ppapi/shared_impl/url_request_info_impl.cc - Issue 7706021: Convert FileRefImpl and URLRequestInfo to shared_impl.

Unified Diff: ppapi/shared_impl/url_request_info_impl.cc

Issue 7706021: Convert FileRefImpl and URLRequestInfo to shared_impl. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Minor fixes Created 9 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: ppapi/shared_impl/url_request_info_impl.cc

diff --git a/ppapi/shared_impl/url_request_info_impl.cc b/ppapi/shared_impl/url_request_info_impl.cc

new file mode 100644

index 0000000000000000000000000000000000000000..8f98cc58d6fdb08129a8fb641583a795920317df

--- /dev/null

+++ b/ppapi/shared_impl/url_request_info_impl.cc

@@ -0,0 +1,337 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "ppapi/shared_impl/url_request_info_impl.h"

+#include "base/string_util.h"

+#include "ppapi/shared_impl/var.h"

+#include "ppapi/thunk/enter.h"

+#include "ppapi/thunk/ppb_file_ref_api.h"

+using ppapi::thunk::EnterResourceNoLock;

+namespace ppapi {

+namespace {

+const int32_t kDefaultPrefetchBufferUpperThreshold = 100 * 1000 * 1000;

+const int32_t kDefaultPrefetchBufferLowerThreshold = 50 * 1000 * 1000;

bbudge 2011/08/23 20:35:59 Just a heads up that Darin and I think this logic

+// These methods are not allowed by the XMLHttpRequest standard.

+// http://www.w3.org/TR/XMLHttpRequest/#the-open-method

+const char* const kForbiddenHttpMethods[] = {

+ "connect",

+ "trace",

+ "track",

+};

+// These are the "known" methods in the Webkit XHR implementation. Also see

+// the XMLHttpRequest standard.

+// http://www.w3.org/TR/XMLHttpRequest/#the-open-method

+const char* const kKnownHttpMethods[] = {

+ "get",

+ "post",

+ "put",

+ "head",

+ "copy",

+ "delete",

+ "index",

+ "lock",

+ "m-post",

+ "mkcol",

+ "move",

+ "options",

+ "propfind",

+ "proppatch",

+ "unlock",

+};

+bool IsValidToken(const std::string& token) {

+ size_t length = token.size();

+ if (length == 0)

+ return false;

+ for (size_t i = 0; i < length; i++) {

+ char c = token[i];

+ if (c >= 127 || c <= 32)

+ return false;

+ if (c == '(' || c == ')' || c == '<' || c == '>' || c == '@' ||

+ c == ',' || c == ';' || c == ':' || c == '\\' || c == '\"' ||

+ c == '/' || c == '[' || c == ']' || c == '?' || c == '=' ||

+ c == '{' || c == '}')

+ return false;

+ }

+ return true;

+} // namespace

+PPB_URLRequestInfo_Data::BodyItem::BodyItem()

+ : is_file(false),

+ start_offset(0),

+ number_of_bytes(-1),

+ expected_last_modified_time(0.0) {

+PPB_URLRequestInfo_Data::BodyItem::BodyItem(const std::string& data)

+ : is_file(false),

+ data(data),

+ start_offset(0),

+ number_of_bytes(-1),

+ expected_last_modified_time(0.0) {

+PPB_URLRequestInfo_Data::BodyItem::BodyItem(

+ Resource* file_ref,

+ int64_t start_offset,

+ int64_t number_of_bytes,

+ PP_Time expected_last_modified_time)

+ : is_file(true),

+ file_ref(file_ref),

+ file_ref_host_resource(file_ref->host_resource()),

+ start_offset(start_offset),

+ number_of_bytes(number_of_bytes),

+ expected_last_modified_time(expected_last_modified_time) {

+PPB_URLRequestInfo_Data::PPB_URLRequestInfo_Data()

+ : url(),

+ method(),

+ headers(),

bbudge 2011/08/23 20:35:59 Do you really have to have these default construct

brettw 2011/08/24 23:41:09 No, but there were so many initializers I found it

+ stream_to_file(false),

+ follow_redirects(false),

+ record_download_progress(false),

+ record_upload_progress(false),

+ has_custom_referrer_url(false),

+ custom_referrer_url(),

+ allow_cross_origin_requests(false),

+ allow_credentials(false),

+ has_custom_content_transfer_encoding(false),

+ custom_content_transfer_encoding(),

+ prefetch_buffer_upper_threshold(kDefaultPrefetchBufferUpperThreshold),

+ prefetch_buffer_lower_threshold(kDefaultPrefetchBufferLowerThreshold),

+ body() {

+PPB_URLRequestInfo_Data::~PPB_URLRequestInfo_Data() {

+URLRequestInfoImpl::URLRequestInfoImpl(PP_Instance instance,

+ const PPB_URLRequestInfo_Data& data)

bbudge 2011/08/23 20:35:59 Alignment with prev param.

