Source/WebCore/platform/ReferrerPolicy.cpp - WebKit - Git at Google

 /*
  * Copyright (C) 2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
  *     notice, this list of conditions and the following disclaimer in the
  *     documentation and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND ANY
  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  * DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
  * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */

 #include "config.h"
 #include "ReferrerPolicy.h"

 #include "HTTPParsers.h"
 #include <wtf/Optional.h>

 namespace WebCore {

 enum class ShouldParseLegacyKeywords { No, Yes };

 static Optional<ReferrerPolicy> parseReferrerPolicyToken(StringView policy, ShouldParseLegacyKeywords shouldParseLegacyKeywords)
 {
     // "never" / "default" / "always" are legacy keywords that we support and still defined in the HTML specification:
     // https://html.spec.whatwg.org/#meta-referrer
     if (shouldParseLegacyKeywords == ShouldParseLegacyKeywords::Yes) {
         if (equalLettersIgnoringASCIICase(policy, "never"))
             return ReferrerPolicy::NoReferrer;
         if (equalLettersIgnoringASCIICase(policy, "always"))
             return ReferrerPolicy::UnsafeUrl;
         if (equalLettersIgnoringASCIICase(policy, "default"))
             return ReferrerPolicy::NoReferrerWhenDowngrade;
     }

     if (equalLettersIgnoringASCIICase(policy, "no-referrer"))
         return ReferrerPolicy::NoReferrer;
     if (equalLettersIgnoringASCIICase(policy, "unsafe-url"))
         return ReferrerPolicy::UnsafeUrl;
     if (equalLettersIgnoringASCIICase(policy, "origin"))
         return ReferrerPolicy::Origin;
     if (equalLettersIgnoringASCIICase(policy, "origin-when-cross-origin"))
         return ReferrerPolicy::OriginWhenCrossOrigin;
     if (equalLettersIgnoringASCIICase(policy, "same-origin"))
         return ReferrerPolicy::SameOrigin;
     if (equalLettersIgnoringASCIICase(policy, "strict-origin"))
         return ReferrerPolicy::StrictOrigin;
     if (equalLettersIgnoringASCIICase(policy, "strict-origin-when-cross-origin"))
         return ReferrerPolicy::StrictOriginWhenCrossOrigin;
     if (equalLettersIgnoringASCIICase(policy, "no-referrer-when-downgrade"))
         return ReferrerPolicy::NoReferrerWhenDowngrade;
     if (!policy.isNull() && policy.isEmpty())
         return ReferrerPolicy::EmptyString;

     return WTF::nullopt;
 }

 Optional<ReferrerPolicy> parseReferrerPolicy(StringView policyString, ReferrerPolicySource source)
 {
     switch (source) {
     case ReferrerPolicySource::HTTPHeader: {
         // Implementing https://www.w3.org/TR/2017/CR-referrer-policy-20170126/#parse-referrer-policy-from-header.
         Optional<ReferrerPolicy> result;
         for (auto tokenView : policyString.split(',')) {
             auto token = parseReferrerPolicyToken(stripLeadingAndTrailingHTTPSpaces(tokenView), ShouldParseLegacyKeywords::No);
             if (token && token.value() != ReferrerPolicy::EmptyString)
                 result = token.value();
         }
         return result;
     }
     case ReferrerPolicySource::MetaTag:
         return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::Yes);
     case ReferrerPolicySource::ReferrerPolicyAttribute:
         return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::No);
     }
     ASSERT_NOT_REACHED();
     return WTF::nullopt;
 }

 String referrerPolicyToString(const ReferrerPolicy& referrerPolicy)
 {
     switch (referrerPolicy) {
     case ReferrerPolicy::NoReferrer:
         return "no-referrer"_s;
     case ReferrerPolicy::UnsafeUrl:
         return "unsafe-url"_s;
     case ReferrerPolicy::Origin:
         return "origin"_s;
     case ReferrerPolicy::OriginWhenCrossOrigin:
         return "origin-when-cross-origin"_s;
     case ReferrerPolicy::SameOrigin:
         return "same-origin"_s;
     case ReferrerPolicy::StrictOrigin:
         return "strict-origin"_s;
     case ReferrerPolicy::StrictOriginWhenCrossOrigin:
         return "strict-origin-when-cross-origin"_s;
     case ReferrerPolicy::NoReferrerWhenDowngrade:
         return "no-referrer-when-downgrade"_s;
     case ReferrerPolicy::EmptyString:
         return { };
     }
     ASSERT_NOT_REACHED();
     return { };
 }

