Merge pull request #490 from brave/insecure_referrer

fix https://stats.brave.com/dashboard#crash/5ba4dfdff772c9001e621e5e

browser/net/brave_profile_network_delegate.cc

@@ -18,13 +18,13 @@
 BraveProfileNetworkDelegate::BraveProfileNetworkDelegate(
     extensions::EventRouterForwarder* event_router) :
     BraveNetworkDelegateBase(event_router) {
-  brave::OnBeforeURLRequestCallback callback =
-      base::Bind(
-          brave::OnBeforeURLRequest_SiteHacksWork);
+  brave::OnBeforeURLRequestCallback
+  callback =
+      base::Bind(brave::OnBeforeURLRequest_HttpsePreFileWork);
   before_url_request_callbacks_.push_back(callback);
 
   callback =
-      base::Bind(brave::OnBeforeURLRequest_HttpsePreFileWork);
+      base::Bind(brave::OnBeforeURLRequest_SiteHacksWork);
   before_url_request_callbacks_.push_back(callback);
 
   callback =

browser/net/brave_site_hacks_network_delegate_helper.cc

@@ -81,6 +81,26 @@ bool GetPolyfillForAdBlock(bool allow_brave_shields, bool allow_ads,
   return false;
 }
 
+void ApplyPotentialReferrerBlock(net::URLRequest* request) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+  GURL target_origin = GURL(request->url()).GetOrigin();
+  GURL tab_origin = request->site_for_cookies().GetOrigin();
+  bool allow_referrers = brave_shields::IsAllowContentSettingFromIO(
+      request, tab_origin, tab_origin, CONTENT_SETTINGS_TYPE_PLUGINS,
+      brave_shields::kReferrers);
+  bool shields_up = brave_shields::IsAllowContentSettingFromIO(
+      request, tab_origin, GURL(), CONTENT_SETTINGS_TYPE_PLUGINS,
+      brave_shields::kBraveShields);
+  const std::string original_referrer = request->referrer();
+  Referrer new_referrer;
+  if (brave_shields::ShouldSetReferrer(allow_referrers, shields_up,
+          GURL(original_referrer), tab_origin, request->url(), target_origin,
+          Referrer::NetReferrerPolicyToBlinkReferrerPolicy(
+              request->referrer_policy()), &new_referrer)) {
+    request->SetReferrer(new_referrer.url.spec());
+  }
+}
+
 int OnBeforeURLRequest_SiteHacksWork(
     net::URLRequest* request,
     GURL* new_url,
@@ -105,6 +125,11 @@ int OnBeforeURLRequest_SiteHacksWork(
   bool allow_ads = brave_shields::IsAllowContentSettingFromIO(
       request, tab_origin, tab_origin, CONTENT_SETTINGS_TYPE_PLUGINS,
       brave_shields::kAds);
+
+  if (allow_brave_shields) {
+    ApplyPotentialReferrerBlock(request);
+  }
+
   if (GetPolyfillForAdBlock(allow_brave_shields, allow_ads,
         tab_origin, url, new_url)) {
     return net::OK;
@@ -139,30 +164,6 @@ bool IsBlockTwitterSiteHack(net::URLRequest* request,
   return false;
 }
 
-int ApplyPotentialReferrerBlock(net::URLRequest* request,
-    const ResponseCallback& next_callback,
-    net::HttpRequestHeaders* headers) {
-  DCHECK_CURRENTLY_ON(BrowserThread::IO);
-  GURL target_origin = GURL(request->url()).GetOrigin();
-  GURL tab_origin = request->site_for_cookies().GetOrigin();
-  bool allow_referrers = brave_shields::IsAllowContentSettingFromIO(
-      request, tab_origin, tab_origin, CONTENT_SETTINGS_TYPE_PLUGINS,
-      brave_shields::kReferrers);
-  bool shields_up = brave_shields::IsAllowContentSettingFromIO(
-      request, tab_origin, GURL(), CONTENT_SETTINGS_TYPE_PLUGINS,
-      brave_shields::kBraveShields);
-  std::string original_referrer;
-  headers->GetHeader(kRefererHeader, &original_referrer);
-  Referrer new_referrer;
-  if (brave_shields::ShouldSetReferrer(allow_referrers, shields_up,
-          GURL(original_referrer), tab_origin, request->url(), target_origin,
-          Referrer::NetReferrerPolicyToBlinkReferrerPolicy(
-              request->referrer_policy()), &new_referrer)) {
-      headers->SetHeader(kRefererHeader, new_referrer.url.spec());
-  }
-  return net::OK;
-}
-
 int OnBeforeStartTransaction_SiteHacksWork(net::URLRequest* request,
         net::HttpRequestHeaders* headers,
         const ResponseCallback& next_callback,
@@ -181,7 +182,7 @@ int OnBeforeStartTransaction_SiteHacksWork(net::URLRequest* request,
       headers->SetHeader(kUserAgentHeader, user_agent);
     }
   }
-  return ApplyPotentialReferrerBlock(request, next_callback, headers);
+  return net::OK;
 }
 
