Source/modules/fetch/FetchManager.cpp - Issue 1279163005: Initial Fetch integration for Subresource Integrity

Side by Side Diff: Source/modules/fetch/FetchManager.cpp

Issue 1279163005: Initial Fetch integration for Subresource Integrity (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Improved and mostly working Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "config.h"	5 #include "config.h"

6 #include "modules/fetch/FetchManager.h"	6 #include "modules/fetch/FetchManager.h"

7	7

8 #include "bindings/core/v8/ExceptionState.h"	8 #include "bindings/core/v8/ExceptionState.h"

9 #include "bindings/core/v8/ScriptPromiseResolver.h"	9 #include "bindings/core/v8/ScriptPromiseResolver.h"

10 #include "bindings/core/v8/ScriptState.h"	10 #include "bindings/core/v8/ScriptState.h"

11 #include "bindings/core/v8/V8ThrowException.h"	11 #include "bindings/core/v8/V8ThrowException.h"

12 #include "core/dom/DOMArrayBuffer.h"	12 #include "core/dom/DOMArrayBuffer.h"

13 #include "core/dom/Document.h"	13 #include "core/dom/Document.h"

14 #include "core/dom/ExceptionCode.h"	14 #include "core/dom/ExceptionCode.h"

15 #include "core/fetch/FetchUtils.h"	15 #include "core/fetch/FetchUtils.h"

16 #include "core/fileapi/Blob.h"	16 #include "core/fileapi/Blob.h"

17 #include "core/frame/Frame.h"	17 #include "core/frame/Frame.h"

	18 #include "core/frame/SubresourceIntegrity.h"

18 #include "core/frame/csp/ContentSecurityPolicy.h"	19 #include "core/frame/csp/ContentSecurityPolicy.h"

19 #include "core/inspector/ConsoleMessage.h"	20 #include "core/inspector/ConsoleMessage.h"

20 #include "core/inspector/InspectorInstrumentation.h"	21 #include "core/inspector/InspectorInstrumentation.h"

21 #include "core/loader/ThreadableLoader.h"	22 #include "core/loader/ThreadableLoader.h"

22 #include "core/loader/ThreadableLoaderClient.h"	23 #include "core/loader/ThreadableLoaderClient.h"

23 #include "core/page/ChromeClient.h"	24 #include "core/page/ChromeClient.h"

24 #include "core/page/Page.h"	25 #include "core/page/Page.h"

25 #include "modules/fetch/Body.h"	26 #include "modules/fetch/Body.h"

26 #include "modules/fetch/BodyStreamBuffer.h"	27 #include "modules/fetch/BodyStreamBuffer.h"

	28 #include "modules/fetch/CompositeDataConsumerHandle.h"

27 #include "modules/fetch/DataConsumerHandleUtil.h"	29 #include "modules/fetch/DataConsumerHandleUtil.h"

28 #include "modules/fetch/FetchRequestData.h"	30 #include "modules/fetch/FetchRequestData.h"

29 #include "modules/fetch/Response.h"	31 #include "modules/fetch/Response.h"

30 #include "modules/fetch/ResponseInit.h"	32 #include "modules/fetch/ResponseInit.h"

31 #include "platform/network/ResourceError.h"	33 #include "platform/network/ResourceError.h"

32 #include "platform/network/ResourceRequest.h"	34 #include "platform/network/ResourceRequest.h"

33 #include "platform/network/ResourceResponse.h"	35 #include "platform/network/ResourceResponse.h"

34 #include "platform/weborigin/SecurityOrigin.h"	36 #include "platform/weborigin/SecurityOrigin.h"

35 #include "public/platform/WebURLRequest.h"	37 #include "public/platform/WebURLRequest.h"

36 #include "wtf/HashSet.h"	38 #include "wtf/HashSet.h"

	39 #include "wtf/Vector.h"

	40 #include "wtf/text/WTFString.h"