+ : Resource(instance),

+ data_(data) {

+URLRequestInfoImpl::URLRequestInfoImpl(const HostResource& host_resource,

+ const PPB_URLRequestInfo_Data& data)

bbudge 2011/08/23 20:35:59 Alignment.

+ : Resource(host_resource),

+ data_(data) {

+URLRequestInfoImpl::~URLRequestInfoImpl() {

+thunk::PPB_URLRequestInfo_API* URLRequestInfoImpl::AsPPB_URLRequestInfo_API() {

+ return this;

+PP_Bool URLRequestInfoImpl::SetProperty(PP_URLRequestProperty property,

+ PP_Var var) {

+ // IMPORTANT: Do not do security validation of parameters at this level

+ // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. This

+ // code is used both in the plugin (which we don't trust) and in the renderer

+ // (which we trust more). When running out-of-process, the plugin calls this

+ // function to configure the PPB_URLRequestInfo_Data, which is then sent to

+ // the renderer and *not* run through SetProperty again.

+ //

+ // This means that anything in the PPB_URLRequestInfo_Data needs to be

+ // validated at the time the URL is requested (which is what ValidateData

+ // does). If your feature requires security checks, it should be in the

+ // implementation in the renderer when the WebKit request is actually

+ // constructed.

+ //

+ // It is legal to do some validation here if you want to report failure to

+ // the plugin as a convenience, as long as you also do it in the renderer

+ // later.

+ PP_Bool result = PP_FALSE;

+ switch (var.type) {

+ case PP_VARTYPE_UNDEFINED:

+ result = PP_FromBool(SetUndefinedProperty(property));

+ break;

+ case PP_VARTYPE_BOOL:

+ result = PP_FromBool(

+ SetBooleanProperty(property, PP_ToBool(var.value.as_bool)));

+ break;

+ case PP_VARTYPE_INT32:

+ result = PP_FromBool(

+ SetIntegerProperty(property, var.value.as_int));

+ break;

+ case PP_VARTYPE_STRING: {

+ StringVar* string = StringVar::FromPPVar(var);

+ if (string)

+ result = PP_FromBool(SetStringProperty(property, string->value()));

+ break;

+ }

+ default:

+ break;

+ }

+ return result;

+PP_Bool URLRequestInfoImpl::AppendDataToBody(const void* data, uint32_t len) {

+ if (len > 0) {

+ data_.body.push_back(PPB_URLRequestInfo_Data::BodyItem(

+ std::string(static_cast<const char*>(data), len)));

+ }

+ return PP_TRUE;

+PP_Bool URLRequestInfoImpl::AppendFileToBody(

+ PP_Resource file_ref,

+ int64_t start_offset,

+ int64_t number_of_bytes,

+ PP_Time expected_last_modified_time) {

+ EnterResourceNoLock<thunk::PPB_FileRef_API> enter(file_ref, true);

+ if (enter.failed())

+ return PP_FALSE;

+ // Ignore a call to append nothing.

+ if (number_of_bytes == 0)

+ return PP_TRUE;

+ // Check for bad values. (-1 means read until end of file.)

+ if (start_offset < 0 || number_of_bytes < -1)

+ return PP_FALSE;

+ data_.body.push_back(PPB_URLRequestInfo_Data::BodyItem(

+ enter.resource(),

+ start_offset,

+ number_of_bytes,

+ expected_last_modified_time));

+ return PP_TRUE;

+const PPB_URLRequestInfo_Data& URLRequestInfoImpl::GetData() const {

+ return data_;

+// static

+std::string URLRequestInfoImpl::ValidateMethod(const std::string& method) {

+ if (!IsValidToken(method))

+ return std::string();

+ for (size_t i = 0; i < arraysize(kForbiddenHttpMethods); ++i) {

+ if (LowerCaseEqualsASCII(method, kForbiddenHttpMethods[i]))

+ return std::string();

+ }

+ for (size_t i = 0; i < arraysize(kKnownHttpMethods); ++i) {

+ if (LowerCaseEqualsASCII(method, kKnownHttpMethods[i])) {

+ // Convert the method name to upper case to match Webkit and Firefox's

+ // XHR implementation.

