| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 |
- From: csagan5 <32685696+csagan5@users.noreply.github.com>
- Date: Sat, 28 Apr 2018 08:30:26 +0200
- Subject: Reduce HTTP headers in DoH requests to bare minimum
- License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html
- ---
- net/base/load_flags_list.h | 6 ++++++
- net/dns/dns_transaction.cc | 2 +-
- net/url_request/url_request_http_job.cc | 8 +++++++-
- 3 files changed, 14 insertions(+), 2 deletions(-)
- diff --git a/net/base/load_flags_list.h b/net/base/load_flags_list.h
- --- a/net/base/load_flags_list.h
- +++ b/net/base/load_flags_list.h
- @@ -102,6 +102,12 @@ LOAD_FLAG(RESTRICTED_PREFETCH, 1 << 15)
- // trusted process.
- LOAD_FLAG(CAN_USE_RESTRICTED_PREFETCH, 1 << 16)
-
- +// This load will not send Accept-Language or User-Agent headers, and not
- +// advertise brotli encoding.
- +// Used to comply with IETF (draft) DNS-over-HTTPS:
- +// "Implementors SHOULD NOT set non-essential HTTP headers in DoH client requests."
- +LOAD_FLAG(MINIMAL_HEADERS, 1 << 19)
- +
- // True if the request should attempt to use the single-keyed cache to satisfy
- // the request. The single-keyed cache will only be used if the "unusable" flag
- // on the cache entry is not true. Otherwise it will fall back to the
- diff --git a/net/dns/dns_transaction.cc b/net/dns/dns_transaction.cc
- --- a/net/dns/dns_transaction.cc
- +++ b/net/dns/dns_transaction.cc
- @@ -445,7 +445,7 @@ class DnsHTTPAttempt : public DnsAttempt, public URLRequest::Delegate {
- // avoid deadlock and enable the use of preconfigured IP addresses.
- request_->SetSecureDnsPolicy(SecureDnsPolicy::kBootstrap);
- request_->SetLoadFlags(request_->load_flags() | LOAD_DISABLE_CACHE |
- - LOAD_BYPASS_PROXY);
- + LOAD_MINIMAL_HEADERS | LOAD_BYPASS_PROXY);
- request_->set_allow_credentials(false);
- request_->set_isolation_info(isolation_info);
- }
- diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
- --- a/net/url_request/url_request_http_job.cc
- +++ b/net/url_request/url_request_http_job.cc
- @@ -314,6 +314,7 @@ void URLRequestHttpJob::OnGotFirstPartySetMetadata(
- // fields in the referrer.
- GURL referrer(request_->referrer());
-
- + if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
- // Our consumer should have made sure that this is a safe referrer (e.g. via
- // URLRequestJob::ComputeReferrerForPolicy).
- if (referrer.is_valid()) {
- @@ -321,11 +322,14 @@ void URLRequestHttpJob::OnGotFirstPartySetMetadata(
- request_info_.extra_headers.SetHeader(HttpRequestHeaders::kReferer,
- referer_value);
- }
- + }
-
- + if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
- request_info_.extra_headers.SetHeaderIfMissing(
- HttpRequestHeaders::kUserAgent,
- http_user_agent_settings_ ?
- http_user_agent_settings_->GetUserAgent() : std::string());
- + }
-
- AddExtraHeaders();
-
- @@ -595,6 +599,7 @@ void URLRequestHttpJob::AddExtraHeaders() {
- if (request_->Supports(SourceStream::SourceType::TYPE_DEFLATE)) {
- advertised_encoding_names.push_back("deflate");
- }
- + if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS)) {
- // Advertise "br" encoding only if transferred data is opaque to proxy.
- if (request()->context()->enable_brotli() &&
- request_->Supports(SourceStream::SourceType::TYPE_BROTLI)) {
- @@ -603,6 +608,7 @@ void URLRequestHttpJob::AddExtraHeaders() {
- advertised_encoding_names.push_back("br");
- }
- }
- + } // minimal headers
- if (!advertised_encoding_names.empty()) {
- // Tell the server what compression formats are supported.
- request_info_.extra_headers.SetHeader(
- @@ -612,7 +618,7 @@ void URLRequestHttpJob::AddExtraHeaders() {
- }
- }
-
- - if (http_user_agent_settings_) {
- + if (!(request_info_.load_flags & LOAD_MINIMAL_HEADERS) && http_user_agent_settings_) {
- // Only add default Accept-Language if the request didn't have it
- // specified.
- std::string accept_language =
- --
- 2.25.1
|