 } // namespace WebCore
	/*
	* Copyright (C) 2018 Apple Inc. All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in the
	* documentation and/or other materials provided with the distribution.
	*
	* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND ANY
	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	* DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
	* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	*/

	#include "config.h"
	#include "ReferrerPolicy.h"

	#include "HTTPParsers.h"
	#include <wtf/Optional.h>

	namespace WebCore {

	enum class ShouldParseLegacyKeywords { No, Yes };

	static Optional<ReferrerPolicy> parseReferrerPolicyToken(StringView policy, ShouldParseLegacyKeywords shouldParseLegacyKeywords)
	{
	// "never" / "default" / "always" are legacy keywords that we support and still defined in the HTML specification:
	// https://html.spec.whatwg.org/#meta-referrer
	if (shouldParseLegacyKeywords == ShouldParseLegacyKeywords::Yes) {
	if (equalLettersIgnoringASCIICase(policy, "never"))
	return ReferrerPolicy::NoReferrer;
	if (equalLettersIgnoringASCIICase(policy, "always"))
	return ReferrerPolicy::UnsafeUrl;
	if (equalLettersIgnoringASCIICase(policy, "default"))
	return ReferrerPolicy::NoReferrerWhenDowngrade;
	}

	if (equalLettersIgnoringASCIICase(policy, "no-referrer"))
	return ReferrerPolicy::NoReferrer;
	if (equalLettersIgnoringASCIICase(policy, "unsafe-url"))
	return ReferrerPolicy::UnsafeUrl;
	if (equalLettersIgnoringASCIICase(policy, "origin"))
	return ReferrerPolicy::Origin;
	if (equalLettersIgnoringASCIICase(policy, "origin-when-cross-origin"))
	return ReferrerPolicy::OriginWhenCrossOrigin;
	if (equalLettersIgnoringASCIICase(policy, "same-origin"))
	return ReferrerPolicy::SameOrigin;
	if (equalLettersIgnoringASCIICase(policy, "strict-origin"))
	return ReferrerPolicy::StrictOrigin;
	if (equalLettersIgnoringASCIICase(policy, "strict-origin-when-cross-origin"))
	return ReferrerPolicy::StrictOriginWhenCrossOrigin;
	if (equalLettersIgnoringASCIICase(policy, "no-referrer-when-downgrade"))
	return ReferrerPolicy::NoReferrerWhenDowngrade;
	if (!policy.isNull() && policy.isEmpty())
	return ReferrerPolicy::EmptyString;

	return WTF::nullopt;
	}

	Optional<ReferrerPolicy> parseReferrerPolicy(StringView policyString, ReferrerPolicySource source)
	{
	switch (source) {
	case ReferrerPolicySource::HTTPHeader: {
	// Implementing https://www.w3.org/TR/2017/CR-referrer-policy-20170126/#parse-referrer-policy-from-header.
	Optional<ReferrerPolicy> result;
	for (auto tokenView : policyString.split(',')) {
	auto token = parseReferrerPolicyToken(stripLeadingAndTrailingHTTPSpaces(tokenView), ShouldParseLegacyKeywords::No);
	if (token && token.value() != ReferrerPolicy::EmptyString)
	result = token.value();
	}
	return result;
	}
	case ReferrerPolicySource::MetaTag:
	return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::Yes);
	case ReferrerPolicySource::ReferrerPolicyAttribute:
	return parseReferrerPolicyToken(policyString, ShouldParseLegacyKeywords::No);
	}
	ASSERT_NOT_REACHED();
	return WTF::nullopt;
	}

	String referrerPolicyToString(const ReferrerPolicy& referrerPolicy)
	{
	switch (referrerPolicy) {
	case ReferrerPolicy::NoReferrer:
	return "no-referrer"_s;
	case ReferrerPolicy::UnsafeUrl:
	return "unsafe-url"_s;
	case ReferrerPolicy::Origin:
	return "origin"_s;
	case ReferrerPolicy::OriginWhenCrossOrigin:
	return "origin-when-cross-origin"_s;
	case ReferrerPolicy::SameOrigin:
	return "same-origin"_s;
	case ReferrerPolicy::StrictOrigin:
	return "strict-origin"_s;
	case ReferrerPolicy::StrictOriginWhenCrossOrigin:
	return "strict-origin-when-cross-origin"_s;
	case ReferrerPolicy::NoReferrerWhenDowngrade:
	return "no-referrer-when-downgrade"_s;
	case ReferrerPolicy::EmptyString:
	return { };
	}
	ASSERT_NOT_REACHED();
	return { };
	}

	} // namespace WebCore