Referrer Policy: Add a flag to reduce `referer` granularity by default. [1/2]

If a site hasn't set an explicit referrer policy, this runtime-enabled
flag will strip the outgoing header down to an origin. Perhaps this is
a direction we could offer as a choice to users in the future? (Note that this
implementation does not yet effect reditects. That's something to fix later
if/when we want to look more closely at this kind of approach. Nothing worth
doing for a strawman...).

Adding this flag to help evaluate the impact such a change might have.

[1/2] Blink: This patch.
[2/2] Chromium: https://codereview.chromium.org/711033002

BUG=431711

Review URL: https://codereview.chromium.org/684683003

git-svn-id: svn://svn.chromium.org/blink/trunk@185057 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/Source/platform/RuntimeEnabledFeatures.in

@@ -106,6 +106,7 @@ Presentation status=test
 PseudoClassesInMatchingCriteriaInAuthorShadowTrees status=test
 PushMessaging status=experimental
 QuotaPromise status=experimental
+ReducedReferrerGranularity
 RegionBasedColumns status=experimental
 RequestAutocomplete status=test
 ScreenOrientation status=stable

third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp

@@ -29,6 +29,7 @@
 #include "config.h"
 #include "platform/weborigin/SecurityPolicy.h"
 
+#include "platform/RuntimeEnabledFeatures.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/weborigin/OriginAccessEntry.h"
 #include "platform/weborigin/SecurityOrigin.h"
@@ -86,7 +87,18 @@ Referrer SecurityPolicy::generateReferrer(ReferrerPolicy referrerPolicy, const K
         // to turn it into a canonical URL we can use as referrer.
         return Referrer(origin + "/", referrerPolicy);
     }
-    case ReferrerPolicyDefault:
+    case ReferrerPolicyDefault: {
+        // If the flag is enabled, and we're dealing with a cross-origin request, strip it.
+        // Otherwise fallthrough to NoReferrerWhenDowngrade behavior.
+        RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString(referrer);
+        RefPtr<SecurityOrigin> urlOrigin = SecurityOrigin::create(url);
+        if (RuntimeEnabledFeatures::reducedReferrerGranularityEnabled() && !urlOrigin->isSameSchemeHostPort(referrerOrigin.get())) {
+            String origin = referrerOrigin->toString();
+            if (origin == "null")
+                return Referrer(String(), referrerPolicy);
+            return Referrer(shouldHideReferrer(url, referrer) ? String() : origin + "/", referrerPolicy);
+        }
+    }
     case ReferrerPolicyNoReferrerWhenDowngrade:
         break;
     }

third_party/WebKit/Source/web/WebRuntimeFeatures.cpp

@@ -319,4 +319,9 @@ void WebRuntimeFeatures::enableSVG1DOM(bool enable)
     RuntimeEnabledFeatures::setSVG1DOMEnabled(enable);
 }
 
+void WebRuntimeFeatures::enableReducedReferrerGranularity(bool enable)
+{
+    RuntimeEnabledFeatures::setReducedReferrerGranularityEnabled(enable);
+}
+
 } // namespace blink

third_party/WebKit/public/web/WebRuntimeFeatures.h

@@ -146,6 +146,8 @@ public:
 
     BLINK_EXPORT static void enableSVG1DOM(bool);
 
+    BLINK_EXPORT static void enableReducedReferrerGranularity(bool);
+
 private:
     WebRuntimeFeatures();
 };