1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CONTENT_PUBLIC_COMMON_REFERRER_H_ 6 #define CONTENT_PUBLIC_COMMON_REFERRER_H_ 7 8 #include "base/logging.h" 9 #include "content/common/content_export.h" 10 #include "third_party/WebKit/public/platform/WebReferrerPolicy.h" 11 #include "url/gurl.h" 12 13 namespace content { 14 15 // This struct holds a referrer URL, as well as the referrer policy to be 16 // applied to this URL. When passing around referrers that will eventually end 17 // up being used for URL requests, always use this struct. 18 struct CONTENT_EXPORT Referrer { ReferrerReferrer19 Referrer(const GURL& url, blink::WebReferrerPolicy policy) : url(url), 20 policy(policy) { 21 } ReferrerReferrer22 Referrer() : policy(blink::WebReferrerPolicyDefault) { 23 } 24 25 GURL url; 26 blink::WebReferrerPolicy policy; 27 SanitizeForRequestReferrer28 static Referrer SanitizeForRequest(const GURL& request, 29 const Referrer& referrer) { 30 Referrer sanitized_referrer(referrer.url.GetAsReferrer(), referrer.policy); 31 32 if (!request.SchemeIsHTTPOrHTTPS() || 33 !sanitized_referrer.url.SchemeIsHTTPOrHTTPS()) { 34 sanitized_referrer.url = GURL(); 35 return sanitized_referrer; 36 } 37 38 switch (sanitized_referrer.policy) { 39 case blink::WebReferrerPolicyDefault: 40 if (sanitized_referrer.url.SchemeIsSecure() && 41 !request.SchemeIsSecure()) { 42 sanitized_referrer.url = GURL(); 43 } 44 break; 45 case blink::WebReferrerPolicyAlways: 46 break; 47 case blink::WebReferrerPolicyNever: 48 sanitized_referrer.url = GURL(); 49 break; 50 case blink::WebReferrerPolicyOrigin: 51 sanitized_referrer.url = sanitized_referrer.url.GetOrigin(); 52 break; 53 default: 54 NOTREACHED(); 55 break; 56 } 57 return sanitized_referrer; 58 } 59 }; 60 61 } // namespace content 62 63 #endif // CONTENT_PUBLIC_COMMON_REFERRER_H_ 64