@@ -54,19 +54,23 @@ impl Header for ReferrerPolicy {
5454
5555 fn parse_header ( raw : & Raw ) -> :: Result < ReferrerPolicy > {
5656 use self :: ReferrerPolicy :: * ;
57- parsing:: from_one_raw_str ( raw) . and_then ( |s : String | {
58- let slice = & s. to_ascii_lowercase ( ) [ ..] ;
59- // See https://www.w3.org/TR/referrer-policy/#determine-policy-for-token
57+ // See https://www.w3.org/TR/referrer-policy/#determine-policy-for-token
58+ let headers: Vec < String > = try!( parsing:: from_comma_delimited ( raw) ) ;
59+
60+ for h in headers. iter ( ) . rev ( ) {
61+ let slice = & h. to_ascii_lowercase ( ) [ ..] ;
6062 match slice {
61- "no-referrer" | "never" => Ok ( NoReferrer ) ,
62- "no-referrer-when-downgrade" | "default" => Ok ( NoReferrerWhenDowngrade ) ,
63- "same-origin" => Ok ( SameOrigin ) ,
64- "origin" => Ok ( Origin ) ,
65- "origin-when-cross-origin" => Ok ( OriginWhenCrossOrigin ) ,
66- "unsafe-url" | "always" => Ok ( UnsafeUrl ) ,
67- _ => Err ( :: Error :: Header ) ,
63+ "no-referrer" | "never" => return Ok ( NoReferrer ) ,
64+ "no-referrer-when-downgrade" | "default" => return Ok ( NoReferrerWhenDowngrade ) ,
65+ "same-origin" => return Ok ( SameOrigin ) ,
66+ "origin" => return Ok ( Origin ) ,
67+ "origin-when-cross-origin" => return Ok ( OriginWhenCrossOrigin ) ,
68+ "unsafe-url" | "always" => return Ok ( UnsafeUrl ) ,
69+ _ => continue ,
6870 }
69- } )
71+ }
72+
73+ Err ( :: Error :: Header )
7074 }
7175
7276 fn fmt_header ( & self , f : & mut fmt:: Formatter ) -> fmt:: Result {
@@ -90,3 +94,10 @@ fn test_parse_header() {
9094 let e: :: Result < ReferrerPolicy > = Header :: parse_header ( & "foobar" . into ( ) ) ;
9195 assert ! ( e. is_err( ) ) ;
9296}
97+
98+ #[ test]
99+ fn test_rightmost_header ( ) {
100+ let a: ReferrerPolicy = Header :: parse_header ( & "same-origin, origin, foobar" . into ( ) ) . unwrap ( ) ;
101+ let b = ReferrerPolicy :: Origin ;
102+ assert_eq ! ( a, b) ;
103+ }
0 commit comments