Index: extensions/cookie/jar.mn
===================================================================
RCS file: /cvsroot/mozilla/extensions/cookie/jar.mn,v
retrieving revision 1.5
diff -u -r1.5 jar.mn
--- extensions/cookie/jar.mn 2002/02/06 21:55:16 1.5
+++ extensions/cookie/jar.mn 2002/02/27 12:15:49
@@ -5,6 +5,7 @@
content/cookie/cookiePrefsOverlay.xul (resources/content/cookiePrefsOverlay.xul)
content/cookie/pref-cookies.xul (resources/content/pref-cookies.xul)
content/cookie/pref-images.xul (resources/content/pref-images.xul)
+ content/cookie/pref-referrer.xul (resources/content/pref-referrer.xul)
content/cookie/cookieOverlay.js (resources/content/cookieOverlay.js)
content/cookie/p3p.xul (resources/content/p3p.xul)
content/cookie/taskbar-cookie.gif (resources/content/taskbar-cookie.gif)
@@ -16,4 +17,5 @@
locale/en-US/cookie/cookiePrefsOverlay.dtd (resources/locale/en-US/cookiePrefsOverlay.dtd)
locale/en-US/cookie/pref-cookies.dtd (resources/locale/en-US/pref-cookies.dtd)
locale/en-US/cookie/pref-images.dtd (resources/locale/en-US/pref-images.dtd)
+ locale/en-US/cookie/pref-referrer.dtd (resources/locale/en-US/pref-referrer.dtd)
locale/en-US/cookie/p3p.dtd (resources/locale/en-US/p3p.dtd)
Index: extensions/cookie/resources/content/cookiePrefsOverlay.xul
===================================================================
RCS file: /cvsroot/mozilla/extensions/cookie/resources/content/cookiePrefsOverlay.xul,v
retrieving revision 1.5
diff -u -r1.5 cookiePrefsOverlay.xul
--- extensions/cookie/resources/content/cookiePrefsOverlay.xul 2002/01/03 22:57:59 1.5
+++ extensions/cookie/resources/content/cookiePrefsOverlay.xul 2002/02/27 12:15:50
@@ -40,6 +40,12 @@
label="&images.label;"/>
+
+
+
+
+
Index: extensions/cookie/resources/content/p3p.xul
===================================================================
RCS file: /cvsroot/mozilla/extensions/cookie/resources/content/p3p.xul,v
retrieving revision 1.6
diff -u -r1.6 p3p.xul
--- extensions/cookie/resources/content/p3p.xul 2002/02/13 21:10:57 1.6
+++ extensions/cookie/resources/content/p3p.xul 2002/02/27 12:15:51
@@ -65,10 +65,10 @@
function init()
{
- // get pref service
- pref = Components.classes['@mozilla.org/preferences-service;1'];
- pref = pref.getService();
- pref = pref.QueryInterface(Components.interfaces.nsIPrefBranch);
+ // get pref service
+ pref = Components.classes['@mozilla.org/preferences-service;1'];
+ pref = pref.getService();
+ pref = pref.QueryInterface(Components.interfaces.nsIPrefBranch);
var p3pLevel = medium;
try {
Index: extensions/cookie/resources/locale/en-US/cookiePrefsOverlay.dtd
===================================================================
RCS file: /cvsroot/mozilla/extensions/cookie/resources/locale/en-US/cookiePrefsOverlay.dtd,v
retrieving revision 1.1
diff -u -r1.1 cookiePrefsOverlay.dtd
--- extensions/cookie/resources/locale/en-US/cookiePrefsOverlay.dtd 2001/02/21 05:09:55 1.1
+++ extensions/cookie/resources/locale/en-US/cookiePrefsOverlay.dtd 2002/02/27 12:15:51
@@ -1,2 +1,3 @@
+
Index: netwerk/protocol/http/public/nsIHttpChannel.idl
===================================================================
RCS file: /cvsroot/mozilla/netwerk/protocol/http/public/nsIHttpChannel.idl,v
retrieving revision 1.5
diff -u -r1.5 nsIHttpChannel.idl
--- netwerk/protocol/http/public/nsIHttpChannel.idl 2002/01/09 04:18:45 1.5
+++ netwerk/protocol/http/public/nsIHttpChannel.idl 2002/02/27 12:16:15
@@ -41,18 +41,22 @@
/**
* Get/set the referrer URI on the request. This is the address (URI) of
* the resource from which this channel's URI was obtained (see RFC2616
- * section 14.36). The referrer type may be used to block the referrer
- * from being sent in certain cases.