37	41

38 namespace blink {	42 namespace blink {

39	43

40 namespace {	44 namespace {

41	45

42 bool IsRedirectStatusCode(int statusCode)	46 bool IsRedirectStatusCode(int statusCode)

43 {	47 {

44 return (statusCode == 301 \|\| statusCode == 302 \|\| statusCode == 303 \|\| statu sCode == 307 \|\| statusCode == 308);	48 return (statusCode == 301 \|\| statusCode == 302 \|\| statusCode == 303 \|\| statu sCode == 307 \|\| statusCode == 308);

45 }	49 }

46	50

(...skipping 12 matching lines...) Expand all Loading...
59	63

60 void didReceiveResponse(unsigned long, const ResourceResponse&, PassOwnPtr<W ebDataConsumerHandle>) override;	64 void didReceiveResponse(unsigned long, const ResourceResponse&, PassOwnPtr<W ebDataConsumerHandle>) override;

61 void didFinishLoading(unsigned long, double) override;	65 void didFinishLoading(unsigned long, double) override;

62 void didFail(const ResourceError&) override;	66 void didFail(const ResourceError&) override;

63 void didFailAccessControlCheck(const ResourceError&) override;	67 void didFailAccessControlCheck(const ResourceError&) override;

64 void didFailRedirectCheck() override;	68 void didFailRedirectCheck() override;

65	69

66 void start();	70 void start();

67 void dispose();	71 void dispose();

68	72

	73 class SRIVerifier : public GarbageCollectedFinalized<SRIVerifier>, public We bDataConsumerHandle::Client {

	74 public:

	75 // SRIVerifier takes ownership of \|handle\| and \|response\|.

	76 // \|updater\| must be garbage collected. The other arguments

	77 // all must have the lifetime of the give loader.

	78 SRIVerifier(PassOwnPtr<WebDataConsumerHandle> handle, CompositeDataConsu merHandle::Updater* updater, PassOwnPtr<Response> response, FetchManager::Loader * loader, String integrityMetadata, const KURL& url)

	79 : m_handle(handle)

	80 , m_updater(updater)

	81 , m_response(response)

	82 , m_loader(loader)

	83 , m_integrityMetadata(integrityMetadata)

	84 , m_url(url)

	85 {

	86 m_reader = m_handle->obtainReader(this);

	87 }

	88

	89 void didGetReadable() override

	90 {

	91 ASSERT(m_reader);

	92 ASSERT(m_loader);

	93 ASSERT(m_response);

	94

	95 WebDataConsumerHandle::Result r = WebDataConsumerHandle::Ok;

	96 while (r == WebDataConsumerHandle::Ok) {

	97 const void* buffer;

	98 size_t size;

	99 r = m_reader->beginRead(&buffer, WebDataConsumerHandle::FlagNone , &size);

	100 if (r == WebDataConsumerHandle::Ok) {

	101 m_buffer.append(static_cast<const char*>(buffer), size);

	102 m_reader->endRead(size);

	103 }

	104 }

	105 if (r == WebDataConsumerHandle::ShouldWait)

	106 return;

	107 String errorMessage = "Unknown error occurred while trying to verify integrity.";

	108 if (r == WebDataConsumerHandle::Done) {

	109 if (SubresourceIntegrity::CheckSubresourceIntegrity(m_integrityM etadata, String(m_buffer.data(), m_buffer.size()), m_url, *m_loader->document(), errorMessage)) {

	110 // TODO waiting for commit of FetchFormDataConsumerHandle

	111 // m_updater->update(FetchFormDataConsumerHandler::create(bu ffer));

	112 m_loader->m_resolver->resolve(m_response.leakPtr());

	113 m_loader->m_resolver.clear();

	114 // FetchManager::Loader::didFinishLoading() can

	115 // be called before didGetReadable() is called

	116 // when the data is ready. In that case,

	117 // didFinishLoading() doesn't clean up and call

	118 // notifyFinished(), so it is necessary to

	119 // manually finish the loader here.

