Adds support for POST request with bodies on WKWebView.

ios/web/web_state/ui/crw_wk_web_view_web_controller.mm

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h"
 
 #import <WebKit/WebKit.h>
 
 #include "base/ios/ios_util.h"
 #include "base/ios/weak_nsobject.h"
 #include "base/json/json_reader.h"
+#include "base/json/string_escape.h"
 #import "base/mac/scoped_nsobject.h"
 #include "base/macros.h"
 #include "base/strings/sys_string_conversions.h"
 #include "base/values.h"
 #import "ios/net/http_response_headers_util.h"
 #import "ios/web/crw_network_activity_indicator_manager.h"
 #import "ios/web/navigation/crw_session_controller.h"
 #import "ios/web/navigation/crw_session_entry.h"
 #include "ios/web/navigation/navigation_item_impl.h"
 #include "ios/web/navigation/web_load_params.h"
@@ skipping 24 matching lines @@
 #import "net/base/mac/url_conversions.h"
 #include "net/ssl/ssl_info.h"
 #include "url/url_constants.h"
 
 namespace {
 // Extracts Referer value from WKNavigationAction request header.
 NSString* GetRefererFromNavigationAction(WKNavigationAction* action) {
   return [action.request valueForHTTPHeaderField:@"Referer"];
 }
 
+// Escapes characters and encloses given string in quotes for use in JavaScript.
+NSString* EscapeAndQuoteStringForJavaScript(NSString* unescapedString) {
+  std::string string = base::SysNSStringToUTF8(unescapedString);
+  return base::SysUTF8ToNSString(base::GetQuotedJSONString(string));

[stuartmorgan, 2015/10/01 23:36:27]

The round-tripping of what's going to be a really big string makes me sad. I
don't suppose GTM or google3 iOS code has a method we could use that does this
directly on NSString?

[stkhapugin, 2015/10/08 16:57:24]

I can't find a way to do it directly on NSString. I also don't think that it is
a big issue. The strings IRL seem to be quite small, especially compared to
binary data encoded to base64 and then to binary and carried over on main
thread. 

+}
+
 NSString* const kScriptMessageName = @"crwebinvoke";
 NSString* const kScriptImmediateName = @"crwebinvokeimmediate";
 
+// JavaScript template to do a POST request using an XMLHttpRequest.
+// It takes three arguments (in order):
+// * The quoted and escaped URL to send a POST request to.
+// * The HTTP headers of the request. They should be written as valid JavaScript
+//   statements, adding headers to the XMLHttpRequest variable named 'req'
+//   (e.g. 'req.setRequestHeader("Foo", "Bar");').
+// * The base64 string of POST request body.
+// * Content-Type string
+NSString* const kPostRequestTemplate =
+    @"<html><script>"

[stuartmorgan, 2015/10/01 23:36:27]

I'm with Eugene; this is sizable chunk of JS, and it's pretty hard to read like
this. We're also missing out on the compiler giving us warnings, and I think it
says something about what this structure encourages that none of the methods
here are commented.

I'd like to see this done via a helper object that looks more like one of the
JSInjectionManager classes in than it loads the file, caches it, and adds
whatever templating. That can also hold the fiddly logic of HTMLForPOSTRequest:
instead of that being in WebController itself.

Note that you'd want to replace the inline templating with something where the
JS is written to take params, and then the final building step would append JS
that calls those functions, with arguments that are filled in by template. That
makes the templating easier to understand (vs scattered %@ in a giant string),
and let the JS stand alone. 

(And at that point, couldn't we share with Mirror pretty easily after all? It
would just need a binary vs string body option. The request header
building+escaping seems like a fair amount of code code that's important to get
right, so having two copies concerns me.)

[stkhapugin, 2015/10/08 16:57:24]

Done.