+ * section 14.36). The referrer type may be used to block or modify the
+ * referrer in certain cases.
*/
readonly attribute nsIURI referrer;
void setReferrer(in nsIURI referrer, in unsigned long referrerType);
/* possible values for the referrerType */
- const unsigned long REFERRER_NONE = 0;
- const unsigned long REFERRER_LINK_CLICK = 1; // http link clicks
- const unsigned long REFERRER_INLINES = 2; // images and other inlines
- const unsigned long REFERRER_NON_HTTP = 3; // e.g. news or FTP clicks
-
+ const unsigned long REFERRER_NONE = 0;
+ const unsigned long REFERRER_LINK_CLICK = 1; /* http link clicks */
+ const unsigned long REFERRER_INLINES = 2; /* images and other inlines */
+ const unsigned long REFERRER_NON_HTTP = 3; /* e.g. news or FTP clicks */
+ const unsigned long REFERRER_SAME_HOST_ONLY = 4; /* Send the referrer only for requests from the same host, otherwise send no referrer. */
+ const unsigned long REFERRER_3RDPARTY_PREPATH = 5; /* Send the referrer only for requests from the same host, otherwise send target URI's pre-path as the referrer. */
+ const unsigned long REFERRER_PREPATH_URI_ALWAYS = 6; /* Always send the target URI's pre-path as the referrer. */
+ const unsigned long REFERRER_ALWAYS = 255;
+
/**
* Header strings are case insensitive
*/
Index: netwerk/protocol/http/src/nsHttpChannel.cpp
===================================================================
RCS file: /cvsroot/mozilla/netwerk/protocol/http/src/nsHttpChannel.cpp,v
retrieving revision 1.89
diff -u -r1.89 nsHttpChannel.cpp
--- netwerk/protocol/http/src/nsHttpChannel.cpp 2002/02/13 07:25:35 1.89
+++ netwerk/protocol/http/src/nsHttpChannel.cpp 2002/02/27 12:16:21
@@ -2119,77 +2119,122 @@
"file",
"mailbox",
"imap",
+ "imaps",
"news",
"snews",
- "imaps",
"data",
nsnull
};
+
NS_ENSURE_TRUE(!mIsPending, NS_ERROR_IN_PROGRESS);
- if (nsHttpHandler::get()->ReferrerLevel() < referrerType)
- return NS_OK;
+ // clear the old referer first
+ mRequestHead.SetHeader(nsHttp::Referer, nsnull);
- // don't remember this referrer if it's on our black list....
- if (referrer) {
- PRBool match = PR_FALSE;
+ PRUint8 referrerLevel = nsHttpHandler::get()->ReferrerLevel();
- const char *const *scheme = invalidReferrerSchemes;
- for (; *scheme && !match; ++scheme)
- referrer->SchemeIs(*scheme, &match);
+ // Maintain compatability with pre-0.99 usage of referrer levels
+ if (referrerLevel == REFERRER_NONE || (referrerLevel <= REFERRER_NON_HTTP && referrerLevel < referrerType))
+ return NS_OK;
- if (match)
- return NS_OK; // kick out....
+ if (!referrer || !mURI)
+ return NS_OK;
+
+ // Don't send the referrer if has a scheme in the above list.
+ PRBool match = PR_FALSE;
+ const char *const *scheme = invalidReferrerSchemes;
+ for (; *scheme && !match; ++scheme)
+ referrer->SchemeIs(*scheme, &match);
+ if (match) {
+ // If the user has configured the referrer override, force the referrer type to send the target URI's
+ // pre-path (REFERRER_PREPATH_URI_ALWAYS), even for schemes that normally wouldn't be allowed to send referrers.
+ if(nsHttpHandler::get()->ReferrerSchemeOverride())
+ referrerLevel = REFERRER_PREPATH_URI_ALWAYS;
+ else
+ return NS_OK;
}
+ nsXPIDLCString referrerHost, host;
+ nsresult rv;
+
+ rv = referrer->GetHost(getter_Copies(referrerHost));
+ if (NS_FAILED(rv))
+ return NS_OK;
+ rv = mURI->GetHost(getter_Copies(host));
+ if (NS_FAILED(rv))
+ return NS_OK;
+
// Handle secure referrals.
