Strip referrer details sent to external sites

author Christian Dywan <christian@twotoasts.de>

Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)

committer Christian Dywan <christian@twotoasts.de>

Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)
author Christian Dywan <christian@twotoasts.de>
Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)
committer Christian Dywan <christian@twotoasts.de>
Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)
diff --git a/midori/main.c b/midori/main.c

index 63bbf7888525658f2eb2a12fd40809a3fc9a30ef..132b72e46c0e01af27a19b99fee6119cd8d040bd 100644 (file)
--- a/midori/main.c
+++ b/midori/main.c
@@ -801,7 +801,10 @@ midori_browser_privacy_preferences_cb (MidoriBrowser*    browser,
      katze_preferences_add_widget (preferences, button, "indented");
      #endif
      #endif
-    katze_preferences_add_group (preferences, _("History"));
+    #if HAVE_LIBSOUP_2_27_90
+    button = katze_property_proxy (settings, "strip-referer", NULL);
+    katze_preferences_add_widget (preferences, button, "indented");
+    #endif
      button = katze_property_label (settings, "maximum-history-age");
      katze_preferences_add_widget (preferences, button, "indented");
      button = katze_property_proxy (settings, "maximum-history-age", NULL);
@@ -996,6 +999,28 @@ midori_soup_session_settings_accept_language_cb (SoupSession*       session,
          g_free (languages);
      soup_message_headers_append (msg->request_headers, "Accept-Language", accpt);
      g_free (accpt);
+
+    #if HAVE_LIBSOUP_2_27_90
+    if (katze_object_get_boolean (settings, "strip-referer"))
+    {
+        const gchar* referer
+            = soup_message_headers_get_one (msg->request_headers, "Referer");
+        SoupURI* destination = soup_message_get_uri (msg);
+        if (referer && destination && !strstr (referer, destination->host))
+        {
+            SoupURI* stripped_uri = soup_uri_new (referer);
+            gchar* stripped_referer;
+            soup_uri_set_path (stripped_uri, NULL);
+            soup_uri_set_query (stripped_uri, NULL);
+            stripped_referer = soup_uri_to_string (stripped_uri, FALSE);
+            soup_uri_free (stripped_uri);
+            g_message ("Referer stripped");
+            soup_message_headers_replace (msg->request_headers, "Referer",
+                                          stripped_referer);
+            g_free (stripped_referer);
+        }
+    }
+    #endif
  }
  
  static void
@@ -2195,6 +2220,7 @@ main (int    argc,
              #if WEBKIT_CHECK_VERSION (1, 3, 13)
              g_object_set (settings, "enable-dns-prefetching", FALSE, NULL);
              #endif
+            g_object_set (settings, "strip-referer", TRUE, NULL);
              midori_browser_set_action_visible (browser, "Tools", FALSE);
              midori_browser_set_action_visible (browser, "ClearPrivateData", FALSE);
          }
diff --git a/midori/midori-websettings.c b/midori/midori-websettings.c

index 69cf1c28916a1d57eda5ccd952741fee45da3a0d..d0983bfffc682fc66f6e54abf06a1923a8cf8be8 100644 (file)
--- a/midori/midori-websettings.c
+++ b/midori/midori-websettings.c
@@ -86,6 +86,7 @@ struct _MidoriWebSettings
  
      gint clear_private_data;
      gchar* clear_data;
+    gboolean strip_referer;
  };
  
  struct _MidoriWebSettingsClass
@@ -168,7 +169,8 @@ enum
      PROP_PREFERRED_LANGUAGES,
  
      PROP_CLEAR_PRIVATE_DATA,
-    PROP_CLEAR_DATA
+    PROP_CLEAR_DATA,
+    PROP_STRIP_REFERER
  };
  
  GType
@@ -1100,6 +1102,23 @@ midori_web_settings_class_init (MidoriWebSettingsClass* class)
                                       _("The data selected for deletion"),
                                       NULL,
                                       flags));
+    /**
+     * MidoriWebSettings:strip-referer:
+     *
+     * Whether to strip referrer details sent to external sites.
+     *
+     * Since: 0.3.4
+     */
+    g_object_class_install_property (gobject_class,
+                                     PROP_STRIP_REFERER,
+                                     g_param_spec_boolean (
+                                     "strip-referer",
+    /* i18n: Reworded: Shorten details propagated when going to another page */
+        _("Strip referrer details sent to external sites"),
+    /* i18n: Referer here is not a typo but a technical term */
+        _("Whether the \"Referer\" header should be shortened to the hostname"),
+                                     FALSE,
+                                     flags));
  
  }
  
@@ -1518,6 +1537,9 @@ midori_web_settings_set_property (GObject*      object,
      case PROP_CLEAR_DATA:
          katze_assign (web_settings->clear_data, g_value_dup_string (value));
          break;
+    case PROP_STRIP_REFERER:
+        web_settings->strip_referer = g_value_get_boolean (value);
+        break;
      default:
          G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
          break;
@@ -1749,6 +1771,9 @@ midori_web_settings_get_property (GObject*    object,
      case PROP_CLEAR_DATA:
          g_value_set_string (value, web_settings->clear_data);
          break;
+    case PROP_STRIP_REFERER:
+        g_value_set_boolean (value, web_settings->strip_referer);
+        break;
      default:
          G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
          break;
author	Christian Dywan <christian@twotoasts.de>
	Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)
committer	Christian Dywan <christian@twotoasts.de>
	Thu, 14 Apr 2011 22:49:39 +0000 (00:49 +0200)
midori/main.c		patch \| blob \| history
midori/midori-websettings.c		patch \| blob \| history