+     "function b64ToBlob(b64Data, contentType) {"
+     "  contentType = contentType || '';"
+     "  var sliceSize = 512;"
+     "  var byteCharacters = b64Data;"
+     "  var byteArrays = [];"
+     "  for (var offset = 0; offset < byteCharacters.length; offset += "
+     "sliceSize) {"
+     "    var slice = byteCharacters.slice(offset, offset + sliceSize);"
+     "    var byteNumbers = new Array(slice.length);"
+     "    for (var i = 0; i < slice.length; i++) {"
+     "      byteNumbers[i] = slice.charCodeAt(i);"
+     "    }"
+     "    var byteArray = new Uint8Array(byteNumbers);"
+     "    byteArrays.push(byteArray);"
+     "  }"
+     "  var blob = new Blob(byteArrays, {type: contentType});"
+     "  return blob;"
+     "}"
+     " function createAndSendPostRequest() {"
+     "    var req = new XMLHttpRequest();"
+     "    req.open(\"POST\", %@, false);"
+     "    %@"  //< This sets request headers.
+     "    var blob = b64ToBlob(atob(%@), %@);"  //< base64 string and
+     // content type
+     "    req.send(blob);"
+     "    if (req.status != 200) {"
+     "      throw req.status;"
+     "    }"
+     "    return req.responseText;"
+     "  }"
+     " "
+     " document.open();"
+     " document.write(createAndSendPostRequest());"
+     " document.close();"
+
+     "</script></html>";
+
 // Utility functions for storing the source of NSErrors received by WKWebViews:
 // - Errors received by |-webView:didFailProvisionalNavigation:withError:| are
 //   recorded using WKWebViewErrorSource::PROVISIONAL_LOAD.  These should be
 //   aborted.
 // - Errors received by |-webView:didFailNavigation:withError:| are recorded
 //   using WKWebViewsource::NAVIGATION.  These errors should not be aborted, as
 //   the WKWebView will automatically retry the load.
 NSString* const kWKWebViewErrorSourceKey = @"ErrorSource";
 typedef enum { NONE = 0, PROVISIONAL_LOAD, NAVIGATION } WKWebViewErrorSource;
 NSError* WKWebViewErrorWithSource(NSError* error, WKWebViewErrorSource source) {
@@ skipping 93 matching lines @@
 @property(nonatomic, readonly) NSString* requestGroupIDForUserAgent;
 
 // Activity indicator group ID for this web controller.
 @property(nonatomic, readonly) NSString* activityIndicatorGroupID;
 
 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW)
 // Identifier used for storing and retrieving certificates.
 @property(nonatomic, readonly) int certGroupID;
 #endif  // #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW)
 
+// Constructs an HTML page that executes the request through JavaScript and
+// replaces document with the result.
+- (NSString*)HTMLForPOSTRequest:(NSURLRequest*)request;
+
+// Loads POST request with body in |_wkWebView| by constructing an HTML page
+// that executes the request through javascript and replaces document with the
+// result.
+// Note that this approach includes multiple body encodings and decodings, plus
+// the data is passed to |_wkWebView| on main thread, hence the performance is
+// expected to be low.
+// This is necessary because WKWebView ignores POST request body.
+// Workaround for https://bugs.webkit.org/show_bug.cgi?id=145410
+- (void)loadPOSTRequestWithBody:(NSMutableURLRequest*)request;
+
 // Returns the WKWebViewConfigurationProvider associated with the web
 // controller's BrowserState.
 - (web::WKWebViewConfigurationProvider&)webViewConfigurationProvider;
 
 // Creates a web view with given |config|. No-op if web view is already created.
 - (void)ensureWebViewCreatedWithConfiguration:(WKWebViewConfiguration*)config;
 
 // Returns a new autoreleased web view created with given configuration.
 - (WKWebView*)createWebViewWithConfiguration:(WKWebViewConfiguration*)config;
 
@@ skipping 259 matching lines @@
     return web::WEB_VIEW_DOCUMENT_TYPE_HTML;
   }
 
   return web::WEB_VIEW_DOCUMENT_TYPE_GENERIC;
 }
 
 - (void)loadRequest:(NSMutableURLRequest*)request {
   [_wkWebView loadRequest:request];
 }
 
+- (NSString*)HTMLForPOSTRequest:(NSURLRequest*)request {

[Eugene But (OOO till 7-30), 2015/09/30 15:45:16]

NIT: Please move these methods before "webViewConfigurationProvider" to follow
predeclarations order.