// Support referrals from a secure server if this is a secure site
// and the host names are the same.
- if (referrer) {
- PRBool isHTTPS = PR_FALSE;
- referrer->SchemeIs("https", &isHTTPS);
- if (isHTTPS) {
- nsXPIDLCString referrerHost;
- nsXPIDLCString host;
- referrer->GetHost(getter_Copies(referrerHost));
- mURI->GetHost(getter_Copies(host));
- mURI->SchemeIs("https",&isHTTPS);
-
- if (nsCRT::strcasecmp(referrerHost, host) != 0) {
- return NS_OK;
- }
+ PRBool isHTTPS = PR_FALSE;
+ referrer->SchemeIs("https", &isHTTPS);
+ if (isHTTPS) {
+ mURI->SchemeIs("https", &isHTTPS);
- if (!isHTTPS) {
- return NS_OK;
- }
- }
+ if (!isHTTPS || nsCRT::strcasecmp(referrerHost, host) != 0)
+ return NS_OK;
}
+
// save a copy of the referrer so we can return it if requested
mReferrer = referrer;
// save a copy of the referrer type for redirects
mReferrerType = (PRUint8) referrerType;
- // clear the old referer first
- mRequestHead.SetHeader(nsHttp::Referer, nsnull);
- if (referrer) {
- nsXPIDLCString spec;
- referrer->GetSpec(getter_Copies(spec));
- if (spec) {
- nsCAutoString ref(spec.get());
- // strip away any prehost; we don't want to be giving out passwords ;-)
- nsXPIDLCString prehost;
- referrer->GetPreHost(getter_Copies(prehost));
- if (prehost && *prehost) {
- PRUint32 prehostLoc = PRUint32(ref.Find(prehost.get(), PR_TRUE));
- ref.Cut(prehostLoc, nsCharTraits::length(prehost) + 1); // + 1 for @
+ nsIURI *refPtr = referrer;
+ PRBool sendURIPath = PR_TRUE;
+
+ switch(referrerLevel) {
+ // Send the referrer only for requests from the same host, otherwise send no referrer.
+ case REFERRER_SAME_HOST_ONLY:
+ if (nsCRT::strcasecmp(referrerHost, host) == 0)
+ refPtr = referrer; // Hosts match, so send the real referrer.
+ else
+ return NS_OK; // No match, send no referrer.
+ break;
+
+ // Send the referrer only for requests from the same host, otherwise send target URI's pre-path as the referrer.
+ case REFERRER_3RDPARTY_PREPATH:
+ if (nsCRT::strcasecmp(referrerHost, host) == 0)
+ refPtr = referrer; // Hosts match, so send the real referrer.
+ else {
+ refPtr = mURI; // Hosts do not match - send the target URI's pre-path.
+ sendURIPath = PR_FALSE;
}
- mRequestHead.SetHeader(nsHttp::Referer, ref.get());
- }
+ break;
+
+ // Always send the target URI's pre-path as the referrer.
+ case REFERRER_PREPATH_URI_ALWAYS:
+ refPtr = mURI;
+ sendURIPath = PR_FALSE;
+ break;
}
+
+
+ if (!refPtr)
+ return NS_OK;
+
+ nsCOMPtr theReferrer = nsnull;
+ rv = refPtr->Clone(getter_AddRefs(theReferrer));
+ if (NS_FAILED(rv) || !theReferrer)
+ return NS_OK;
+
+ // Never send the pre-host (usernames & passwords).
+ theReferrer->SetPreHost(nsnull);
+
+ if (!sendURIPath)
+ theReferrer->SetPath(nsnull);
+
+ // Set the referrer header.