	120 if (m_loader->m_didFinishLoading)

	121 m_loader->loadSucceeded();

	122 return;

	123 }

	124 }

	125 m_updater->update(createUnexpectedErrorDataConsumerHandle());

	126 m_loader->performNetworkError(errorMessage);

	127 }

	128

	129 DEFINE_INLINE_TRACE() { visitor->trace(m_updater); }
	yhirano 2015/08/17 11:53:45 You need to list m_loader and m_response in the tr You need to list m_loader and m_response in the trace function. jww 2015/08/17 15:40:59 Done. Show quoted text On 2015/08/17 11:53:45, yhirano wrote: > You need to list m_loader and m_response in the trace function. Done.
	130 private:

	131 OwnPtr<WebDataConsumerHandle> m_handle;

	132 Member<CompositeDataConsumerHandle::Updater> m_updater;

	133 OwnPtr<Response> m_response;
	yhirano 2015/08/17 11:53:45 Member<Response> Member<Response> jww 2015/08/17 15:40:59 Done. Show quoted text On 2015/08/17 11:53:45, yhirano wrote: > Member<Response> Done.
	134 FetchManager::Loader* m_loader;
	yhirano 2015/08/17 11:53:45 RawPtrWillBeMember<...> RawPtrWillBeMember<...> jww 2015/08/17 15:40:59 Done, although out of curiosity, why should it be Show quoted text On 2015/08/17 11:53:45, yhirano wrote: > RawPtrWillBeMember<...> Done, although out of curiosity, why should it be RawPtrWillBeMember rather than Member? yhirano 2015/08/18 09:31:53 Because FetchManager::loader inherits NoBaseWillBe Show quoted text On 2015/08/17 15:40:59, jww wrote: > On 2015/08/17 11:53:45, yhirano wrote: > > RawPtrWillBeMember<...> > > Done, although out of curiosity, why should it be RawPtrWillBeMember rather than > Member? Because FetchManager::loader inherits NoBaseWillBeGarbageCollectedFinalized.
	135 String m_integrityMetadata;

	136 KURL m_url;

	137 OwnPtr<WebDataConsumerHandle::Reader> m_reader;

	138 Vector<char> m_buffer;

	139 };

	140

69 private:	141 private:

70 Loader(ExecutionContext, FetchManager, ScriptPromiseResolver, FetchReques tData);	142 Loader(ExecutionContext, FetchManager, ScriptPromiseResolver, FetchReques tData);

71	143

72 void performBasicFetch();	144 void performBasicFetch();

73 void performNetworkError(const String& message);	145 void performNetworkError(const String& message);

74 void performHTTPFetch(bool corsFlag, bool corsPreflightFlag);	146 void performHTTPFetch(bool corsFlag, bool corsPreflightFlag);

75 void failed(const String& message);	147 void failed(const String& message);

76 void notifyFinished();	148 void notifyFinished();

77 Document* document() const;	149 Document* document() const;

	150 void loadSucceeded();

78	151

79 RawPtrWillBeMember<FetchManager> m_fetchManager;	152 RawPtrWillBeMember<FetchManager> m_fetchManager;

80 PersistentWillBeMember<ScriptPromiseResolver> m_resolver;	153 PersistentWillBeMember<ScriptPromiseResolver> m_resolver;

81 PersistentWillBeMember<FetchRequestData> m_request;	154 PersistentWillBeMember<FetchRequestData> m_request;

82 RefPtr<ThreadableLoader> m_loader;	155 RefPtr<ThreadableLoader> m_loader;

83 bool m_failed;	156 bool m_failed;

84 bool m_finished;	157 bool m_finished;

85 int m_responseHttpStatusCode;	158 int m_responseHttpStatusCode;

	159 Member<SRIVerifier> m_integrityVerifier;

	160 bool m_didFinishLoading;

86 };	161 };

87	162

88 FetchManager::Loader::Loader(ExecutionContext* executionContext, FetchManager* f etchManager, ScriptPromiseResolver* resolver, FetchRequestData* request)	163 FetchManager::Loader::Loader(ExecutionContext* executionContext, FetchManager* f etchManager, ScriptPromiseResolver* resolver, FetchRequestData* request)