[stkhapugin, 2015/10/08 16:57:24]

Done.

+  NSString* base64Data = [[request HTTPBody] base64EncodedStringWithOptions:0];
+  NSString* originURL = [[request URL] absoluteString];
+  NSString* contentType = nil;
+  NSMutableString* headerString = [NSMutableString string];
+  for (NSString* headerField in [[request allHTTPHeaderFields] allKeys]) {
+    NSString* value = [request allHTTPHeaderFields][headerField];
+    if ([headerField isEqualToString:@"Content-Type"]) {
+      contentType = value;
+    }
+    [headerString appendFormat:@"req.setRequestHeader(%@, %@);",
+        EscapeAndQuoteStringForJavaScript(headerField),
+        EscapeAndQuoteStringForJavaScript(value)];
+  }
+
+  return [NSString stringWithFormat:kPostRequestTemplate,
+             EscapeAndQuoteStringForJavaScript(originURL),
+             headerString,
+             EscapeAndQuoteStringForJavaScript(base64Data),
+             EscapeAndQuoteStringForJavaScript(contentType)];
+}
+
+- (void)loadPOSTRequestWithBody:(NSMutableURLRequest*)request {
+  NSString* HTML = [self HTMLForPOSTRequest:request];
+  [_wkWebView loadHTMLString:HTML baseURL:request.URL];
+}
+
 - (void)loadWebHTMLString:(NSString*)html forURL:(const GURL&)URL {
   [_wkWebView loadHTMLString:html baseURL:net::NSURLWithGURL(URL)];
 }
 
 - (BOOL)scriptHasBeenInjectedForClass:(Class)jsInjectionManagerClass
                        presenceBeacon:(NSString*)beacon {
   return [_injectedScriptManagers containsObject:jsInjectionManagerClass];
 }
 
 - (void)injectScript:(NSString*)script forClass:(Class)JSInjectionManagerClass {
   // Skip evaluation if there's no content (e.g., if what's being injected is
   // an umbrella manager).
   if ([script length]) {
     [super injectScript:script forClass:JSInjectionManagerClass];
     // Every injection except windowID requires windowID check.
     if (JSInjectionManagerClass != [CRWJSWindowIdManager class])
       script = [self scriptByAddingWindowIDCheckForScript:script];
     web::EvaluateJavaScript(_wkWebView, script, nil);
   }
   [_injectedScriptManagers addObject:JSInjectionManagerClass];
 }
 
 - (void)willLoadCurrentURLInWebView {
   // TODO(stuartmorgan): Get a WKWebView version of the request ID verification
   // code working for debug builds.
 }
 
 - (void)loadRequestForCurrentNavigationItem {
   DCHECK(self.webView && !self.nativeController);
+  DCHECK([self currentSessionEntry]);
+
+  web::WKBackForwardListItemHolder* holder =
+      [self currentBackForwardListItemHolder];
+  BOOL isFormResubmission =
+      (holder->navigation_type() == WKNavigationTypeFormResubmitted ||
+       holder->navigation_type() == WKNavigationTypeFormSubmitted);
+  web::NavigationItemImpl* currentItem =
+      [self currentSessionEntry].navigationItemImpl;
+  NSData* POSTData = currentItem->GetPostData();
+  NSMutableURLRequest* request = [self requestForCurrentNavigationItem];
 
   ProceduralBlock defaultNavigationBlock = ^{
     [self registerLoadRequest:[self currentNavigationURL]
                      referrer:[self currentSessionEntryReferrer]
                    transition:[self currentTransition]];
-    [self loadRequest:[self requestForCurrentNavigationItem]];
+    [self loadRequest:request];
   };
 
