DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Mercurial (d38398e5144e)

VCS Links

ReferrerPolicy

Macros

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef ReferrerPolicy_h__
#define ReferrerPolicy_h__

#include "nsStringGlue.h"
#include "nsIHttpChannel.h"
#include "nsUnicharUtils.h"

namespace mozilla { namespace net {

enum ReferrerPolicy {
  /* spec tokens: never no-referrer */
  RP_No_Referrer                 = nsIHttpChannel::REFERRER_POLICY_NO_REFERRER,

  /* spec tokens: origin */
  RP_Origin                      = nsIHttpChannel::REFERRER_POLICY_ORIGIN,

  /* spec tokens: default no-referrer-when-downgrade */
  RP_No_Referrer_When_Downgrade  = nsIHttpChannel::REFERRER_POLICY_NO_REFERRER_WHEN_DOWNGRADE,

  /* spec tokens: origin-when-cross-origin */
  RP_Origin_When_Crossorigin     = nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN,

  /* spec tokens: always unsafe-url */
  RP_Unsafe_URL                  = nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL,

  /* spec tokens: same-origin */
  RP_Same_Origin                = nsIHttpChannel::REFERRER_POLICY_SAME_ORIGIN,

  /* spec tokens: strict-origin */
  RP_Strict_Origin               = nsIHttpChannel::REFERRER_POLICY_STRICT_ORIGIN,

  /* spec tokens: strict-origin-when-cross-origin */
  RP_Strict_Origin_When_Cross_Origin = nsIHttpChannel::REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN,

  /* spec tokens: empty string */
  /* The empty string "" corresponds to no referrer policy, or unset policy */
  RP_Unset                       = nsIHttpChannel::REFERRER_POLICY_UNSET,
};

/* spec tokens: never no-referrer */
const char kRPS_Never[]                       = "never";
const char kRPS_No_Referrer[]                 = "no-referrer";

/* spec tokens: origin */
const char kRPS_Origin[]                      = "origin";

/* spec tokens: default no-referrer-when-downgrade */
const char kRPS_Default[]                     = "default";
const char kRPS_No_Referrer_When_Downgrade[]  = "no-referrer-when-downgrade";

/* spec tokens: origin-when-cross-origin */
const char kRPS_Origin_When_Cross_Origin[]    = "origin-when-cross-origin";
const char kRPS_Origin_When_Crossorigin[]     = "origin-when-crossorigin";

/* spec tokens: same-origin */
const char kRPS_Same_Origin[]                 = "same-origin";

/* spec tokens: strict-origin */
const char kRPS_Strict_Origin[]               = "strict-origin";

/* spec tokens: strict-origin-when-cross-origin */
const char kRPS_Strict_Origin_When_Cross_Origin[] = "strict-origin-when-cross-origin";

/* spec tokens: always unsafe-url */
const char kRPS_Always[]                      = "always";
const char kRPS_Unsafe_URL[]                  = "unsafe-url";

inline ReferrerPolicy
ReferrerPolicyFromString(const nsAString& content)
{
  if (content.IsEmpty()) {
    return RP_No_Referrer;
  }

  nsString lowerContent(content);
  ToLowerCase(lowerContent);
  // This is implemented step by step as described in the Referrer Policy
  // specification, section "Determine token's Policy".
  if (lowerContent.EqualsLiteral(kRPS_Never) ||
      lowerContent.EqualsLiteral(kRPS_No_Referrer)) {
    return RP_No_Referrer;
  }
  if (lowerContent.EqualsLiteral(kRPS_Origin)) {
    return RP_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Default) ||
      lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)) {
    return RP_No_Referrer_When_Downgrade;
  }
  if (lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin) ||
      lowerContent.EqualsLiteral(kRPS_Origin_When_Crossorigin)) {
    return RP_Origin_When_Crossorigin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Same_Origin)) {
    return RP_Same_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Strict_Origin)) {
    return RP_Strict_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)) {
    return RP_Strict_Origin_When_Cross_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Always) ||
      lowerContent.EqualsLiteral(kRPS_Unsafe_URL)) {
    return RP_Unsafe_URL;
  }
  // Spec says if none of the previous match, use empty string.
  return RP_Unset;

}

inline bool
IsValidReferrerPolicy(const nsAString& content)
{
  if (content.IsEmpty()) {
    return true;
  }

  nsString lowerContent(content);
  ToLowerCase(lowerContent);

  return lowerContent.EqualsLiteral(kRPS_Never)
      || lowerContent.EqualsLiteral(kRPS_No_Referrer)
      || lowerContent.EqualsLiteral(kRPS_Origin)
      || lowerContent.EqualsLiteral(kRPS_Default)
      || lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)
      || lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin)
      || lowerContent.EqualsLiteral(kRPS_Origin_When_Crossorigin)
      || lowerContent.EqualsLiteral(kRPS_Same_Origin)
      || lowerContent.EqualsLiteral(kRPS_Strict_Origin)
      || lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)
      || lowerContent.EqualsLiteral(kRPS_Always)
      || lowerContent.EqualsLiteral(kRPS_Unsafe_URL);
}

inline ReferrerPolicy
AttributeReferrerPolicyFromString(const nsAString& content)
{
  // Specs : https://html.spec.whatwg.org/multipage/infrastructure.html#referrer-policy-attribute
  // Spec says the empty string "" corresponds to no referrer policy, or RP_Unset
  if (content.IsEmpty()) {
    return RP_Unset;
  }

  nsString lowerContent(content);
  ToLowerCase(lowerContent);

  if (lowerContent.EqualsLiteral(kRPS_No_Referrer)) {
    return RP_No_Referrer;
  }
  if (lowerContent.EqualsLiteral(kRPS_Origin)) {
    return RP_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)) {
    return RP_No_Referrer_When_Downgrade;
  }
  if (lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin)) {
    return RP_Origin_When_Crossorigin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Unsafe_URL)) {
    return RP_Unsafe_URL;
  }
  if (lowerContent.EqualsLiteral(kRPS_Strict_Origin)) {
    return RP_Strict_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Same_Origin)) {
    return RP_Same_Origin;
  }
  if (lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)) {
    return RP_Strict_Origin_When_Cross_Origin;
  }

  // Spec says invalid value default is empty string state
  // So, return RP_Unset if none of the previous match, return RP_Unset
  return RP_Unset;
}

} // namespace net
} // namespace mozilla

#endif