OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
7 * met: | 7 * met: |
8 * | 8 * |
9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
42 #include "core/frame/LocalFrame.h" | 42 #include "core/frame/LocalFrame.h" |
43 #include "core/frame/csp/ContentSecurityPolicy.h" | 43 #include "core/frame/csp/ContentSecurityPolicy.h" |
44 #include "core/inspector/InspectorInstrumentation.h" | 44 #include "core/inspector/InspectorInstrumentation.h" |
45 #include "core/inspector/InspectorTraceEvents.h" | 45 #include "core/inspector/InspectorTraceEvents.h" |
46 #include "core/loader/CrossOriginPreflightResultCache.h" | 46 #include "core/loader/CrossOriginPreflightResultCache.h" |
47 #include "core/loader/DocumentThreadableLoaderClient.h" | 47 #include "core/loader/DocumentThreadableLoaderClient.h" |
48 #include "core/loader/FrameLoader.h" | 48 #include "core/loader/FrameLoader.h" |
49 #include "core/loader/FrameLoaderClient.h" | 49 #include "core/loader/FrameLoaderClient.h" |
50 #include "core/loader/ThreadableLoaderClient.h" | 50 #include "core/loader/ThreadableLoaderClient.h" |
51 #include "platform/SharedBuffer.h" | 51 #include "platform/SharedBuffer.h" |
| 52 #include "platform/Task.h" |
52 #include "platform/network/ResourceRequest.h" | 53 #include "platform/network/ResourceRequest.h" |
53 #include "platform/weborigin/SchemeRegistry.h" | 54 #include "platform/weborigin/SchemeRegistry.h" |
54 #include "platform/weborigin/SecurityOrigin.h" | 55 #include "platform/weborigin/SecurityOrigin.h" |
| 56 #include "public/platform/Platform.h" |
55 #include "public/platform/WebURLRequest.h" | 57 #include "public/platform/WebURLRequest.h" |
56 #include "wtf/Assertions.h" | 58 #include "wtf/Assertions.h" |
57 | 59 |
58 namespace blink { | 60 namespace blink { |
59 | 61 |
| 62 namespace { |
| 63 |
| 64 class EmptyDataHandle final : public WebDataConsumerHandle { |
| 65 private: |
| 66 class EmptyDataReader final : public WebDataConsumerHandle::Reader { |
| 67 public: |
| 68 explicit EmptyDataReader(WebDataConsumerHandle::Client* client) : m_fact
ory(this) |
| 69 { |
| 70 Platform::current()->currentThread()->postTask(FROM_HERE, new Task(b
ind(&EmptyDataReader::notify, m_factory.createWeakPtr(), client))); |
| 71 } |
| 72 private: |
| 73 Result read(void*, size_t, WebDataConsumerHandle::Flags, size_t *readSiz
e) override |
| 74 { |
| 75 *readSize = 0; |
| 76 return Done; |
| 77 } |
| 78 Result beginRead(const void** buffer, WebDataConsumerHandle::Flags, size
_t *available) override |
| 79 { |
| 80 *available = 0; |
| 81 *buffer = nullptr; |
| 82 return Done; |
| 83 } |
| 84 Result endRead(size_t) override |
| 85 { |
| 86 return WebDataConsumerHandle::UnexpectedError; |
| 87 } |
| 88 void notify(WebDataConsumerHandle::Client* client) |
| 89 { |
| 90 client->didGetReadable(); |
| 91 } |
| 92 WeakPtrFactory<EmptyDataReader> m_factory; |
| 93 }; |
| 94 |
| 95 Reader* obtainReaderInternal(Client* client) override |
| 96 { |
| 97 return new EmptyDataReader(client); |
| 98 } |
| 99 const char* debugName() const override { return "EmptyDataHandle"; } |
| 100 }; |
| 101 |
| 102 } // namespace |
| 103 |
60 // Max number of CORS redirects handled in DocumentThreadableLoader. | 104 // Max number of CORS redirects handled in DocumentThreadableLoader. |
61 // Same number as net/url_request/url_request.cc, and | 105 // Same number as net/url_request/url_request.cc, and |
62 // same number as https://fetch.spec.whatwg.org/#concept-http-fetch, Step 4. | 106 // same number as https://fetch.spec.whatwg.org/#concept-http-fetch, Step 4. |
63 // FIXME: currently the number of redirects is counted and limited here and in | 107 // FIXME: currently the number of redirects is counted and limited here and in |
64 // net/url_request/url_request.cc separately. | 108 // net/url_request/url_request.cc separately. |
65 static const int kMaxCORSRedirects = 20; | 109 static const int kMaxCORSRedirects = 20; |
66 | 110 |
67 void DocumentThreadableLoader::loadResourceSynchronously(Document& document, con
st ResourceRequest& request, ThreadableLoaderClient& client, const ThreadableLoa
derOptions& options, const ResourceLoaderOptions& resourceLoaderOptions) | 111 void DocumentThreadableLoader::loadResourceSynchronously(Document& document, con
st ResourceRequest& request, ThreadableLoaderClient& client, const ThreadableLoa
derOptions& options, const ResourceLoaderOptions& resourceLoaderOptions) |
68 { | 112 { |
69 // The loader will be deleted as soon as this function exits. | 113 // The loader will be deleted as soon as this function exits. |
(...skipping 17 matching lines...) Expand all Loading... |
87 , m_forceDoNotAllowStoredCredentials(false) | 131 , m_forceDoNotAllowStoredCredentials(false) |
88 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) | 132 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) |
89 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url())
