Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(13)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/loader/CrossOriginPreflightResultCache.cpp

Issue 1196423003: Improve console log message for CORS failure (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebase Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« Source/core/fetch/CrossOriginAccessControl.cpp ('K') | « Source/core/fetch/ResourceFetcher.cpp ('k') | Source/core/loader/DocumentThreadableLoader.cpp » ('j') | Source/core/loader/DocumentThreadableLoader.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2008, 2009 Apple Inc. All Rights Reserved. 2 * Copyright (C) 2008, 2009 Apple Inc. All Rights Reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after
82 if (start != string.length()) 82 if (start != string.length())
83 addToAccessControlAllowList(string, start, string.length() - 1, set); 83 addToAccessControlAllowList(string, start, string.length() - 1, set);
84 84
85 return true; 85 return true;
86 } 86 }
87 87
88 bool CrossOriginPreflightResultCacheItem::parse(const ResourceResponse& response , String& errorDescription) 88 bool CrossOriginPreflightResultCacheItem::parse(const ResourceResponse& response , String& errorDescription)
89 { 89 {
90 m_methods.clear(); 90 m_methods.clear();
91 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al low-Methods"), m_methods)) { 91 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al low-Methods"), m_methods)) {
92 errorDescription = "Cannot parse Access-Control-Allow-Methods response h eader field."; 92 errorDescription = "Cannot parse Access-Control-Allow-Methods response h eader field in preflight response.";
93 return false; 93 return false;
94 } 94 }
95 95
96 m_headers.clear(); 96 m_headers.clear();
97 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al low-Headers"), m_headers)) { 97 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al low-Headers"), m_headers)) {
98 errorDescription = "Cannot parse Access-Control-Allow-Headers response h eader field."; 98 errorDescription = "Cannot parse Access-Control-Allow-Headers response h eader field in preflight response.";
99 return false; 99 return false;
100 } 100 }
101 101
102 unsigned expiryDelta; 102 unsigned expiryDelta;
103 if (parseAccessControlMaxAge(response.httpHeaderField("Access-Control-Max-Ag e"), expiryDelta)) { 103 if (parseAccessControlMaxAge(response.httpHeaderField("Access-Control-Max-Ag e"), expiryDelta)) {
104 if (expiryDelta > maxPreflightCacheTimeoutSeconds) 104 if (expiryDelta > maxPreflightCacheTimeoutSeconds)
105 expiryDelta = maxPreflightCacheTimeoutSeconds; 105 expiryDelta = maxPreflightCacheTimeoutSeconds;
106 } else { 106 } else {
107 expiryDelta = defaultPreflightCacheTimeoutSeconds; 107 expiryDelta = defaultPreflightCacheTimeoutSeconds;
108 } 108 }
109 109
110 m_absoluteExpiryTime = currentTime() + expiryDelta; 110 m_absoluteExpiryTime = currentTime() + expiryDelta;
111 return true; 111 return true;
112 } 112 }
113 113
114 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod(const String& method, String& errorDescription) const 114 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod(const String& method, String& errorDescription) const
115 { 115 {
116 if (m_methods.contains(method) || FetchUtils::isSimpleMethod(method)) 116 if (m_methods.contains(method) || FetchUtils::isSimpleMethod(method))
117 return true; 117 return true;
118 118
119 errorDescription = "Method " + method + " is not allowed by Access-Control-A llow-Methods."; 119 errorDescription = "Method " + method + " is not allowed by Access-Control-A llow-Methods in preflight response.";
120 return false; 120 return false;
121 } 121 }
122 122
123 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders(const HTTPHea derMap& requestHeaders, String& errorDescription) const 123 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders(const HTTPHea derMap& requestHeaders, String& errorDescription) const
124 { 124 {
125 for (const auto& header : requestHeaders) { 125 for (const auto& header : requestHeaders) {
126 if (!m_headers.contains(header.key) && !FetchUtils::isSimpleHeader(heade r.key, header.value) && !FetchUtils::isForbiddenHeaderName(header.key)) { 126 if (!m_headers.contains(header.key) && !FetchUtils::isSimpleHeader(heade r.key, header.value) && !FetchUtils::isForbiddenHeaderName(header.key)) {
127 errorDescription = "Request header field " + header.key.string() + " is not allowed by Access-Control-Allow-Headers."; 127 errorDescription = "Request header field " + header.key.string() + " is not allowed by Access-Control-Allow-Headers in preflight response.";
128 return false; 128 return false;
129 } 129 }
130 } 130 }
131 return true; 131 return true;
132 } 132 }
133 133
134 bool CrossOriginPreflightResultCacheItem::allowsRequest(StoredCredentials includ eCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const 134 bool CrossOriginPreflightResultCacheItem::allowsRequest(StoredCredentials includ eCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const
135 { 135 {
136 String ignoredExplanation; 136 String ignoredExplanation;
137 if (m_absoluteExpiryTime < currentTime()) 137 if (m_absoluteExpiryTime < currentTime())
(...skipping 28 matching lines...) Expand all
166 return false; 166 return false;
167 167
168 if (cacheIt->value->allowsRequest(includeCredentials, method, requestHeaders )) 168 if (cacheIt->value->allowsRequest(includeCredentials, method, requestHeaders ))
169 return true; 169 return true;
170 170
171 m_preflightHashMap.remove(cacheIt); 171 m_preflightHashMap.remove(cacheIt);
172 return false; 172 return false;
173 } 173 }
174 174
175 } // namespace blink 175 } // namespace blink
OLDNEW
« Source/core/fetch/CrossOriginAccessControl.cpp ('K') | « Source/core/fetch/ResourceFetcher.cpp ('k') | Source/core/loader/DocumentThreadableLoader.cpp » ('j') | Source/core/loader/DocumentThreadableLoader.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698