about summary refs log tree commit diff stats
path: root/src/types/referrer.nim
blob: 7c7b6ffe25bd5183acb081fae3445546885c1380 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

import types/url

type ReferrerPolicy* = enum
  rpStrictOriginWhenCrossOrigin = "strict-origin-when-cross-origin"
  rpNoReferrer = "no-referrer"
  rpNoReferrerWhenDowngrade = "no-referrer-when-downgrade"
  rpStrictOrigin = "strict-origin"
  rpOrigin = "origin"
  rpSameOrigin = "same-origin"
  rpOriginWhenCrossOrigin = "origin-when-cross-origin"
  rpUnsafeURL = "unsafe-url"

const DefaultPolicy* = rpStrictOriginWhenCrossOrigin

proc getReferrer*(prev, target: URL; policy: ReferrerPolicy): string =
  let origin = prev.origin
  if origin.t == otOpaque:
    return ""
  if prev.scheme != "http" and prev.scheme != "https":
    return ""
  if target.scheme != "http" and target.scheme != "https":
    return ""
  case policy
  of rpNoReferrer:
    return ""
  of rpNoReferrerWhenDowngrade:
    if prev.scheme == "https" and target.scheme == "http":
      return ""
    return $origin & prev.pathname & prev.search
  of rpSameOrigin:
    if origin.isSameOrigin(target.origin):
      return $origin
    return ""
  of rpOrigin:
    return $origin
  of rpStrictOrigin:
    if prev.scheme == "https" and target.scheme == "http":
      return ""
    return $origin
  of rpOriginWhenCrossOrigin:
    if not origin.isSameOrigin(target.origin):
      return $origin
    return $origin & prev.pathname & prev.search
  of rpStrictOriginWhenCrossOrigin:
    if prev.scheme == "https" and target.scheme == "http":
      return $origin
    if not origin.isSameOrigin(target.origin):
      return $origin
    return $origin & prev.pathname & prev.search
  of rpUnsafeURL:
    return $origin & prev.pathname & prev.search
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-06-12 08:56:08 +0000