File: referrer-checker.py

package info (click to toggle)

firefox 144.0-1

links: PTS, VCS
area: main
in suites: sid
size: 4,637,504 kB
sloc: cpp: 7,576,692; javascript: 6,430,831; ansic: 3,748,119; python: 1,398,978; xml: 628,810; asm: 438,679; java: 186,194; sh: 63,212; makefile: 19,159; objc: 13,086; perl: 12,986; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; exp: 762; php: 436; lisp: 258; awk: 247; sql: 66; sed: 53; csh: 10

file content (24 lines) | stat: -rw-r--r-- 1,167 bytes

parent folder | download | duplicates (25)

# Returns a valid response when request's |referrer| matches
# |expected_referrer|.
def main(request, response):
    # We want |referrer| to be the referrer header with no query params,
    # because |expected_referrer| will not contain any query params, and
    # thus cannot be compared with the actual referrer header if it were to
    # contain query params. This works fine if the actual referrer has no
    # query params too.
    referrer = request.headers.get(b"referer", b"").split(b"?")[0]
    referrer_policy = request.GET.first(b"referrer_policy")
    expected_referrer = request.GET.first(b"expected_referrer", b"")
    response_headers = [(b"Content-Type", b"text/javascript"),
                        (b"Access-Control-Allow-Origin", b"*")]

    if referrer_policy == b"no-referrer" or referrer_policy == b"origin":
        if referrer == expected_referrer:
            return (200, response_headers, u"")
        return (404, response_headers)

    if referrer_policy == b"same-origin":
        if referrer == expected_referrer:
            return (200, response_headers, u"")
        return (404, response_headers)
    return (404, response_headers)