New issue
Advanced search Search tips

Issue 641128 link

Starred by 1 user
Status: Fixed
Owner:
est...@chromium.org
Closed: Aug 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

Stop supporting legacy keywords in the Referrer-Policy header

Project Member Reported by est...@chromium.org, Aug 25 2016 
https://github.com/w3c/webappsec-referrer-policy/pull/66 removes legacy keyword support when parsing Referrer-Policy headers. There's no need to support these legacy keywords since there is no legacy usage of them in the new header.
Project Member

Comment 1 by bugdroid1@chromium.org, Aug 27 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9517b0e7af83a9c482e1a02dd8c31d146caf9b37

commit 9517b0e7af83a9c482e1a02dd8c31d146caf9b37
Author: estark <estark@chromium.org>
Date: Sat Aug 27 10:49:49 2016

Stop supporting legacy keywords in Referrer-Policy header

https://github.com/w3c/webappsec-referrer-policy/pull/66 removed support
for legacy keywords in the Referrer-Policy header. There is no need to
support these legacy keywords because the Referrer-Policy header is
brand new (not shipped yet) and there is no legacy usage.

In the course of implementing this, I realized that we do in fact
support legacy keywords for 'referrerpolicy' content attributes. This is
not necessary per the spec, but I left it as-is since we should measure
usage before removing support for legacy keywords in 'referrerpolicy'
attributes.

BUG= 641128 

Review-Url: https://codereview.chromium.org/2278823004
Cr-Commit-Position: refs/heads/master@{#414903}

[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/net/url_request/url_request_job.cc
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/net/url_request/url_request_job_unittest.cc
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/LayoutTests/http/tests/security/referrer-policy-invalid-expected.txt
[add] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/LayoutTests/http/tests/security/referrerPolicyHeader/legacy-always.php
[add] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/LayoutTests/http/tests/security/referrerPolicyHeader/legacy-default.php
[add] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/LayoutTests/http/tests/security/referrerPolicyHeader/legacy-never.php
[add] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/LayoutTests/http/tests/security/referrerPolicyHeader/legacy-origin-when-crossorigin.php
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/dom/DocumentTest.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/dom/ExecutionContext.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/dom/ExecutionContext.h
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/html/HTMLAnchorElement.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/html/HTMLImageElement.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/html/HTMLMetaElement-in.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp
[modify] https://crrev.com/9517b0e7af83a9c482e1a02dd8c31d146caf9b37/third_party/WebKit/Source/platform/weborigin/SecurityPolicy.h

Comment 2 by est...@chromium.org, Aug 27 2016

Status: Fixed (was: Assigned)

Sign in to add a comment