Implement Referrer class encapsulates full referrer and referrer policy
Categories
(Core :: DOM: Security, enhancement, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox67 | --- | fixed |
People
(Reporter: tnguyen, Assigned: tnguyen)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-active])
Attachments
(2 files, 1 obsolete file)
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Updated•6 years ago
|
|
||
Updated•6 years ago
|
| Comment hidden (obsolete) |
|
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Comment 3•6 years ago
|
||
|
|
Assignee | |
Comment 4•6 years ago
|
||
|
|
Assignee | |
Comment 5•6 years ago
|
||
|
|
Assignee | |
Comment 6•6 years ago
|
||
The class contains original full referrer and referrer policy will be
applied to the referrer.
|
||
Updated•6 years ago
|
|
|
||
Comment 7•6 years ago
|
||
Hey Gijs, I was wondering if you are willing to negotiate a compromise for this bug. In general I completely agree to your comment (which I am pasting from phab here for the reference:)
We should be changing all the things that pass referrer and referrerPolicy separately to pass referrerInfo, instead of only doing so for individual loadURI calls and thus leaving large parts of the frontend codebase messy and out of sync with the actual implementation.
Some background, the changeset that Thomas is working is growing to be massive [1] - I am worried that rebasing and maintaining those patches is going to become a cumbersome and time consuming task. Further, I also don't want the frontend code to be messy and left alone in a half baked state - Thomas is dedicated to work on referrer policy setup change the entire quarter.
Here is my suggestion:
a) We take all the backend bits from [1]; adding the new referrerinfo class, update docshell and docshelloatsate. That way we would have the backend bits landed.
b) We update LoadURIOptions.webidl and replace referrer and referrerpolicy with referrerinfo
c) We update only the callsites that create a loadURIOptions argument in this first iteration to pass a referrerinfo (basically all the callsites we touched within Bug 1513241.
d) We file follow ups and actually implement those to push the creation of the referrerinfo object further towards the actual creation time of the referrer.
That way we have smaller incremental changes that actually seem to be manageable to me.
Would you agree to that? If so, then Thomas would get such a changeset ready for review.
[1] https://hg.mozilla.org/try/rev/f1c97f45397aaf7991fa8ddb38a6eace54587edf
|
|
||
Comment 8•6 years ago
|
||
(In reply to Christoph Kerschbaumer [:ckerschb] from comment #7)
Would you agree to that? If so, then Thomas would get such a changeset ready for review.
Sure, as long as we end up in a state where this gets done, ideally within a cycle.
|
||
Updated•6 years ago
|
|
|
||
Updated•6 years ago
|
|
|
||
Updated•6 years ago
|
|
||
Comment 10•6 years ago
|
||
|
||
Comment 11•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/64c8b805491a
https://hg.mozilla.org/mozilla-central/rev/586348ccba9b
Description
•