+ nsXPIDLCString refStr;
+ rv = theReferrer->GetSpec(getter_Copies(refStr));
+ if (NS_SUCCEEDED(rv))
+ mRequestHead.SetHeader(nsHttp::Referer, refStr.get());
+
return NS_OK;
}
Index: netwerk/protocol/http/src/nsHttpHandler.cpp
===================================================================
RCS file: /cvsroot/mozilla/netwerk/protocol/http/src/nsHttpHandler.cpp,v
retrieving revision 1.50
diff -u -r1.50 nsHttpHandler.cpp
--- netwerk/protocol/http/src/nsHttpHandler.cpp 2002/02/22 14:02:40 1.50
+++ netwerk/protocol/http/src/nsHttpHandler.cpp 2002/02/27 12:16:25
@@ -100,6 +100,7 @@
: mAuthCache(nsnull)
, mHttpVersion(NS_HTTP_VERSION_1_1)
, mReferrerLevel(0xff) // by default we always send a referrer
+ , mReferrerSchemeOverride(PR_FALSE)
, mCapabilities(NS_HTTP_ALLOW_KEEPALIVE)
, mProxyCapabilities(NS_HTTP_ALLOW_KEEPALIVE)
, mIdleTimeout(10)
@@ -1129,6 +1130,7 @@
{
nsresult rv = NS_OK;
PRInt32 val;
+ PRBool cVar = PR_FALSE;
LOG(("nsHttpHandler::PrefsChanged [pref=%s]\n", pref));
@@ -1259,6 +1261,12 @@
if (NS_SUCCEEDED(rv))
mReferrerLevel = (PRUint8) CLAMP(val, 0, 0xff);
}
+
+ if (PREF_CHANGED(HTTP_PREF("referrerSchemeOverride"))) {
+ rv = prefs->GetBoolPref(HTTP_PREF("referrerSchemeOverride"), &cVar);
+ if (NS_SUCCEEDED(rv))
+ mReferrerSchemeOverride = cVar;
+ }
if (PREF_CHANGED(HTTP_PREF("redirection-limit"))) {
rv = prefs->GetIntPref(HTTP_PREF("redirection-limit"), &val);
@@ -1288,8 +1296,6 @@
mProxyCapabilities = 0;
}
}
-
- PRBool cVar = PR_FALSE;
if (PREF_CHANGED(HTTP_PREF("keep-alive"))) {
rv = prefs->GetBoolPref(HTTP_PREF("keep-alive"), &cVar);
Index: netwerk/protocol/http/src/nsHttpHandler.h
===================================================================
RCS file: /cvsroot/mozilla/netwerk/protocol/http/src/nsHttpHandler.h,v
retrieving revision 1.23
diff -u -r1.23 nsHttpHandler.h
--- netwerk/protocol/http/src/nsHttpHandler.h 2001/12/08 00:23:04 1.23
+++ netwerk/protocol/http/src/nsHttpHandler.h 2002/02/27 12:16:28
@@ -84,12 +84,13 @@
PRBool IsAcceptableEncoding(const char *encoding);
const char *UserAgent();
- nsHttpVersion DefaultVersion() { return mHttpVersion; }
- PRUint8 ReferrerLevel() { return mReferrerLevel; }
- PRUint8 RedirectionLimit() { return mRedirectionLimit; }
- PRUint16 IdleTimeout() { return mIdleTimeout; }
- PRUint16 MaxRequestAttempts() { return mMaxRequestAttempts; }
- nsIIDNService *IDNConverter() { return mIDNConverter; }
+ nsHttpVersion DefaultVersion() { return mHttpVersion; }
+ PRUint8 ReferrerLevel() { return mReferrerLevel; }
+ PRBool ReferrerSchemeOverride() { return mReferrerSchemeOverride; }
+ PRUint8 RedirectionLimit() { return mRedirectionLimit; }
+ PRUint16 IdleTimeout() { return mIdleTimeout; }
+ PRUint16 MaxRequestAttempts() { return mMaxRequestAttempts; }
+ nsIIDNService *IDNConverter() { return mIDNConverter; }
nsHttpAuthCache *AuthCache() { return mAuthCache; }
@@ -216,10 +217,11 @@
// prefs
//
- PRUint8 mHttpVersion;
- PRUint8 mReferrerLevel;
- PRUint8 mCapabilities;
- PRUint8 mProxyCapabilities;
+ PRUint8 mHttpVersion;
+ PRUint8 mReferrerLevel;
+ PRPackedBool mReferrerSchemeOverride;
+ PRUint8 mCapabilities;
+ PRUint8 mProxyCapabilities;
PRUint16 mIdleTimeout;
PRUint16 mMaxRequestAttempts;