-  // If there is no corresponding WKBackForwardListItem, or the item is not in
-  // the current WKWebView's back-forward list, navigating using WKWebView API
-  // is not possible. In this case, fall back to the default navigation
-  // mechanism.
-  web::WKBackForwardListItemHolder* holder =
-      [self currentBackForwardListItemHolder];
-  if (!holder->back_forward_list_item() ||
-      ![self isBackForwardListItemValid:holder->back_forward_list_item()]) {
-    defaultNavigationBlock();
-    return;
-  }
+  // If the request has POST data and is not a form resubmission, configure and

[Eugene But (OOO till 7-30), 2015/09/30 15:45:16]

This comment should be at line 621, not here.

[stkhapugin, 2015/10/08 16:57:24]

Done.

+  // run the POST request.
+  ProceduralBlock POSTBlock = ^{
+    [request setHTTPMethod:@"POST"];
+    [request setHTTPBody:POSTData];
+    [request setAllHTTPHeaderFields:[self currentHTTPHeaders]];
+    [self registerLoadRequest:[self currentNavigationURL]
+                     referrer:[self currentSessionEntryReferrer]
+                   transition:[self currentTransition]];
+    [self loadPOSTRequestWithBody:request];
+  };
 
   ProceduralBlock webViewNavigationBlock = ^{
     // If the current navigation URL is the same as the URL of the visible
     // page, that means the user requested a reload. |goToBackForwardListItem|
     // will be a no-op when it is passed the current back forward list item,
     // so |reload| must be explicitly called.
     [self registerLoadRequest:[self currentNavigationURL]
                      referrer:[self currentSessionEntryReferrer]
                    transition:[self currentTransition]];
     if ([self currentNavigationURL] == net::GURLWithNSURL([_wkWebView URL])) {
       [_wkWebView reload];
     } else {
       [_wkWebView goToBackForwardListItem:holder->back_forward_list_item()];
     }
   };
 
+  if (POSTData.length && !isFormResubmission) {
+    POSTBlock();
+    return;
+  }
+
+  // If there is no corresponding WKBackForwardListItem, or the item is not in
+  // the current WKWebView's back-forward list, navigating using WKWebView API
+  // is not possible. In this case, fall back to the default navigation
+  // mechanism.
+  if (!holder->back_forward_list_item() ||
+      ![self isBackForwardListItemValid:holder->back_forward_list_item()]) {
+    defaultNavigationBlock();
+    return;
+  }
+
   // If the request is not a form submission or resubmission, or the user
   // doesn't need to confirm the load, then continue right away.
-  web::NavigationItemImpl* currentItem =
-      [self currentSessionEntry].navigationItemImpl;
-  if ((holder->navigation_type() != WKNavigationTypeFormResubmitted &&
-       holder->navigation_type() != WKNavigationTypeFormSubmitted) ||
+  if (!isFormResubmission ||
       currentItem->ShouldSkipResubmitDataConfirmation()) {
     webViewNavigationBlock();
     return;
   }
 
   // If the request is form submission or resubmission, then prompt the
   // user before proceeding.
+  DCHECK(isFormResubmission);
   [self.delegate webController:self
       onFormResubmissionForRequest:nil
                      continueBlock:webViewNavigationBlock
                        cancelBlock:defaultNavigationBlock];
 }
 
 // Overrides the hashchange workaround in the super class that manually
 // triggers Javascript hashchange events. If navigating with native API,
 // i.e. using a back forward list item, hashchange events will be triggered
 // automatically, so no URL tampering is required.
@@ skipping 948 matching lines @@
                               placeholderText:defaultText
                                    requestURL:
             net::GURLWithNSURL(frame.request.URL)
                             completionHandler:completionHandler];
   } else if (completionHandler) {
     completionHandler(nil);
   }
 }
 
 @end