 }  // namespace brave

components/brave_shields/browser/brave_shields_web_contents_observer.cc

@@ -288,6 +288,17 @@ void BraveShieldsWebContentsObserver::RegisterProfilePrefs(
 
 void BraveShieldsWebContentsObserver::ReadyToCommitNavigation(
     content::NavigationHandle* navigation_handle) {
+  // when the main frame navigate away
+  if (navigation_handle->IsInMainFrame() &&
+      !navigation_handle->IsSameDocument() &&
+      navigation_handle->GetReloadType() == content::ReloadType::NONE) {
+    allowed_script_origins_.clear();
+  }
+
+  navigation_handle->GetWebContents()->SendToAllFrames(
+      new BraveFrameMsg_AllowScriptsOnce(
+        MSG_ROUTING_NONE, allowed_script_origins_));
+
   auto frame_tree_node_id = navigation_handle->GetFrameTreeNodeId();
   auto *frame_tree_node = content::FrameTreeNode::GloballyFindByID(
       frame_tree_node_id);
@@ -331,19 +342,9 @@ void BraveShieldsWebContentsObserver::ReadyToCommitNavigation(
           navigation_handle->GetURL(),
           navigation_handle->GetURL().GetOrigin(),
           original_referrer.policy, &new_referrer)) {
-    navigation_entry->SetReferrer(new_referrer);
+    navigation_entry->SetExtraData("referrer." + navigation_handle->GetURL().spec(),
+          base::UTF8ToUTF16(new_referrer.url.spec()));
   }
-
-  // when the main frame navigate away
-  if (navigation_handle->IsInMainFrame() &&
-      !navigation_handle->IsSameDocument() &&
-      navigation_handle->GetReloadType() == content::ReloadType::NONE) {
-    allowed_script_origins_.clear();
-  }
-
-  navigation_handle->GetWebContents()->SendToAllFrames(
-      new BraveFrameMsg_AllowScriptsOnce(
-        MSG_ROUTING_NONE, allowed_script_origins_));
 }
 
 void BraveShieldsWebContentsObserver::AllowScriptsOnce(

patches/content-browser-frame_host-navigation_request.cc.patch

@@ -1,29 +1,19 @@
 diff --git a/content/browser/frame_host/navigation_request.cc b/content/browser/frame_host/navigation_request.cc
-index 680486fd31fd0255b1e32fed1ca1664485036e1e..a1f6e2641bb4e8c84097a4139682b7378163e05b 100644
+index 680486fd31fd0255b1e32fed1ca1664485036e1e..ce11b1077697a8a417490959ea9c82f54e3c499d 100644
 --- a/content/browser/frame_host/navigation_request.cc
 +++ b/content/browser/frame_host/navigation_request.cc
-@@ -1653,6 +1653,25 @@ void NavigationRequest::CommitNavigation() {
+@@ -1653,6 +1653,15 @@ void NavigationRequest::CommitNavigation() {
      }
      associated_site_instance_id_.reset();
    }
 +
-+  auto* pending_entry =
++  auto* entry =
 +    frame_tree_node_->navigator()->GetController()->GetPendingEntry();
-+  if (pending_entry) {
-+    if (!pending_entry->GetReferrer().url.is_empty()) {
-+      common_params_.referrer =
-+          Referrer::SanitizeForRequest(common_params_.url, pending_entry->GetReferrer());
-+    }
-+  } else {
-+    auto* last_committed_entry =
-+      frame_tree_node_->navigator()->GetController()->GetLastCommittedEntry();
-+    if (last_committed_entry) {
-+      if (!last_committed_entry->GetReferrer().url.is_empty()) {
-+        common_params_.referrer =
-+          Referrer::SanitizeForRequest(common_params_.url, last_committed_entry->GetReferrer());
-+      }
-+    }
-+  }
++  if (!entry)
++    entry = frame_tree_node_->navigator()->GetController()->GetLastCommittedEntry();
++  base::string16 referrer;
++  if (entry && entry->GetExtraData("referrer." + common_params_.url.spec(), &referrer))
++    common_params_.referrer = Referrer(GURL(referrer), common_params_.referrer.policy);
 +
    render_frame_host->CommitNavigation(
        navigation_handle_->GetNavigationId(), response_.get(),