89 : ContextLifecycleObserver(executionContext)	164 : ContextLifecycleObserver(executionContext)

90 , m_fetchManager(fetchManager)	165 , m_fetchManager(fetchManager)

91 , m_resolver(resolver)	166 , m_resolver(resolver)

92 , m_request(request)	167 , m_request(request)

93 , m_failed(false)	168 , m_failed(false)

94 , m_finished(false)	169 , m_finished(false)

95 , m_responseHttpStatusCode(0)	170 , m_responseHttpStatusCode(0)

	171 , m_integrityVerifier(nullptr)

	172 , m_didFinishLoading(false)

96 {	173 {

97 }	174 }

98	175

99 FetchManager::Loader::~Loader()	176 FetchManager::Loader::~Loader()

100 {	177 {

101 ASSERT(!m_loader);	178 ASSERT(!m_loader);

102 }	179 }

103	180

104 DEFINE_TRACE(FetchManager::Loader)	181 DEFINE_TRACE(FetchManager::Loader)

105 {	182 {

(...skipping 18 matching lines...) Expand all Loading...
124 break;	201 break;

125 case WebURLRequest::FetchRequestModeNoCORS:	202 case WebURLRequest::FetchRequestModeNoCORS:

126 m_request->setResponseTainting(FetchRequestData::OpaqueTainting);	203 m_request->setResponseTainting(FetchRequestData::OpaqueTainting);

127 break;	204 break;

128 case WebURLRequest::FetchRequestModeCORS:	205 case WebURLRequest::FetchRequestModeCORS:

129 case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:	206 case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:

130 m_request->setResponseTainting(FetchRequestData::CORSTainting);	207 m_request->setResponseTainting(FetchRequestData::CORSTainting);

131 break;	208 break;

132 }	209 }

133 }	210 }

134 FetchResponseData* responseData = FetchResponseData::createWithBuffer(new Bo dyStreamBuffer(createFetchDataConsumerHandleFromWebHandle(handle)));	211

	212 FetchResponseData* responseData = nullptr;

	213 CompositeDataConsumerHandle::Updater* updater = nullptr;

	214 if (m_request->integrity().isEmpty())

	215 responseData = FetchResponseData::createWithBuffer(new BodyStreamBuffer( createFetchDataConsumerHandleFromWebHandle(handle)));

	216 else

	217 responseData = FetchResponseData::createWithBuffer(new BodyStreamBuffer( createFetchDataConsumerHandleFromWebHandle(CompositeDataConsumerHandle::create(c reateWaitingDataConsumerHandle(), &updater))));

135 responseData->setStatus(response.httpStatusCode());	218 responseData->setStatus(response.httpStatusCode());

136 responseData->setStatusMessage(response.httpStatusText());	219 responseData->setStatusMessage(response.httpStatusText());

137 for (auto& it : response.httpHeaderFields())	220 for (auto& it : response.httpHeaderFields())

138 responseData->headerList()->append(it.key, it.value);	221 responseData->headerList()->append(it.key, it.value);

139 responseData->setURL(response.url());	222 responseData->setURL(response.url());

140 responseData->setMIMEType(response.mimeType());	223 responseData->setMIMEType(response.mimeType());

141	224

142 FetchResponseData* taintedResponse = nullptr;	225 FetchResponseData* taintedResponse = nullptr;

143	226

144 if (IsRedirectStatusCode(m_responseHttpStatusCode)) {	227 if (IsRedirectStatusCode(m_responseHttpStatusCode)) {

(...skipping 21 matching lines...) Expand all Loading...
166 taintedResponse = responseData->createBasicFilteredResponse();	249 taintedResponse = responseData->createBasicFilteredResponse();

167 break;	250 break;

168 case FetchRequestData::CORSTainting:	251 case FetchRequestData::CORSTainting:

