xref: /third_party/node/deps/undici/src/lib/fetch/util.js

191 // https://w3c.github.io/webappsec-referrer-policy/#set-requests-referrer-policy-on-redirect
194   //  updates request’s referrer policy according to the Referrer-Policy
197   // 1. Let policy be the result of executing § 8.1 Parse a referrer policy
200   // 8.1 Parse a referrer policy from a Referrer-Policy header
201   // 1. Let policy-tokens be the result of extracting header list values given `Referrer-Policy` and response’s header list.
203   // 2. Let policy be the empty string.
204   // 3. For each token in policy-tokens, if token is a referrer policy and token is not the empty string, then set policy to token.
205   // 4. Return policy.
206   const policyHeader = (headersList.get('referrer-policy') ?? '').split(',')
208   // Note: As the referrer-policy can contain multiple policies
212   let policy = ''
214     // The right-most policy takes precedence.
215     // The left-most policy is the fallback.
219         policy = token
225   // 2. If policy is not the empty string, then set request’s referrer policy to policy.
226   if (policy !== '') {
227     request.referrerPolicy = policy
231 // https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check
287     // 1. Switch on request’s referrer policy:
340 // https://html.spec.whatwg.org/multipage/origin.html#policy-container
342   // Note: the fetch spec doesn't make use of embedder policy or CSP list
348 // https://html.spec.whatwg.org/multipage/origin.html#clone-a-policy-container
355 // https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer
357   // 1. Let policy be request's referrer policy.
358   const policy = request.referrerPolicy
360   // Note: policy cannot (shouldn't) be null or an empty string.
361   assert(policy)
403   // 8. Execute the switch statements corresponding to the value of policy:
404   switch (policy) {
451  * @see https://w3c.github.io/webappsec-referrer-policy/#strip-url

Indexes created Thu Nov 07 10:32:03 CST 2024