Line data Source code
1 : /* This Source Code Form is subject to the terms of the Mozilla Public
2 : * License, v. 2.0. If a copy of the MPL was not distributed with this
3 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 :
5 : #ifndef ReferrerPolicy_h__
6 : #define ReferrerPolicy_h__
7 :
8 : #include "nsStringGlue.h"
9 : #include "nsIHttpChannel.h"
10 : #include "nsUnicharUtils.h"
11 :
12 : namespace mozilla { namespace net {
13 :
14 : enum ReferrerPolicy {
15 : /* spec tokens: never no-referrer */
16 : RP_No_Referrer = nsIHttpChannel::REFERRER_POLICY_NO_REFERRER,
17 :
18 : /* spec tokens: origin */
19 : RP_Origin = nsIHttpChannel::REFERRER_POLICY_ORIGIN,
20 :
21 : /* spec tokens: default no-referrer-when-downgrade */
22 : RP_No_Referrer_When_Downgrade = nsIHttpChannel::REFERRER_POLICY_NO_REFERRER_WHEN_DOWNGRADE,
23 :
24 : /* spec tokens: origin-when-cross-origin */
25 : RP_Origin_When_Crossorigin = nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN,
26 :
27 : /* spec tokens: always unsafe-url */
28 : RP_Unsafe_URL = nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL,
29 :
30 : /* spec tokens: same-origin */
31 : RP_Same_Origin = nsIHttpChannel::REFERRER_POLICY_SAME_ORIGIN,
32 :
33 : /* spec tokens: strict-origin */
34 : RP_Strict_Origin = nsIHttpChannel::REFERRER_POLICY_STRICT_ORIGIN,
35 :
36 : /* spec tokens: strict-origin-when-cross-origin */
37 : RP_Strict_Origin_When_Cross_Origin = nsIHttpChannel::REFERRER_POLICY_STRICT_ORIGIN_WHEN_XORIGIN,
38 :
39 : /* spec tokens: empty string */
40 : /* The empty string "" corresponds to no referrer policy, or unset policy */
41 : RP_Unset = nsIHttpChannel::REFERRER_POLICY_UNSET,
42 : };
43 :
44 : /* spec tokens: never no-referrer */
45 : const char kRPS_Never[] = "never";
46 : const char kRPS_No_Referrer[] = "no-referrer";
47 :
48 : /* spec tokens: origin */
49 : const char kRPS_Origin[] = "origin";
50 :
51 : /* spec tokens: default no-referrer-when-downgrade */
52 : const char kRPS_Default[] = "default";
53 : const char kRPS_No_Referrer_When_Downgrade[] = "no-referrer-when-downgrade";
54 :
55 : /* spec tokens: origin-when-cross-origin */
56 : const char kRPS_Origin_When_Cross_Origin[] = "origin-when-cross-origin";
57 : const char kRPS_Origin_When_Crossorigin[] = "origin-when-crossorigin";
58 :
59 : /* spec tokens: same-origin */
60 : const char kRPS_Same_Origin[] = "same-origin";
61 :
62 : /* spec tokens: strict-origin */
63 : const char kRPS_Strict_Origin[] = "strict-origin";
64 :
65 : /* spec tokens: strict-origin-when-cross-origin */
66 : const char kRPS_Strict_Origin_When_Cross_Origin[] = "strict-origin-when-cross-origin";
67 :
68 : /* spec tokens: always unsafe-url */
69 : const char kRPS_Always[] = "always";
70 : const char kRPS_Unsafe_URL[] = "unsafe-url";
71 :
72 : inline ReferrerPolicy
73 0 : ReferrerPolicyFromString(const nsAString& content)
74 : {
75 0 : if (content.IsEmpty()) {
76 0 : return RP_No_Referrer;
77 : }
78 :
79 0 : nsString lowerContent(content);
80 0 : ToLowerCase(lowerContent);
81 : // This is implemented step by step as described in the Referrer Policy
82 : // specification, section "Determine token's Policy".