169 taintedResponse = responseData->createCORSFilteredResponse();	252 taintedResponse = responseData->createCORSFilteredResponse();

170 break;	253 break;

171 case FetchRequestData::OpaqueTainting:	254 case FetchRequestData::OpaqueTainting:

172 taintedResponse = responseData->createOpaqueFilteredResponse();	255 taintedResponse = responseData->createOpaqueFilteredResponse();

173 break;	256 break;

174 }	257 }

175 }	258 }

	259

176 Response* r = Response::create(m_resolver->executionContext(), taintedRespon se);	260 Response* r = Response::create(m_resolver->executionContext(), taintedRespon se);

177 r->headers()->setGuard(Headers::ImmutableGuard);	261 r->headers()->setGuard(Headers::ImmutableGuard);

178 m_resolver->resolve(r);	262

179 m_resolver.clear();	263 if (m_request->integrity().isEmpty()) {

	264 m_resolver->resolve(r);

	265 m_resolver.clear();

	266 } else {

	267 ASSERT(!m_integrityVerifier);

	268 m_integrityVerifier = new SRIVerifier(handle, updater, adoptPtr(r), this , m_request->integrity(), response.url());
	yhirano 2015/08/17 11:53:45 adoptPtr is not needed. adoptPtr is not needed. jww 2015/08/17 15:40:59 Done. Show quoted text On 2015/08/17 11:53:45, yhirano wrote: > adoptPtr is not needed. Done.
	269 }

180 }	270 }

181	271

182 void FetchManager::Loader::didFinishLoading(unsigned long, double)	272 void FetchManager::Loader::didFinishLoading(unsigned long, double)

183 {	273 {

184 ASSERT(!m_failed);	274 m_didFinishLoading = true;

185 m_finished = true;	275 if (m_integrityVerifier \|\| m_finished)

	276 return;
	yhirano 2015/08/17 11:53:45 I think loadSucceeded will not be be called when t I think loadSucceeded will not be be called when the verifier is done faster than didFinishLoading is dispatched, right? yhirano 2015/08/17 11:54:44 s/faster/earlier/ Show quoted text On 2015/08/17 11:53:45, yhirano wrote: > I think loadSucceeded will not be be called when the verifier is done faster > than didFinishLoading is dispatched, right? s/faster/earlier/ jww 2015/08/17 15:40:59 Yes, good call. I've removed the "\|\| m_finished" c Show quoted text On 2015/08/17 11:54:44, yhirano wrote: > On 2015/08/17 11:53:45, yhirano wrote: > > I think loadSucceeded will not be be called when the verifier is done faster > > than didFinishLoading is dispatched, right? > > s/faster/earlier/ Yes, good call. I've removed the "\|\| m_finished" check. yhirano 2015/08/18 09:31:53 I think you need isFinished predicated here. if ( Show quoted text On 2015/08/17 15:40:59, jww wrote: > On 2015/08/17 11:54:44, yhirano wrote: > > On 2015/08/17 11:53:45, yhirano wrote: > > > I think loadSucceeded will not be be called when the verifier is done faster > > > than didFinishLoading is dispatched, right? > > > > s/faster/earlier/ > > Yes, good call. I've removed the "\|\| m_finished" check. I think you need isFinished predicated here. if (m_integrityVerifier && !m_integrityVerifier->isFinished()) return; jww 2015/08/18 19:26:20 Done. Show quoted text On 2015/08/18 09:31:53, yhirano wrote: > On 2015/08/17 15:40:59, jww wrote: > > On 2015/08/17 11:54:44, yhirano wrote: > > > On 2015/08/17 11:53:45, yhirano wrote: > > > > I think loadSucceeded will not be be called when the verifier is done > faster > > > > than didFinishLoading is dispatched, right? > > > > > > s/faster/earlier/ > > > > Yes, good call. I've removed the "\|\| m_finished" check. > > I think you need isFinished predicated here. > > if (m_integrityVerifier && !m_integrityVerifier->isFinished()) > return; > Done.
186	277

