Merge pull request #530 from freedomofpress/515-referrer-policy

Add support for the Referrer-Policy header in the scanner

directory/management/commands/createresultgroups.py

@@ -278,4 +278,12 @@ def handle(self, *args, **options):
                 result_group=local_storage,
                 sort_order=1
             ),
+            ResultState(
+                name='referrer_policy_set_to_no_referrer',
+                success_text='<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy">Referrer-Policy</a> no-referrer header set properly.',
+                failure_text='<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy">Referrer-Policy</a> no-referrer header not set properly.',
+                is_warning=True,
+                result_group=server_security,
+                sort_order=9
+            ),
         ])

directory/migrations/0006_scanresult_no_referrer_policy_set_squashed_0007_auto_20180828_2158.py

@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.11 on 2018-08-29 17:13
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    replaces = [('directory', '0006_scanresult_no_referrer_policy_set'), ('directory', '0007_auto_20180828_2158')]
+
+    dependencies = [
+        ('directory', '0005_directoryentry_delisted'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='scanresult',
+            name='referrer_policy_set_to_no_referrer',
+            field=models.NullBooleanField(),
+        ),
+    ]

directory/models/entry.py

@@ -270,6 +270,7 @@ class ScanResult(models.Model):
     cache_control_nostore_set = models.NullBooleanField()
     cache_control_private_set = models.NullBooleanField()
     expires_set = models.NullBooleanField()
+    referrer_policy_set_to_no_referrer = models.NullBooleanField()
 
     # Page content
     safe_onion_address = models.NullBooleanField()
@@ -308,6 +309,7 @@ class ScanResult(models.Model):
         ReadOnlyPanel("cache_control_nostore_set"),
         ReadOnlyPanel("cache_control_private_set"),
         ReadOnlyPanel("expires_set"),
+        ReadOnlyPanel("referrer_policy_set_to_no_referrer"),
         ReadOnlyPanel("safe_onion_address"),
         ReadOnlyPanel("no_cdn"),
         ReadOnlyPanel("no_analytics"),

scanner/scanner.py

@@ -71,6 +71,7 @@ def pshtt_data_to_result(securedrop: DirectoryEntry, pshtt_results: Dict) -> Sca
         cache_control_notransform_set=validate_notransform(page),
         cache_control_nostore_set=validate_nostore(page),
         cache_control_private_set=validate_private(page),
+        referrer_policy_set_to_no_referrer=validate_no_referrer_policy(page),
     )
 
 
@@ -349,6 +350,10 @@ def validate_private(page):
     return validate_security_header(page, "Cache-Control", "private")
 
 
+def validate_no_referrer_policy(page):
+    return validate_security_header(page, "Referrer-Policy", "no-referrer")
+
+
 def validate_no_cookies(page):
     if len(page.cookies.keys()) > 0:
         return False

scanner/tests/test_validation.py

@@ -222,3 +222,13 @@ def test_cache_control_validate_private_not_set(self):
         page = mock.Mock()
         page.headers = {'Cache-Control': 'public'}
         self.assertFalse(scanner.validate_private(page))
+
+    def test_referrer_policy_no_referrer_set(self):
+        page = mock.Mock()
+        page.headers = {'Referrer-Policy': 'no-referrer'}
+        self.assertTrue(scanner.validate_no_referrer_policy(page))
+
+    def test_referrer_policy_no_referrer_not_set(self):
+        page = mock.Mock()
+        page.headers = {'Referrer-Policy': 'origin'}
+        self.assertFalse(scanner.validate_no_referrer_policy(page))