:
* Storage/StorageTracker.cpp:
(WebKit::StorageTracker::diskUsageForOrigin): Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy/mac:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy/win:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WTF:
* <many files>: Accept the renaming done by do-webcore-rename.
* wtf/Optional.h: Remove WTF::nullopt_t and WTF::makeOptional.
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::mapHostName): Convert from nullopt to std::nullopt.
Tools:
* Scripts/do-webcore-rename: Use script to rename valueOr, WTF::nullopt, WTF::nullopt_t,
WTF::Optional, WTF::makeOptional, and makeOptional. Other renamings can't necessarily
be done by the script and so will be done in later passes.
* <many files>: Accept the renaming done by do-webcore-rename.
Canonical link: https://commits.webkit.org/238228@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278185 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-05-28 01:26:23 +00:00
|
|
|
return std::nullopt;
|
2018-05-30 21:30:21 +00:00
|
|
|
}
|
2018-04-03 17:15:17 +00:00
|
|
|
|
2021-05-30 16:11:40 +00:00
|
|
|
std::optional<ReferrerPolicy> parseReferrerPolicy(StringView policyString, ReferrerPolicySource source)
|
2018-05-30 21:30:21 +00:00
|
|
|
{
|
|
|
|
|
switch (source) {
|
|
|
|
|
case ReferrerPolicySource::HTTPHeader: {
|
|
|
|
|
// Implementing https://www.w3.org/TR/2017/CR-referrer-policy-20170126/#parse-referrer-policy-from-header.
|
2021-05-30 16:11:40 +00:00
|
|
|
std::optional<ReferrerPolicy> result;
|
2018-05-30 21:30:21 +00:00
|
|
|
for (auto tokenView : policyString.split(',')) {
|
|
|
|
|
auto token = parseReferrerPolicyToken(stripLeadingAndTrailingHTTPSpaces(tokenView), ShouldParseLegacyKeywords::No);
|
|
|
|
|
if (token && token.value() != ReferrerPolicy::EmptyString)
|
|
|
|
|
result = token.value();
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
case ReferrerPolicySource::MetaTag:
|
|
|
|
|
return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::Yes);
|
2019-03-06 11:28:38 +00:00
|
|
|
case ReferrerPolicySource::ReferrerPolicyAttribute:
|
|
|
|
|
return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::No);
|
2018-05-30 21:30:21 +00:00
|
|
|
}
|
|
|
|
|
ASSERT_NOT_REACHED();
|
Next step toward using std::optional directly instead of through WTF::Optional typedef
https://bugs.webkit.org/show_bug.cgi?id=226280
Reviewed by Chris Dumez.
Source/JavaScriptCore:
* <many files>: Accept the renaming done by do-webcore-rename.
* yarr/YarrSyntaxChecker.cpp: Since the style checker complained about this file,
tweaked style to make it happy after the renaming done by do-webcore-rename, and
also hand-updated Optional to std::optional as long as we were touching it.
Source/WebCore:
* <many files>: Accept the renaming done by do-webcore-rename.
* Modules/webauthn/fido/DeviceRequestConverter.h: Since style checker complained
about the names of some arguments, fixed them, and also hand-updated Optional to
std::optional as long as we were touching it.
* loader/EmptyClients.cpp: Since style checker complained about the mix of
WEBCORE_EXPORT and inlined functions, moved them out of line, and
also hand-updated Optional to std::optional as long as we were touching it.
Also removed is<EmptyFrameLoaderClient>().
* loader/EmptyFrameLoaderClient.h: Ditto.
Source/WebCore/PAL:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebDriver:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKit:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy:
* Storage/StorageTracker.cpp:
(WebKit::StorageTracker::diskUsageForOrigin): Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy/mac:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WebKitLegacy/win:
* <many files>: Accept the renaming done by do-webcore-rename.
Source/WTF:
* <many files>: Accept the renaming done by do-webcore-rename.
* wtf/Optional.h: Remove WTF::nullopt_t and WTF::makeOptional.
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::mapHostName): Convert from nullopt to std::nullopt.
Tools:
* Scripts/do-webcore-rename: Use script to rename valueOr, WTF::nullopt, WTF::nullopt_t,
WTF::Optional, WTF::makeOptional, and makeOptional. Other renamings can't necessarily
be done by the script and so will be done in later passes.
* <many files>: Accept the renaming done by do-webcore-rename.
Canonical link: https://commits.webkit.org/238228@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278185 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-05-28 01:26:23 +00:00
|
|
|
return std::nullopt;
|
2018-04-03 17:15:17 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-17 09:03:37 +00:00
|
|
|
String referrerPolicyToString(const ReferrerPolicy& referrerPolicy)
|
|
|
|
|
{
|
|
|
|
|
switch (referrerPolicy) {
|
|
|
|
|
case ReferrerPolicy::NoReferrer:
|
|
|
|
|
return "no-referrer"_s;
|
|
|
|
|
case ReferrerPolicy::UnsafeUrl:
|
|
|
|
|
return "unsafe-url"_s;
|
|
|
|
|
case ReferrerPolicy::Origin:
|
|
|
|
|
return "origin"_s;
|
|
|
|
|
case ReferrerPolicy::OriginWhenCrossOrigin:
|
|
|
|
|
return "origin-when-cross-origin"_s;
|
|
|
|
|
case ReferrerPolicy::SameOrigin:
|
|
|
|
|
return "same-origin"_s;
|
|
|
|
|
case ReferrerPolicy::StrictOrigin:
|
|
|
|
|
return "strict-origin"_s;
|
|
|
|
|
case ReferrerPolicy::StrictOriginWhenCrossOrigin:
|
|
|
|
|
return "strict-origin-when-cross-origin"_s;
|
|
|
|
|
case ReferrerPolicy::NoReferrerWhenDowngrade:
|
|
|
|
|
return "no-referrer-when-downgrade"_s;
|
|
|
|
|
case ReferrerPolicy::EmptyString:
|
|
|
|
|
return { };
|
|
|
|
|
}
|
|
|
|
|
ASSERT_NOT_REACHED();
|
|
|
|
|
return { };
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-03 17:15:17 +00:00
|
|
|
} // namespace WebCore
|