OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
7 * met: | 7 * met: |
8 * | 8 * |
9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
87 , m_forceDoNotAllowStoredCredentials(false) | 87 , m_forceDoNotAllowStoredCredentials(false) |
88 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) | 88 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) |
89 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url()) ) | 89 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url()) ) |
90 , m_crossOriginNonSimpleRequest(false) | 90 , m_crossOriginNonSimpleRequest(false) |
91 , m_isUsingDataConsumerHandle(false) | 91 , m_isUsingDataConsumerHandle(false) |
92 , m_async(blockingBehavior == LoadAsynchronously) | 92 , m_async(blockingBehavior == LoadAsynchronously) |
93 , m_requestContext(request.requestContext()) | 93 , m_requestContext(request.requestContext()) |
94 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) | 94 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) |
95 , m_requestStartedSeconds(0.0) | 95 , m_requestStartedSeconds(0.0) |
96 , m_corsRedirectLimit(kMaxCORSRedirects) | 96 , m_corsRedirectLimit(kMaxCORSRedirects) |
97 , m_redirectMode(request.fetchRedirectMode()) | |
97 { | 98 { |
98 ASSERT(client); | 99 ASSERT(client); |
99 // Setting an outgoing referer is only supported in the async code path. | 100 // Setting an outgoing referer is only supported in the async code path. |
100 ASSERT(m_async || request.httpReferrer().isEmpty()); | 101 ASSERT(m_async || request.httpReferrer().isEmpty()); |
101 | 102 |
102 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO riginRequests) { | 103 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO riginRequests) { |
103 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url ().string(), "Cross origin requests are not supported.")); | 104 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url ().string(), "Cross origin requests are not supported.")); |
104 return; | 105 return; |
105 } | 106 } |
106 | 107 |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
262 // to content::WebURLLoaderImpl. So, this loader must also get detached from | 263 // to content::WebURLLoaderImpl. So, this loader must also get detached from |
263 // the resource by calling clearResource(). | 264 // the resource by calling clearResource(). |
264 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse) | 265 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse) |
265 { | 266 { |
266 ASSERT(m_client); | 267 ASSERT(m_client); |
267 ASSERT_UNUSED(resource, resource == this->resource()); | 268 ASSERT_UNUSED(resource, resource == this->resource()); |
268 ASSERT(m_async); | 269 ASSERT(m_async); |
269 | 270 |
270 RefPtr<DocumentThreadableLoader> protect(this); | 271 RefPtr<DocumentThreadableLoader> protect(this); |
271 | 272 |
272 if (!isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy:: DidRedirect)) { | 273 if (m_redirectMode == WebURLRequest::FetchRedirectModeManual) { |
274 responseReceived(resource, redirectResponse, nullptr); | |
yhirano
2015/08/18 07:56:49
Please create and pass a valid handle when useStre
horo
2015/08/19 07:36:12
Done.
I introduced EmptyDataHandle.
| |
275 clearResource(); | |
276 request = ResourceRequest(); | |
277 return; | |
278 } | |
279 | |
280 if (m_redirectMode == WebURLRequest::FetchRedirectModeError || !isAllowedByC ontentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) { | |
273 m_client->didFailRedirectCheck(); | 281 m_client->didFailRedirectCheck(); |
274 | 282 |
275 clearResource(); | 283 clearResource(); |
276 request = ResourceRequest(); | 284 request = ResourceRequest(); |
277 | 285 |
278 m_requestStartedSeconds = 0.0; | 286 m_requestStartedSeconds = 0.0; |
279 return; | 287 return; |
280 } | 288 } |
281 | 289 |
282 // Allow same origin requests to continue after allowing clients to audit th e redirect. | 290 // Allow same origin requests to continue after allowing clients to audit th e redirect. |
(...skipping 392 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
675 return DoNotAllowStoredCredentials; | 683 return DoNotAllowStoredCredentials; |
676 return m_resourceLoaderOptions.allowCredentials; | 684 return m_resourceLoaderOptions.allowCredentials; |
677 } | 685 } |
678 | 686 |
679 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const | 687 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const |
680 { | 688 { |
681 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin (); | 689 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin (); |
682 } | 690 } |
683 | 691 |
684 } // namespace blink | 692 } // namespace blink |
OLD | NEW |