| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) | 2 * Copyright (C) 1999 Lars Knoll (knoll@kde.org) |
| 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) | 3 * (C) 1999 Antti Koivisto (koivisto@kde.org) |
| 4 * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010 Apple Inc. All rights reserv
ed. | 4 * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010 Apple Inc. All rights reserv
ed. |
| 5 * | 5 * |
| 6 * This library is free software; you can redistribute it and/or | 6 * This library is free software; you can redistribute it and/or |
| 7 * modify it under the terms of the GNU Library General Public | 7 * modify it under the terms of the GNU Library General Public |
| 8 * License as published by the Free Software Foundation; either | 8 * License as published by the Free Software Foundation; either |
| 9 * version 2 of the License, or (at your option) any later version. | 9 * version 2 of the License, or (at your option) any later version. |
| 10 * | 10 * |
| (...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 153 | 153 |
| 154 // Do not load any image if the 'src' attribute is missing or if it is | 154 // Do not load any image if the 'src' attribute is missing or if it is |
| 155 // an empty string. | 155 // an empty string. |
| 156 ResourcePtr<ImageResource> newImage = 0; | 156 ResourcePtr<ImageResource> newImage = 0; |
| 157 if (!attr.isNull() && !stripLeadingAndTrailingHTMLSpaces(attr).isEmpty()) { | 157 if (!attr.isNull() && !stripLeadingAndTrailingHTMLSpaces(attr).isEmpty()) { |
| 158 FetchRequest request(ResourceRequest(document.completeURL(sourceURI(attr
))), element()->localName()); | 158 FetchRequest request(ResourceRequest(document.completeURL(sourceURI(attr
))), element()->localName()); |
| 159 | 159 |
| 160 AtomicString crossOriginMode = m_element->fastGetAttribute(HTMLNames::cr
ossoriginAttr); | 160 AtomicString crossOriginMode = m_element->fastGetAttribute(HTMLNames::cr
ossoriginAttr); |
| 161 if (!crossOriginMode.isNull()) { | 161 if (!crossOriginMode.isNull()) { |
| 162 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMo
de, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; | 162 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMo
de, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; |
| 163 updateRequestForAccessControl(request.mutableResourceRequest(), docu
ment.securityOrigin(), allowCredentials); | 163 request.setCrossOriginAccessControl(document.securityOrigin(), allow
Credentials); |
| 164 } | 164 } |
| 165 | 165 |
| 166 if (m_loadManually) { | 166 if (m_loadManually) { |
| 167 bool autoLoadOtherImages = document.fetcher()->autoLoadImages(); | 167 bool autoLoadOtherImages = document.fetcher()->autoLoadImages(); |
| 168 document.fetcher()->setAutoLoadImages(false); | 168 document.fetcher()->setAutoLoadImages(false); |
| 169 newImage = new ImageResource(request.resourceRequest()); | 169 newImage = new ImageResource(request.resourceRequest()); |
| 170 newImage->setLoading(true); | 170 newImage->setLoading(true); |
| 171 document.fetcher()->m_documentResources.set(newImage->url(), newImag
e.get()); | 171 document.fetcher()->m_documentResources.set(newImage->url(), newImag
e.get()); |
| 172 document.fetcher()->setAutoLoadImages(autoLoadOtherImages); | 172 document.fetcher()->setAutoLoadImages(autoLoadOtherImages); |
| 173 } else { | 173 } else { |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 257 ASSERT(m_failedLoadURL.isEmpty()); | 257 ASSERT(m_failedLoadURL.isEmpty()); |
| 258 ASSERT(resource == m_image.get()); | 258 ASSERT(resource == m_image.get()); |
| 259 | 259 |
| 260 m_imageComplete = true; | 260 m_imageComplete = true; |
| 261 if (!hasPendingBeforeLoadEvent()) | 261 if (!hasPendingBeforeLoadEvent()) |
| 262 updateRenderer(); | 262 updateRenderer(); |
| 263 | 263 |
| 264 if (!m_hasPendingLoadEvent) | 264 if (!m_hasPendingLoadEvent) |
