| Index: third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
|
| diff --git a/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp b/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
|
| index 7e5e8ef292b0cdce0a6fcd28d3c14b48ba903465..a349e01044173ddc66cf26e3ed9ab188147b0806 100644
|
| --- a/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
|
| +++ b/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
|
| @@ -70,6 +70,7 @@
|
| #include "platform/network/ParsedContentType.h"
|
| #include "platform/network/ResourceError.h"
|
| #include "platform/network/ResourceRequest.h"
|
| +#include "public/platform/Platform.h"
|
| #include "public/platform/WebURLRequest.h"
|
| #include "wtf/Assertions.h"
|
| #include "wtf/StdLibExtras.h"
|
| @@ -131,6 +132,13 @@ void logConsoleError(ExecutionContext* context, const String& message)
|
| context->addConsoleMessage(ConsoleMessage::create(JSMessageSource, ErrorMessageLevel, message));
|
| }
|
|
|
| +enum HeaderValueCategoryByRFC7230 {
|
| + HeaderValueInvalid,
|
| + HeaderValueAffectedByNormalization,
|
| + HeaderValueValid,
|
| + HeaderValueCategoryByRFC7230End
|
| +};
|
| +
|
| } // namespace
|
|
|
| class XMLHttpRequest::BlobLoader final : public GarbageCollectedFinalized<XMLHttpRequest::BlobLoader>, public FileReaderLoaderClient {
|
| @@ -1174,10 +1182,6 @@ void XMLHttpRequest::setRequestHeader(const AtomicString& name, const AtomicStri
|
| return;
|
| }
|
|
|
| - // Show deprecation warnings and count occurrences of such deprecated header values.
|
| - if (!value.isEmpty() && !isValidHTTPFieldContentRFC7230(value))
|
| - UseCounter::countDeprecation(executionContext(), UseCounter::HeaderValueNotMatchingRFC7230);
|
| -
|
| // No script (privileged or not) can set unsafe headers.
|
| if (FetchUtils::isForbiddenHeaderName(name)) {
|
| logConsoleError(executionContext(), "Refused to set unsafe header \"" + name + "\"");
|
| @@ -1189,9 +1193,31 @@ void XMLHttpRequest::setRequestHeader(const AtomicString& name, const AtomicStri
|
|
|
| void XMLHttpRequest::setRequestHeaderInternal(const AtomicString& name, const AtomicString& value)
|
| {
|
| + HeaderValueCategoryByRFC7230 headerValueCategory = HeaderValueValid;
|
| +
|
| HTTPHeaderMap::AddResult result = m_requestHeaders.add(name, value);
|
| - if (!result.isNewEntry)
|
| - result.storedValue->value = result.storedValue->value + ", " + value;
|
| + if (!result.isNewEntry) {
|
| + AtomicString newValue = result.storedValue->value + ", " + value;
|
| +
|
| + // Without normalization at XHR level here, the actual header value
|
| + // sent to the network is |newValue| with leading/trailing whitespaces
|
| + // stripped (i.e. |normalizeHeaderValue(newValue)|).
|
| + // With normalization at XHR level here as the spec requires, the
|
| + // actual header value sent to the network is |normalizedNewValue|.
|
| + // If these two are different, introducing normalization here affects
|
| + // the header value sent to the network.
|
| + String normalizedNewValue = FetchUtils::normalizeHeaderValue(result.storedValue->value) + ", " + FetchUtils::normalizeHeaderValue(value);
|
| + if (FetchUtils::normalizeHeaderValue(newValue) != normalizedNewValue)
|
| + headerValueCategory = HeaderValueAffectedByNormalization;
|
| +
|
| + result.storedValue->value = newValue;
|
| + }
|
| +
|
| + String normalizedValue = FetchUtils::normalizeHeaderValue(value);
|
| + if (!normalizedValue.isEmpty() && !isValidHTTPFieldContentRFC7230(normalizedValue))
|
| + headerValueCategory = HeaderValueInvalid;
|
| +
|
| + Platform::current()->histogramEnumeration("Blink.XHR.setRequestHeader.HeaderValueCategoryInRFC7230", headerValueCategory, HeaderValueCategoryByRFC7230End);
|
| }
|
|
|
| const AtomicString& XMLHttpRequest::getRequestHeader(const AtomicString& name) const
|
|
|
Chromium Code Reviews
Issue 1378543002:
Add UMA for header values in XHR's setRequestHeader() checked against RFC 7230 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master