[3/3 blink] Support redirect option of Request and "opaqueredirect" response type.

Source/core/loader/DocumentThreadableLoader.cpp

 /*
  * Copyright (C) 2011, 2012 Google Inc. All rights reserved.
  * Copyright (C) 2013, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
@@ skipping 31 matching lines @@
 #include "core/frame/LocalFrame.h"
 #include "core/frame/csp/ContentSecurityPolicy.h"
 #include "core/inspector/InspectorInstrumentation.h"
 #include "core/inspector/InspectorTraceEvents.h"
 #include "core/loader/CrossOriginPreflightResultCache.h"
 #include "core/loader/DocumentThreadableLoaderClient.h"
 #include "core/loader/FrameLoader.h"
 #include "core/loader/FrameLoaderClient.h"
 #include "core/loader/ThreadableLoaderClient.h"
 #include "platform/SharedBuffer.h"
+#include "platform/Task.h"
 #include "platform/network/ResourceRequest.h"
 #include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityOrigin.h"
+#include "public/platform/Platform.h"
 #include "public/platform/WebURLRequest.h"
 #include "wtf/Assertions.h"
 
 namespace blink {
 
+namespace {
+
+class EmptyDataHandle final : public WebDataConsumerHandle {
+private:
+    class EmptyDataReader final : public WebDataConsumerHandle::Reader {
+    public:
+        explicit EmptyDataReader(WebDataConsumerHandle::Client* client) : m_factory(this)
+        {
+            Platform::current()->currentThread()->postTask(FROM_HERE, new Task(bind(&EmptyDataReader::notify, m_factory.createWeakPtr(), client)));
+        }
+    private:
+        Result read(void*, size_t, WebDataConsumerHandle::Flags, size_t *readSize) override
+        {
+            *readSize = 0;
+            return Done;
+        }
+        Result beginRead(const void** buffer, WebDataConsumerHandle::Flags, size_t *available) override
+        {
+            *available = 0;
+            *buffer = nullptr;
+            return Done;
+        }
+        Result endRead(size_t) override
+        {
+            return WebDataConsumerHandle::UnexpectedError;
+        }
+        void notify(WebDataConsumerHandle::Client* client)
+        {
+            client->didGetReadable();
+        }
+        WeakPtrFactory<EmptyDataReader> m_factory;
+    };
+
+    Reader* obtainReaderInternal(Client* client) override
+    {
+        return new EmptyDataReader(client);
+    }
+    const char* debugName() const override { return "EmptyDataHandle"; }
+};
+
+} // namespace
+
 // Max number of CORS redirects handled in DocumentThreadableLoader.
 // Same number as net/url_request/url_request.cc, and
 // same number as https://fetch.spec.whatwg.org/#concept-http-fetch, Step 4.
 // FIXME: currently the number of redirects is counted and limited here and in
 // net/url_request/url_request.cc separately.
 static const int kMaxCORSRedirects = 20;
 
 void DocumentThreadableLoader::loadResourceSynchronously(Document& document, const ResourceRequest& request, ThreadableLoaderClient& client, const ThreadableLoaderOptions& options, const ResourceLoaderOptions& resourceLoaderOptions)
 {
     // The loader will be deleted as soon as this function exits.
@@ skipping 17 matching lines @@
     , m_forceDoNotAllowStoredCredentials(false)
     , m_securityOrigin(m_resourceLoaderOptions.securityOrigin)
     , m_sameOriginRequest(securityOrigin()->canRequestNoSuborigin(request.url()))
     , m_crossOriginNonSimpleRequest(false)
     , m_isUsingDataConsumerHandle(false)
     , m_async(blockingBehavior == LoadAsynchronously)
     , m_requestContext(request.requestContext())
     , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout)
     , m_requestStartedSeconds(0.0)
     , m_corsRedirectLimit(kMaxCORSRedirects)
+    , m_redirectMode(request.fetchRedirectMode())
 {
     ASSERT(client);
     // Setting an outgoing referer is only supported in the async code path.
     ASSERT(m_async || request.httpReferrer().isEmpty());
 
     if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == DenyCrossOriginRequests) {
         m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, request.url().string(), "Cross origin requests are not supported."));
         return;
     }
 
@@ skipping 155 matching lines @@
 // to content::WebURLLoaderImpl. So, this loader must also get detached from
 // the resource by calling clearResource().
 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequest& request, const ResourceResponse& redirectResponse)
 {
     ASSERT(m_client);
     ASSERT_UNUSED(resource, resource == this->resource());
     ASSERT(m_async);
 
     RefPtr<DocumentThreadableLoader> protect(this);
 
-    if (!isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) {
+    if (m_redirectMode == WebURLRequest::FetchRedirectModeManual) {
+        // We use |m_redirectMode| to check the original redirect mode.
+        // |request| is a new request for redirect. So we don't set the redirect
+        // mode of it in WebURLLoaderImpl::Context::OnReceivedRedirect().
+        ASSERT(request.useStreamOnResponse());
+        // There is no need to read the body of redirect response because there
+        // is no way to read the body of opaque-redirect filtered response's
+        // internal response.
+        // TODO(horo): If we support any API which expose the internal body, we
+        // will have to read the body. And also HTTPCache changes will be needed
+        // because it doesn't store the body of redirect responses.
+        responseReceived(resource, redirectResponse, adoptPtr(new EmptyDataHandle()));
+        notifyFinished(resource);
+        clearResource();
+        request = ResourceRequest();
+        return;
+    }
+
+    if (m_redirectMode == WebURLRequest::FetchRedirectModeError || !isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) {
         m_client->didFailRedirectCheck();
 
         clearResource();
         request = ResourceRequest();
 
         m_requestStartedSeconds = 0.0;
         return;
     }
 
     // Allow same origin requests to continue after allowing clients to audit the redirect.
@@ skipping 392 matching lines @@
         return DoNotAllowStoredCredentials;
     return m_resourceLoaderOptions.allowCredentials;
 }
 
 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const
 {
     return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin();
 }
 
 } // namespace blink