@@ -54,19 +54,23 @@ impl Header for ReferrerPolicy {
5454
5555 fn parse_header ( raw : & [ Vec < u8 > ] ) -> :: Result < ReferrerPolicy > {
5656 use self :: ReferrerPolicy :: * ;
57- parsing:: from_one_raw_str ( raw) . and_then ( |s : String | {
58- let slice = & s. to_ascii_lowercase ( ) [ ..] ;
59- // See https://www.w3.org/TR/referrer-policy/#determine-policy-for-token
57+ // See https://www.w3.org/TR/referrer-policy/#determine-policy-for-token
58+ let headers: Vec < String > = try!( parsing:: from_comma_delimited ( raw) ) ;
59+
60+ for h in headers. iter ( ) . rev ( ) {
61+ let slice = & h. to_ascii_lowercase ( ) [ ..] ;
6062 match slice {
61- "no-referrer" | "never" => Ok ( NoReferrer ) ,
62- "no-referrer-when-downgrade" | "default" => Ok ( NoReferrerWhenDowngrade ) ,
63- "same-origin" => Ok ( SameOrigin ) ,
64- "origin" => Ok ( Origin ) ,
65- "origin-when-cross-origin" => Ok ( OriginWhenCrossOrigin ) ,
66- "unsafe-url" | "always" => Ok ( UnsafeUrl ) ,
67- _ => Err ( :: Error :: Header ) ,
63+ "no-referrer" | "never" => return Ok ( NoReferrer ) ,
64+ "no-referrer-when-downgrade" | "default" => return Ok ( NoReferrerWhenDowngrade ) ,
65+ "same-origin" => return Ok ( SameOrigin ) ,
66+ "origin" => return Ok ( Origin ) ,
67+ "origin-when-cross-origin" => return Ok ( OriginWhenCrossOrigin ) ,
68+ "unsafe-url" | "always" => return Ok ( UnsafeUrl ) ,
69+ _ => continue ,
6870 }
69- } )
71+ }
72+
73+ Err ( :: Error :: Header )
7074 }
7175}
7276
@@ -92,3 +96,10 @@ fn test_parse_header() {
9296 let e: :: Result < ReferrerPolicy > = Header :: parse_header ( [ b"foobar" . to_vec ( ) ] . as_ref ( ) ) ;
9397 assert ! ( e. is_err( ) ) ;
9498}
99+
100+ #[ test]
101+ fn test_rightmost_header ( ) {
102+ let a: ReferrerPolicy = Header :: parse_header ( & [ "same-origin, origin, foobar" . into ( ) ] ) . unwrap ( ) ;
103+ let b = ReferrerPolicy :: Origin ;
104+ assert_eq ! ( a, b) ;
105+ }
0 commit comments