187 if (document() && document()->frame() && document()->frame()->page()	278 loadSucceeded();

188 && m_responseHttpStatusCode >= 200 && m_responseHttpStatusCode < 300) {

189 document()->frame()->page()->chromeClient().ajaxSucceeded(document()->fr ame());

190 }

191 InspectorInstrumentation::didFinishFetch(executionContext(), this, m_request ->method(), m_request->url().string());

192 notifyFinished();

193 }	279 }

194	280

195 void FetchManager::Loader::didFail(const ResourceError& error)	281 void FetchManager::Loader::didFail(const ResourceError& error)

196 {	282 {

197 if (error.isCancellation() \|\| error.isTimeout() \|\| error.domain() != errorDo mainBlinkInternal)	283 if (error.isCancellation() \|\| error.isTimeout() \|\| error.domain() != errorDo mainBlinkInternal)

198 failed(String());	284 failed(String());

199 else	285 else

200 failed("Fetch API cannot load " + error.failingURL() + ". " + error.loca lizedDescription());	286 failed("Fetch API cannot load " + error.failingURL() + ". " + error.loca lizedDescription());

201 }	287 }

202	288

(...skipping 11 matching lines...) Expand all Loading...
214 }	300 }

215	301

216 Document* FetchManager::Loader::document() const	302 Document* FetchManager::Loader::document() const

217 {	303 {

218 if (executionContext()->isDocument()) {	304 if (executionContext()->isDocument()) {

219 return toDocument(executionContext());	305 return toDocument(executionContext());

220 }	306 }

221 return nullptr;	307 return nullptr;

222 }	308 }

223	309

	310 void FetchManager::Loader::loadSucceeded()

	311 {

	312 ASSERT(!m_failed);

	313

	314 m_finished = true;

	315

	316 if (document() && document()->frame() && document()->frame()->page()

	317 && m_responseHttpStatusCode >= 200 && m_responseHttpStatusCode < 300) {

	318 document()->frame()->page()->chromeClient().ajaxSucceeded(document()->fr ame());

	319 }

	320 InspectorInstrumentation::didFinishFetch(executionContext(), this, m_request ->method(), m_request->url().string());

	321 notifyFinished();

	322 }

	323

224 void FetchManager::Loader::start()	324 void FetchManager::Loader::start()

225 {	325 {

226 // "1. If \|request\|'s url contains a Known HSTS Host, modify it per the	326 // "1. If \|request\|'s url contains a Known HSTS Host, modify it per the

227 // requirements of the 'URI [sic] Loading and Port Mapping' chapter of HTTP	327 // requirements of the 'URI [sic] Loading and Port Mapping' chapter of HTTP

228 // Strict Transport Security."	328 // Strict Transport Security."

229 // FIXME: Implement this.	329 // FIXME: Implement this.

230	330

231 // "2. If \|request\|'s referrer is not none, set \|request\|'s referrer to the	331 // "2. If \|request\|'s referrer is not none, set \|request\|'s referrer to the

232 // result of invoking determine \|request\|'s referrer."	332 // result of invoking determine \|request\|'s referrer."

233 // We set the referrer using workerGlobalScope's URL in	333 // We set the referrer using workerGlobalScope's URL in

(...skipping 254 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
488	588

489 DEFINE_TRACE(FetchManager)	589 DEFINE_TRACE(FetchManager)

490 {	590 {

491 #if ENABLE(OILPAN)	591 #if ENABLE(OILPAN)

492 visitor->trace(m_executionContext);	592 visitor->trace(m_executionContext);

493 visitor->trace(m_loaders);	593 visitor->trace(m_loaders);

494 #endif	594 #endif

495 }	595 }

496	596

497 } // namespace blink	597 } // namespace blink

OLD	NEW

« no previous file with comments | « Source/core/html/HTMLLinkElement.cpp ('k') | Source/modules/fetch/FetchRequestData.h » ('j') | no next file with comments »