[Xfce4-commits] <midori:master> Strip referrer details sent to external sites

Fri Apr 15 01:14:01 CEST 2011

Updating branch refs/heads/master
         to 9ac8433e6d270ae71ab180aeed613ac6bee135cf (commit)
       from e18a2c800174a919f5bb29c03118d13acf34e7ae (commit)

commit 9ac8433e6d270ae71ab180aeed613ac6bee135cf
Author: Christian Dywan <christian at twotoasts.de>
Date:   Fri Apr 15 00:49:39 2011 +0200

    Strip referrer details sent to external sites
    
    This new feature strips, if enabled, the path and query from
    the 'Referer' header when switching to external sites. It
    doesn't affect internal links, which is why websites testing
    for this feature may falsely assert it's not working.
    
    The feature is automatically enabled in private mode.

 midori/main.c               |   28 +++++++++++++++++++++++++++-
 midori/midori-websettings.c |   27 ++++++++++++++++++++++++++-
 2 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/midori/main.c b/midori/main.c
index 63bbf78..132b72e 100644
--- a/midori/main.c
+++ b/midori/main.c
@@ -801,7 +801,10 @@ midori_browser_privacy_preferences_cb (MidoriBrowser*    browser,
     katze_preferences_add_widget (preferences, button, "indented");
     #endif
     #endif
-    katze_preferences_add_group (preferences, _("History"));
+    #if HAVE_LIBSOUP_2_27_90
+    button = katze_property_proxy (settings, "strip-referer", NULL);
+    katze_preferences_add_widget (preferences, button, "indented");
+    #endif
     button = katze_property_label (settings, "maximum-history-age");
     katze_preferences_add_widget (preferences, button, "indented");
     button = katze_property_proxy (settings, "maximum-history-age", NULL);
@@ -996,6 +999,28 @@ midori_soup_session_settings_accept_language_cb (SoupSession*       session,
         g_free (languages);
     soup_message_headers_append (msg->request_headers, "Accept-Language", accpt);
     g_free (accpt);
+
+    #if HAVE_LIBSOUP_2_27_90
+    if (katze_object_get_boolean (settings, "strip-referer"))
+    {
+        const gchar* referer
+            = soup_message_headers_get_one (msg->request_headers, "Referer");
+        SoupURI* destination = soup_message_get_uri (msg);
+        if (referer && destination && !strstr (referer, destination->host))
+        {
+            SoupURI* stripped_uri = soup_uri_new (referer);
+            gchar* stripped_referer;
+            soup_uri_set_path (stripped_uri, NULL);
+            soup_uri_set_query (stripped_uri, NULL);
+            stripped_referer = soup_uri_to_string (stripped_uri, FALSE);
+            soup_uri_free (stripped_uri);
+            g_message ("Referer stripped");
+            soup_message_headers_replace (msg->request_headers, "Referer",
+                                          stripped_referer);
+            g_free (stripped_referer);
+        }
+    }
+    #endif
 }
 
 static void
@@ -2195,6 +2220,7 @@ main (int    argc,
             #if WEBKIT_CHECK_VERSION (1, 3, 13)
             g_object_set (settings, "enable-dns-prefetching", FALSE, NULL);
             #endif
+            g_object_set (settings, "strip-referer", TRUE, NULL);
             midori_browser_set_action_visible (browser, "Tools", FALSE);
             midori_browser_set_action_visible (browser, "ClearPrivateData", FALSE);
         }
diff --git a/midori/midori-websettings.c b/midori/midori-websettings.c
index 69cf1c2..d0983bf 100644
--- a/midori/midori-websettings.c
+++ b/midori/midori-websettings.c
@@ -86,6 +86,7 @@ struct _MidoriWebSettings
 
     gint clear_private_data;
     gchar* clear_data;
+    gboolean strip_referer;
 };
 
 struct _MidoriWebSettingsClass
@@ -168,7 +169,8 @@ enum
     PROP_PREFERRED_LANGUAGES,
 
     PROP_CLEAR_PRIVATE_DATA,
-    PROP_CLEAR_DATA
+    PROP_CLEAR_DATA,
+    PROP_STRIP_REFERER
 };
 
 GType
@@ -1100,6 +1102,23 @@ midori_web_settings_class_init (MidoriWebSettingsClass* class)
                                      _("The data selected for deletion"),
                                      NULL,
                                      flags));
+    /**
+     * MidoriWebSettings:strip-referer:
+     *
+     * Whether to strip referrer details sent to external sites.
+     *
+     * Since: 0.3.4
+     */
+    g_object_class_install_property (gobject_class,
+                                     PROP_STRIP_REFERER,
+                                     g_param_spec_boolean (
+                                     "strip-referer",
+    /* i18n: Reworded: Shorten details propagated when going to another page */
+        _("Strip referrer details sent to external sites"),
+    /* i18n: Referer here is not a typo but a technical term */
+        _("Whether the \"Referer\" header should be shortened to the hostname"),
+                                     FALSE,
+                                     flags));
 
 }
 
@@ -1518,6 +1537,9 @@ midori_web_settings_set_property (GObject*      object,
     case PROP_CLEAR_DATA:
         katze_assign (web_settings->clear_data, g_value_dup_string (value));
         break;
+    case PROP_STRIP_REFERER:
+        web_settings->strip_referer = g_value_get_boolean (value);
+        break;
     default:
         G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
         break;
@@ -1749,6 +1771,9 @@ midori_web_settings_get_property (GObject*    object,
     case PROP_CLEAR_DATA:
         g_value_set_string (value, web_settings->clear_data);
         break;
+    case PROP_STRIP_REFERER:
+        g_value_set_boolean (value, web_settings->strip_referer);
+        break;
     default:
         G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
         break;