+ return StringToUpperASCII(std::string(kKnownHttpMethods[i]));

+ }

+ // Pass through unknown methods that are not forbidden.

+ return method;

+bool URLRequestInfoImpl::SetUndefinedProperty(PP_URLRequestProperty property) {

+ // IMPORTANT: Do not do security validation of parameters at this level

+ // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See

+ // SetProperty() above for why.

+ switch (property) {

+ case PP_URLREQUESTPROPERTY_CUSTOMREFERRERURL:

+ data_.has_custom_referrer_url = false;

+ data_.custom_referrer_url = std::string();

+ return true;

+ case PP_URLREQUESTPROPERTY_CUSTOMCONTENTTRANSFERENCODING:

+ data_.has_custom_content_transfer_encoding = false;

+ data_.custom_content_transfer_encoding = std::string();

+ return true;

+ default:

+ return false;

+ }

+bool URLRequestInfoImpl::SetBooleanProperty(PP_URLRequestProperty property,

+ bool value) {

+ // IMPORTANT: Do not do security validation of parameters at this level

+ // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See

+ // SetProperty() above for why.

+ switch (property) {

+ case PP_URLREQUESTPROPERTY_STREAMTOFILE:

+ data_.stream_to_file = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_FOLLOWREDIRECTS:

+ data_.follow_redirects = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_RECORDDOWNLOADPROGRESS:

+ data_.record_download_progress = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_RECORDUPLOADPROGRESS:

+ data_.record_upload_progress = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS:

+ data_.allow_cross_origin_requests = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_ALLOWCREDENTIALS:

+ data_.allow_credentials = value;

+ return true;

+ default:

+ return false;

+ }

+bool URLRequestInfoImpl::SetIntegerProperty(PP_URLRequestProperty property,

+ int32_t value) {

+ // IMPORTANT: Do not do security validation of parameters at this level

+ // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See

+ // SetProperty() above for why.

+ switch (property) {

+ case PP_URLREQUESTPROPERTY_PREFETCHBUFFERUPPERTHRESHOLD:

+ data_.prefetch_buffer_upper_threshold = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_PREFETCHBUFFERLOWERTHRESHOLD:

+ data_.prefetch_buffer_lower_threshold = value;

+ return true;

+ default:

+ return false;

+ }

+bool URLRequestInfoImpl::SetStringProperty(PP_URLRequestProperty property,

+ const std::string& value) {

+ // IMPORTANT: Do not do security validation of parameters at this level

+ // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See

+ // SetProperty() above for why.

+ switch (property) {

+ case PP_URLREQUESTPROPERTY_URL:

+ data_.url = value; // NOTE: This may be a relative URL.

+ return true;

+ case PP_URLREQUESTPROPERTY_METHOD: {

+ // Convenience check for synchronously returning errors to the plugin.

+ // This is re-checked in ValidateData.

+ std::string canonicalized = ValidateMethod(value);

+ if (canonicalized.empty())

+ return false;

+ data_.method = canonicalized;

+ return true;

+ }

+ case PP_URLREQUESTPROPERTY_HEADERS:

+ data_.headers = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_CUSTOMREFERRERURL:

+ data_.has_custom_referrer_url = true;

+ data_.custom_referrer_url = value;

+ return true;

+ case PP_URLREQUESTPROPERTY_CUSTOMCONTENTTRANSFERENCODING:

+ data_.has_custom_content_transfer_encoding = true;

+ data_.custom_content_transfer_encoding = value;

+ return true;

+ default:

+ return false;

+ }

+} // namespace ppapi

« ppapi/shared_impl/url_request_info_impl.h ('K') | « ppapi/shared_impl/url_request_info_impl.h ('k') | ppapi/shared_impl/var.h » ('j') | ppapi/thunk/ppb_file_ref_api.h » ('J')