Spoof referer header on cross-origin navigations

Previously we were only spoofing it on cross-origin subresource requests, not navigations. Fix #10721 Test Plan: go to https://community.brave.com/t/tracking-not-blocked/6787 and click on the two links in the post the sites should report the referer as the origin of the site itself, not community.brave.com now turn off shields on one of the sites repeat steps 1 and 2. the site should now report the referer as community.brave.com Auditors: @bbondy
brave · Aug 31, 2017 · 076cd89 · 076cd89
1 parent 7389575
commit 076cd89
Showing 1 changed file with 10 additions and 5 deletions.
diff --git a/app/filtering.js b/app/filtering.js
@@ -287,6 +287,7 @@ function registerForBeforeSendHeaders (session, partition) {
     if (cookieSetting) {
       const parsedTargetUrl = urlParse(details.url || '')
       const parsedFirstPartyUrl = urlParse(firstPartyUrl)
+      const targetOrigin = details.url
 
       if (cookieSetting === 'blockAllCookies' ||
         isThirdPartyHost(parsedFirstPartyUrl.hostname, parsedTargetUrl.hostname)) {
@@ -295,11 +296,15 @@ function registerForBeforeSendHeaders (session, partition) {
             getOrigin(firstPartyUrl) !== pdfjsOrigin) {
           requestHeaders['Cookie'] = undefined
         }
-        if (cookieSetting !== 'blockAllCookies' &&
-            requestHeaders['Referer'] &&
-            !refererExceptions.includes(parsedTargetUrl.hostname)) {
-          requestHeaders['Referer'] = getOrigin(details.url)
-        }
+      }
+      const referer = requestHeaders['Referer']
+      if (referer &&
+          cookieSetting !== 'allowAllCookies' &&
+          !refererExceptions.includes(parsedTargetUrl.hostname) &&
+          targetOrigin !== getOrigin(referer)) {
+        // Unless the setting is 'allow all cookies', spoof the referer if it
+        // is a cross-origin referer
+        requestHeaders['Referer'] = targetOrigin
       }
     }
     if (sendDNT) {