diff --git net/url_request/url_request_job.cc net/url_request/url_request_job.cc index f1288aaa112e6..2b29bffdbbaf6 100644 --- net/url_request/url_request_job.cc +++ net/url_request/url_request_job.cc @@ -36,6 +36,7 @@ #include "net/url_request/redirect_info.h" #include "net/url_request/redirect_util.h" #include "net/url_request/url_request_context.h" +#include "url/url_util.h" namespace net { @@ -48,6 +49,16 @@ base::Value::Dict SourceStreamSetParams(SourceStream* source_stream) { return event_params; } +bool IsSecureScheme(const GURL& url) { + if (!url.has_scheme()) { + return false; + } + if (GURL::SchemeIsCryptographic(url.scheme_piece())) { + return true; + } + return base::Contains(url::GetSecureSchemes(), url.scheme_piece()); +} + } // namespace // Each SourceStreams own the previous SourceStream in the chain, but the @@ -325,8 +336,7 @@ GURL URLRequestJob::ComputeReferrerForPolicy( } bool secure_referrer_but_insecure_destination = - original_referrer.SchemeIsCryptographic() && - !destination.SchemeIsCryptographic(); + IsSecureScheme(original_referrer) && !IsSecureScheme(destination); switch (policy) { case ReferrerPolicy::CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE: