Merge pull request #19666 from nextcloud/bug/19416/referrer-policy-fallback
Don't show referrer policy warning if fallback policy set.
This commit is contained in:
commit
dd5a4c9603
|
@ -573,12 +573,8 @@
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!xhr.getResponseHeader('Referrer-Policy') ||
|
const referrerPolicy = xhr.getResponseHeader('Referrer-Policy')
|
||||||
(xhr.getResponseHeader('Referrer-Policy').toLowerCase() !== 'no-referrer' &&
|
if (referrerPolicy === null || !/(no-referrer(-when-downgrade)?|strict-origin(-when-cross-origin)?|same-origin)(,|$)/.test(referrerPolicy)) {
|
||||||
xhr.getResponseHeader('Referrer-Policy').toLowerCase() !== 'no-referrer-when-downgrade' &&
|
|
||||||
xhr.getResponseHeader('Referrer-Policy').toLowerCase() !== 'strict-origin' &&
|
|
||||||
xhr.getResponseHeader('Referrer-Policy').toLowerCase() !== 'strict-origin-when-cross-origin' &&
|
|
||||||
xhr.getResponseHeader('Referrer-Policy').toLowerCase() !== 'same-origin')) {
|
|
||||||
messages.push({
|
messages.push({
|
||||||
msg: t('core', 'The "{header}" HTTP header is not set to "{val1}", "{val2}", "{val3}", "{val4}" or "{val5}". This can leak referer information. See the <a target="_blank" rel="noreferrer noopener" href="{link}">W3C Recommendation ↗</a>.',
|
msg: t('core', 'The "{header}" HTTP header is not set to "{val1}", "{val2}", "{val3}", "{val4}" or "{val5}". This can leak referer information. See the <a target="_blank" rel="noreferrer noopener" href="{link}">W3C Recommendation ↗</a>.',
|
||||||
{
|
{
|
||||||
|
@ -591,7 +587,7 @@
|
||||||
link: 'https://www.w3.org/TR/referrer-policy/'
|
link: 'https://www.w3.org/TR/referrer-policy/'
|
||||||
}),
|
}),
|
||||||
type: OC.SetupChecks.MESSAGE_TYPE_INFO
|
type: OC.SetupChecks.MESSAGE_TYPE_INFO
|
||||||
});
|
})
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
messages.push({
|
messages.push({
|
||||||
|
|
Loading…
Reference in New Issue