Chromium Code Reviews Chromium Code Reviews
Issue 1280733002:
[3/3 blink] Support redirect option of Request and "opaqueredirect" response type. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@Redirect1| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
| 3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
| 7 * met: | 7 * met: |
| 8 * | 8 * |
| 9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
| 10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 87 , m_forceDoNotAllowStoredCredentials(false) | 87 , m_forceDoNotAllowStoredCredentials(false) |
| 88 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) | 88 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) |
| 89 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url()) ) | 89 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url()) ) |
| 90 , m_crossOriginNonSimpleRequest(false) | 90 , m_crossOriginNonSimpleRequest(false) |
| 91 , m_isUsingDataConsumerHandle(false) | 91 , m_isUsingDataConsumerHandle(false) |
| 92 , m_async(blockingBehavior == LoadAsynchronously) | 92 , m_async(blockingBehavior == LoadAsynchronously) |
| 93 , m_requestContext(request.requestContext()) | 93 , m_requestContext(request.requestContext()) |
| 94 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) | 94 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) |
| 95 , m_requestStartedSeconds(0.0) | 95 , m_requestStartedSeconds(0.0) |
| 96 , m_corsRedirectLimit(kMaxCORSRedirects) | 96 , m_corsRedirectLimit(kMaxCORSRedirects) |
| 97 , m_redirectMode(request.fetchRedirectMode()) | |
| 97 { | 98 { |
| 98 ASSERT(client); | 99 ASSERT(client); |
| 99 // Setting an outgoing referer is only supported in the async code path. | 100 // Setting an outgoing referer is only supported in the async code path. |
| 100 ASSERT(m_async || request.httpReferrer().isEmpty()); | 101 ASSERT(m_async || request.httpReferrer().isEmpty()); |
| 101 | 102 |
| 102 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO riginRequests) { | 103 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO riginRequests) { |
| 103 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url ().string(), "Cross origin requests are not supported.")); | 104 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url ().string(), "Cross origin requests are not supported.")); |
| 104 return; | 105 return; |
| 105 } | 106 } |
| 106 | 107 |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 262 // to content::WebURLLoaderImpl. So, this loader must also get detached from | 263 // to content::WebURLLoaderImpl. So, this loader must also get detached from |
| 263 // the resource by calling clearResource(). | 264 // the resource by calling clearResource(). |
| 264 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse) | 265 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse) |
| 265 { | 266 { |
| 266 ASSERT(m_client); | 267 ASSERT(m_client); |
| 267 ASSERT_UNUSED(resource, resource == this->resource()); | 268 ASSERT_UNUSED(resource, resource == this->resource()); |
| 268 ASSERT(m_async); | 269 ASSERT(m_async); |
| 269 | 270 |
| 270 RefPtr<DocumentThreadableLoader> protect(this); | 271 RefPtr<DocumentThreadableLoader> protect(this); |
| 271 | 272 |
| 272 if (!isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy:: DidRedirect)) { | 273 if (m_redirectMode == WebURLRequest::FetchRedirectModeManual) { |
| 274 responseReceived(resource, redirectResponse, nullptr); | |
|
yhirano
2015/08/18 07:56:49
Please create and pass a valid handle when useStre
horo
2015/08/19 07:36:12
Done.
I introduced EmptyDataHandle.
| |
| 275 clearResource(); | |
| 276 request = ResourceRequest(); | |
| 277 return; | |
| 278 } | |
| 279 | |
| 280 if (m_redirectMode == WebURLRequest::FetchRedirectModeError || !isAllowedByC ontentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) { | |
| 273 m_client->didFailRedirectCheck(); | 281 m_client->didFailRedirectCheck(); |
| 274 | 282 |
| 275 clearResource(); | 283 clearResource(); |
| 276 request = ResourceRequest(); | 284 request = ResourceRequest(); |
| 277 | 285 |
| 278 m_requestStartedSeconds = 0.0; | 286 m_requestStartedSeconds = 0.0; |
| 279 return; | 287 return; |
| 280 } | 288 } |
| 281 | 289 |
| 282 // Allow same origin requests to continue after allowing clients to audit th e redirect. | 290 // Allow same origin requests to continue after allowing clients to audit th e redirect. |
| (...skipping 392 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 675 return DoNotAllowStoredCredentials; | 683 return DoNotAllowStoredCredentials; |
| 676 return m_resourceLoaderOptions.allowCredentials; | 684 return m_resourceLoaderOptions.allowCredentials; |
| 677 } | 685 } |
| 678 | 686 |
| 679 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const | 687 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const |
| 680 { | 688 { |
| 681 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin (); | 689 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin (); |
| 682 } | 690 } |
| 683 | 691 |
| 684 } // namespace blink | 692 } // namespace blink |
| OLD | NEW |