) | 133 , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url())
) |
90 , m_crossOriginNonSimpleRequest(false) | 134 , m_crossOriginNonSimpleRequest(false) |
91 , m_isUsingDataConsumerHandle(false) | 135 , m_isUsingDataConsumerHandle(false) |
92 , m_async(blockingBehavior == LoadAsynchronously) | 136 , m_async(blockingBehavior == LoadAsynchronously) |
93 , m_requestContext(request.requestContext()) | 137 , m_requestContext(request.requestContext()) |
94 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) | 138 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) |
95 , m_requestStartedSeconds(0.0) | 139 , m_requestStartedSeconds(0.0) |
96 , m_corsRedirectLimit(kMaxCORSRedirects) | 140 , m_corsRedirectLimit(kMaxCORSRedirects) |
| 141 , m_redirectMode(request.fetchRedirectMode()) |
97 { | 142 { |
98 ASSERT(client); | 143 ASSERT(client); |
99 // Setting an outgoing referer is only supported in the async code path. | 144 // Setting an outgoing referer is only supported in the async code path. |
100 ASSERT(m_async || request.httpReferrer().isEmpty()); | 145 ASSERT(m_async || request.httpReferrer().isEmpty()); |
101 | 146 |
102 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO
riginRequests) { | 147 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossO
riginRequests) { |
103 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url
().string(), "Cross origin requests are not supported.")); | 148 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url
().string(), "Cross origin requests are not supported.")); |
104 return; | 149 return; |
105 } | 150 } |
106 | 151 |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
262 // to content::WebURLLoaderImpl. So, this loader must also get detached from | 307 // to content::WebURLLoaderImpl. So, this loader must also get detached from |
263 // the resource by calling clearResource(). | 308 // the resource by calling clearResource(). |
264 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ
est& request, const ResourceResponse& redirectResponse) | 309 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ
est& request, const ResourceResponse& redirectResponse) |
265 { | 310 { |
266 ASSERT(m_client); | 311 ASSERT(m_client); |
267 ASSERT_UNUSED(resource, resource == this->resource()); | 312 ASSERT_UNUSED(resource, resource == this->resource()); |
268 ASSERT(m_async); | 313 ASSERT(m_async); |
269 | 314 |
270 RefPtr<DocumentThreadableLoader> protect(this); | 315 RefPtr<DocumentThreadableLoader> protect(this); |
271 | 316 |
272 if (!isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy::
DidRedirect)) { | 317 if (m_redirectMode == WebURLRequest::FetchRedirectModeManual) { |
| 318 // We use |m_redirectMode| to check the original redirect mode. |
| 319 // |request| is a new request for redirect. So we don't set the redirect |
| 320 // mode of it in WebURLLoaderImpl::Context::OnReceivedRedirect(). |
| 321 ASSERT(request.useStreamOnResponse()); |
| 322 // There is no need to read the body of redirect response because there |
| 323 // is no way to read the body of opaque-redirect filtered response's |
| 324 // internal response. |
| 325 // TODO(horo): If we support any API which expose the internal body, we |
| 326 // will have to read the body. And also HTTPCache changes will be needed |
| 327 // because it doesn't store the body of redirect responses. |
| 328 responseReceived(resource, redirectResponse, adoptPtr(new EmptyDataHandl
e())); |
| 329 notifyFinished(resource); |
| 330 clearResource(); |
| 331 request = ResourceRequest(); |
| 332 return; |
| 333 } |
| 334 |
| 335 if (m_redirectMode == WebURLRequest::FetchRedirectModeError || !isAllowedByC
ontentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) { |
273 m_client->didFailRedirectCheck(); | 336 m_client->didFailRedirectCheck(); |
274 | 337 |
275 clearResource(); | 338 clearResource(); |
276 request = ResourceRequest(); | 339 request = ResourceRequest(); |
277 | 340 |
278 m_requestStartedSeconds = 0.0; | 341 m_requestStartedSeconds = 0.0; |
279 return; | 342 return; |
280 } | 343 } |
281 | 344 |
282 // Allow same origin requests to continue after allowing clients to audit th
e redirect. | 345 // Allow same origin requests to continue after allowing clients to audit th
e redirect. |
(...skipping 392 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
675 return DoNotAllowStoredCredentials; | 738 return DoNotAllowStoredCredentials; |
676 return m_resourceLoaderOptions.allowCredentials; | 739 return m_resourceLoaderOptions.allowCredentials; |
677 } | 740 } |
678 | 741 |
679 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const | 742 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const |
680 { | 743 { |
681 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin
(); | 744 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin
(); |
682 } | 745 } |
683 | 746 |
684 } // namespace blink | 747 } // namespace blink |
OLD | NEW |