Skip to content

Commit

Permalink
Force the referrer to always be 'no-referrer' while in speedreader mo…
Browse files Browse the repository at this point in the history
…de. (uplift to 1.62.x) (#21497)

Uplift of #21481 (squashed) to beta
  • Loading branch information
brave-builds authored Jan 7, 2024
1 parent 1b43e56 commit 9e6c425
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
8 changes: 8 additions & 0 deletions browser/speedreader/speedreader_browsertest.cc
Original file line number Diff line number Diff line change
Expand Up @@ -317,6 +317,9 @@ IN_PROC_BROWSER_TEST_F(SpeedReaderBrowserTest, SmokeTest) {
const std::string kGetFontsExists =
"!!(document.getElementById('atkinson_hyperligible_font') && "
"document.getElementById('open_dyslexic_font'))";
const std::string kCheckReferrer =
R"js(document.querySelector('meta[name="referrer"]')
.getAttribute('content') === 'no-referrer')js";

// Check that the document became much smaller and that non-empty speedreader
// style is injected.
Expand All @@ -328,6 +331,11 @@ IN_PROC_BROWSER_TEST_F(SpeedReaderBrowserTest, SmokeTest) {
content::EXECUTE_SCRIPT_DEFAULT_OPTIONS,
ISOLATED_WORLD_ID_BRAVE_INTERNAL)
.ExtractBool());
EXPECT_TRUE(content::EvalJs(ActiveWebContents(), kCheckReferrer,
content::EXECUTE_SCRIPT_DEFAULT_OPTIONS,
ISOLATED_WORLD_ID_BRAVE_INTERNAL)
.ExtractBool());

const auto speedreaded_length =
content::EvalJs(ActiveWebContents(), kGetContentLength,
content::EXECUTE_SCRIPT_DEFAULT_OPTIONS,
Expand Down
1 change: 1 addition & 0 deletions components/speedreader/speedreader_rewriter_service.cc
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ std::string WrapStylesheetWithCSP(const std::string& stylesheet,
};

constexpr const char kCSP[] = R"html(
<meta name="referrer" content="no-referrer">
<meta http-equiv="Content-Security-Policy"
content="script-src 'none';
style-src-elem 'sha256-%s' 'sha256-%s' 'sha256-%s'"
Expand Down

0 comments on commit 9e6c425

Please sign in to comment.