https://bugs.webkit.org/show_bug.cgi?id=152102
<rdar://problem/
22124230>
Reviewed by Andy Estes.
Source/WebCore:
Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
"Content-Disposition: attachment".
Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html
* dom/Document.cpp:
(WebCore::Document::processReferrerPolicy):
(WebCore::Document::applyContentDispositionAttachmentSandbox):
LayoutTests:
* http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
* http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
* http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194001
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2015-12-11 Jiewen Tan <jiewen_tan@apple.com>
+
+ Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
+ https://bugs.webkit.org/show_bug.cgi?id=152102
+ <rdar://problem/22124230>
+
+ Reviewed by Andy Estes.
+
+ * http/tests/contentdispositionattachmentsandbox/resources/echo-http-referer.php: Added.
+ * http/tests/contentdispositionattachmentsandbox/resources/subresource-request-not-include-referer-header-frame.php: Added.
+ * http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header-expected.txt: Added.
+ * http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html: Added.
+
2015-12-11 Eric Carlson <eric.carlson@apple.com>
[MediaStream] Add a setting to allow the mock media capture devices to be enabled and disabled
--- /dev/null
+<!DOCTYPE html>
+<script>
+if (window.parent.testRunner)
+ testRunner.notifyDone();
+</script>
+<?php
+echo $_SERVER['HTTP_REFERER'];
+?>
\ No newline at end of file
--- /dev/null
+<?php
+header("Content-Disposition: attachment; filename=test.html");
+header("Content-Type: text/html");
+?>
+<!DOCTYPE html>
+<style>
+a {
+ display: block;
+ width: 100vw;
+ height: 100vh;
+}
+
+</style>
+<a href="echo-http-referer.php">Link to echo-http-referer.php</a>
\ No newline at end of file
--- /dev/null
+This test verifies that a subresource loaded by a document which is loaded with Content-Disposition:attachment will not have http referer. Tess passes if no referer is printed.
+
+
+
+--------
+Frame: 'iframe'
+--------
+
--- /dev/null
+<!DOCTYPE html>
+<script>
+if (window.internals)
+ internals.settings.setContentDispositionAttachmentSandboxEnabled(true);
+
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+ testRunner.waitUntilDone();
+}
+
+function navigation() {
+ // Due to the sandbox, it's not possible to run script in the iframe or even access its contentDocument.
+ var element = document.getElementById('iframe');
+ var x = element.offsetLeft + 10;
+ var y = element.offsetTop + 10;
+
+ if (window.testRunner) {
+ if (window.eventSender) {
+ eventSender.mouseMoveTo(x, y);
+ eventSender.mouseDown();
+ eventSender.mouseUp();
+ }
+
+ if (testRunner.runUIScript)
+ testRunner.runUIScript("(function() { uiController.singleTapAtPoint(" + x + ", " + y + "); })()");
+ }
+}
+</script>
+<p>This test verifies that a subresource loaded by a document which is loaded with Content-Disposition:attachment will not have http referer. Tess passes if no referer is printed.</p>
+<iframe id='iframe' src="resources/subresource-request-not-include-referer-header-frame.php" onload="navigation()"></iframe>
+2015-12-11 Jiewen Tan <jiewen_tan@apple.com>
+
+ Strip out Referer header when requesting subresources or following links for documents with "Content-Disposition: attachment"
+ https://bugs.webkit.org/show_bug.cgi?id=152102
+ <rdar://problem/22124230>
+
+ Reviewed by Andy Estes.
+
+ Keep the ReferrerPolicy for a document as ReferrerPolicyNever if the document is loaded with
+ "Content-Disposition: attachment".
+
+ Test: http/tests/contentdispositionattachmentsandbox/subresource-request-not-include-referer-header.html
+
+ * dom/Document.cpp:
+ (WebCore::Document::processReferrerPolicy):
+ (WebCore::Document::applyContentDispositionAttachmentSandbox):
+
2015-12-11 Eric Carlson <eric.carlson@apple.com>
[MediaStream] Add a setting to allow the mock media capture devices to be enabled and disabled
{
ASSERT(!policy.isNull());
+ // Documents in a Content-Disposition: attachment sandbox should never send a Referer header,
+ // even if the document has a meta tag saying otherwise.
+ if (shouldEnforceContentDispositionAttachmentSandbox())
+ return;
+
// Note that we're supporting both the standard and legacy keywords for referrer
// policies, as defined by http://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-meta
if (equalIgnoringCase(policy, "no-referrer") || equalIgnoringCase(policy, "never"))
{
ASSERT(shouldEnforceContentDispositionAttachmentSandbox());
+ setReferrerPolicy(ReferrerPolicyNever);
if (!isMediaDocument())
enforceSandboxFlags(SandboxAll);
else