| 265 return; | 265 return; |
| 266 | 266 |
| 267 if (m_element->fastHasAttribute(HTMLNames::crossoriginAttr) | 267 if (resource->errorOccurred()) { |
| 268 && !m_element->document().securityOrigin()->canRequest(image()->response
().url()) | 268 loadEventSender().cancelEvent(this); |
| 269 && !resource->passesAccessControlCheck(m_element->document().securityOri
gin())) { | 269 m_hasPendingLoadEvent = false; |
| 270 | |
| 271 setImageWithoutConsideringPendingLoadEvent(0); | |
| 272 | 270 |
| 273 m_hasPendingErrorEvent = true; | 271 m_hasPendingErrorEvent = true; |
| 274 errorEventSender().dispatchEventSoon(this); | 272 errorEventSender().dispatchEventSoon(this); |
| 275 | 273 |
| 276 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Cross-origin image load de
nied by Cross-Origin Resource Sharing policy.")); | |
| 277 m_element->document().addConsoleMessage(SecurityMessageSource, ErrorMess
ageLevel, consoleMessage); | |
| 278 | |
| 279 ASSERT(!m_hasPendingLoadEvent); | |
| 280 | |
| 281 // Only consider updating the protection ref-count of the Element immedi
ately before returning | 274 // Only consider updating the protection ref-count of the Element immedi
ately before returning |
| 282 // from this function as doing so might result in the destruction of thi
s ImageLoader. | 275 // from this function as doing so might result in the destruction of thi
s ImageLoader. |
| 283 updatedHasPendingEvent(); | 276 updatedHasPendingEvent(); |
| 284 return; | 277 return; |
| 285 } | 278 } |
| 286 | |
| 287 if (resource->wasCanceled()) { | 279 if (resource->wasCanceled()) { |
| 288 m_hasPendingLoadEvent = false; | 280 m_hasPendingLoadEvent = false; |
| 289 // Only consider updating the protection ref-count of the Element immedi
ately before returning | 281 // Only consider updating the protection ref-count of the Element immedi
ately before returning |
| 290 // from this function as doing so might result in the destruction of thi
s ImageLoader. | 282 // from this function as doing so might result in the destruction of thi
s ImageLoader. |
| 291 updatedHasPendingEvent(); | 283 updatedHasPendingEvent(); |
| 292 return; | 284 return; |
| 293 } | 285 } |
| 294 if (resource->errorOccurred()) { | |
| 295 loadEventSender().cancelEvent(this); | |
| 296 m_hasPendingLoadEvent = false; | |
| 297 | |
| 298 m_hasPendingErrorEvent = true; | |
| 299 errorEventSender().dispatchEventSoon(this); | |
| 300 | |
| 301 // Only consider updating the protection ref-count of the Element immedi
ately before returning | |
| 302 // from this function as doing so might result in the destruction of thi
s ImageLoader. | |
| 303 updatedHasPendingEvent(); | |
| 304 return; | |
| 305 } | |
| 306 loadEventSender().dispatchEventSoon(this); | 286 loadEventSender().dispatchEventSoon(this); |
| 307 } | 287 } |
| 308 | 288 |
| 309 RenderImageResource* ImageLoader::renderImageResource() | 289 RenderImageResource* ImageLoader::renderImageResource() |
| 310 { | 290 { |
| 311 RenderObject* renderer = m_element->renderer(); | 291 RenderObject* renderer = m_element->renderer(); |
| 312 | 292 |
| 313 if (!renderer) | 293 if (!renderer) |
| 314 return 0; | 294 return 0; |
| 315 | 295 |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 486 handle->notifyImageSourceChanged(); | 466 handle->notifyImageSourceChanged(); |
| 487 } | 467 } |
| 488 } | 468 } |
| 489 | 469 |
| 490 inline void ImageLoader::clearFailedLoadURL() | 470 inline void ImageLoader::clearFailedLoadURL() |
| 491 { | 471 { |
| 492 m_failedLoadURL = AtomicString(); | 472 m_failedLoadURL = AtomicString(); |
| 493 } | 473 } |
| 494 | 474 |
| 495 } | 475 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 137983010:
(Re)organize handling of CORS access control during resource loading. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master