[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.16-1409-g5afdf4d
xan at webkit.org
xan at webkit.org
Thu Dec 3 13:24:53 UTC 2009
The following commit has been merged in the webkit-1.1 branch:
commit 002b61ed8e06e49e5fad2b8f115ec2f911b9e833
Author: xan at webkit.org <xan at webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Nov 2 19:25:23 2009 +0000
2009-11-02 Xan Lopez <xlopez at igalia.com>
Reviewed by Jan Alonzo.
[GTK] Remove Referer when redirecting to non-secure site
https://bugs.webkit.org/show_bug.cgi?id=31021
Remove referer from HTTP headers when redirecting to a non-secure
site.
* platform/network/soup/ResourceHandleSoup.cpp:
(WebCore::restartedCallback):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@50423 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index e327f25..23c032c 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2009-11-02 Xan Lopez <xlopez at igalia.com>
+
+ Reviewed by Jan Alonzo.
+
+ [GTK] Remove Referer when redirecting to non-secure site
+ https://bugs.webkit.org/show_bug.cgi?id=31021
+
+ Remove referer from HTTP headers when redirecting to a non-secure
+ site.
+
+ * platform/network/soup/ResourceHandleSoup.cpp:
+ (WebCore::restartedCallback):
+
2009-11-02 Alexey Proskuryakov <ap at apple.com>
Reviewed by Dan Bernstein.
diff --git a/WebCore/platform/network/soup/ResourceHandleSoup.cpp b/WebCore/platform/network/soup/ResourceHandleSoup.cpp
index 2177bd2..a738af5 100644
--- a/WebCore/platform/network/soup/ResourceHandleSoup.cpp
+++ b/WebCore/platform/network/soup/ResourceHandleSoup.cpp
@@ -200,6 +200,13 @@ static void restartedCallback(SoupMessage* msg, gpointer data)
request.setURL(newURL);
request.setHTTPMethod(msg->method);
fillResponseFromMessage(msg, &response);
+
+ // Should not set Referer after a redirect from a secure resource to non-secure one.
+ if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https")) {
+ request.clearHTTPReferrer();
+ soup_message_headers_remove(msg->request_headers, "Referer");
+ }
+
if (d->client())
d->client()->willSendRequest(handle, request, response);
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list