83 0 : if (lowerContent.EqualsLiteral(kRPS_Never) ||
84 0 : lowerContent.EqualsLiteral(kRPS_No_Referrer)) {
85 0 : return RP_No_Referrer;
86 : }
87 0 : if (lowerContent.EqualsLiteral(kRPS_Origin)) {
88 0 : return RP_Origin;
89 : }
90 0 : if (lowerContent.EqualsLiteral(kRPS_Default) ||
91 0 : lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)) {
92 0 : return RP_No_Referrer_When_Downgrade;
93 : }
94 0 : if (lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin) ||
95 0 : lowerContent.EqualsLiteral(kRPS_Origin_When_Crossorigin)) {
96 0 : return RP_Origin_When_Crossorigin;
97 : }
98 0 : if (lowerContent.EqualsLiteral(kRPS_Same_Origin)) {
99 0 : return RP_Same_Origin;
100 : }
101 0 : if (lowerContent.EqualsLiteral(kRPS_Strict_Origin)) {
102 0 : return RP_Strict_Origin;
103 : }
104 0 : if (lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)) {
105 0 : return RP_Strict_Origin_When_Cross_Origin;
106 : }
107 0 : if (lowerContent.EqualsLiteral(kRPS_Always) ||
108 0 : lowerContent.EqualsLiteral(kRPS_Unsafe_URL)) {
109 0 : return RP_Unsafe_URL;
110 : }
111 : // Spec says if none of the previous match, use empty string.
112 0 : return RP_Unset;
113 :
114 : }
115 :
116 : inline bool
117 0 : IsValidReferrerPolicy(const nsAString& content)
118 : {
119 0 : if (content.IsEmpty()) {
120 0 : return true;
121 : }
122 :
123 0 : nsString lowerContent(content);
124 0 : ToLowerCase(lowerContent);
125 :
126 0 : return lowerContent.EqualsLiteral(kRPS_Never)
127 0 : || lowerContent.EqualsLiteral(kRPS_No_Referrer)
128 0 : || lowerContent.EqualsLiteral(kRPS_Origin)
129 0 : || lowerContent.EqualsLiteral(kRPS_Default)
130 0 : || lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)
131 0 : || lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin)
132 0 : || lowerContent.EqualsLiteral(kRPS_Origin_When_Crossorigin)
133 0 : || lowerContent.EqualsLiteral(kRPS_Same_Origin)
134 0 : || lowerContent.EqualsLiteral(kRPS_Strict_Origin)
135 0 : || lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)
136 0 : || lowerContent.EqualsLiteral(kRPS_Always)
137 0 : || lowerContent.EqualsLiteral(kRPS_Unsafe_URL);
138 : }
139 :
140 : inline ReferrerPolicy
141 0 : AttributeReferrerPolicyFromString(const nsAString& content)
142 : {
143 : // Specs : https://html.spec.whatwg.org/multipage/infrastructure.html#referrer-policy-attribute
144 : // Spec says the empty string "" corresponds to no referrer policy, or RP_Unset
145 0 : if (content.IsEmpty()) {
146 0 : return RP_Unset;
147 : }
148 :
149 0 : nsString lowerContent(content);
150 0 : ToLowerCase(lowerContent);
151 :
152 0 : if (lowerContent.EqualsLiteral(kRPS_No_Referrer)) {
153 0 : return RP_No_Referrer;
154 : }
155 0 : if (lowerContent.EqualsLiteral(kRPS_Origin)) {
156 0 : return RP_Origin;
157 : }
158 0 : if (lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)) {
159 0 : return RP_No_Referrer_When_Downgrade;
160 : }
161 0 : if (lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin)) {
162 0 : return RP_Origin_When_Crossorigin;
163 : }
164 0 : if (lowerContent.EqualsLiteral(kRPS_Unsafe_URL)) {
165 0 : return RP_Unsafe_URL;
166 : }
167 0 : if (lowerContent.EqualsLiteral(kRPS_Strict_Origin)) {
168 0 : return RP_Strict_Origin;
169 : }
170 0 : if (lowerContent.EqualsLiteral(kRPS_Same_Origin)) {
171 0 : return RP_Same_Origin;
172 : }
173 0 : if (lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)) {
174 0 : return RP_Strict_Origin_When_Cross_Origin;
175 : }
176 :
177 : // Spec says invalid value default is empty string state
178 : // So, return RP_Unset if none of the previous match, return RP_Unset
179 0 : return RP_Unset;
180 : }
181 :
182 : } // namespace net
183 : } // namespace mozilla
184 :
185 : #endif
|
