Introduce "navigate" mode in Requests

third_party/WebKit/Source/modules/fetch/FetchManager.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "config.h"
 #include "modules/fetch/FetchManager.h"
 
 #include "bindings/core/v8/ExceptionState.h"
 #include "bindings/core/v8/ScriptPromiseResolver.h"
 #include "bindings/core/v8/ScriptState.h"
@@ skipping 217 matching lines @@
             // same-origin data-URL flag is unset, except for no-cors mode.
             // TODO(hiroshige): currently redirects to data URLs in no-cors
             // mode is also rejected by Chromium side.
             switch (m_request->mode()) {
             case WebURLRequest::FetchRequestModeNoCORS:
                 m_request->setResponseTainting(FetchRequestData::OpaqueTainting);
                 break;
             case WebURLRequest::FetchRequestModeSameOrigin:
             case WebURLRequest::FetchRequestModeCORS:
             case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:
+            case WebURLRequest::FetchRequestModeNavigate:
                 performNetworkError("Fetch API cannot load " + m_request->url().string() + ". Redirects to data: URL are allowed only when mode is \"no-cors\".");
                 return;
             }
         }
     } else if (!SecurityOrigin::create(response.url())->isSameSchemeHostPort(m_request->origin().get())) {
         // Recompute the tainting if the request was redirected to a different
         // origin.
         switch (m_request->mode()) {
         case WebURLRequest::FetchRequestModeSameOrigin:
             ASSERT_NOT_REACHED();
             break;
         case WebURLRequest::FetchRequestModeNoCORS:
             m_request->setResponseTainting(FetchRequestData::OpaqueTainting);
             break;
         case WebURLRequest::FetchRequestModeCORS:
         case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:
             m_request->setResponseTainting(FetchRequestData::CORSTainting);
             break;
+        case WebURLRequest::FetchRequestModeNavigate:
+            RELEASE_ASSERT_NOT_REACHED();
+            break;
         }
     }
 
     FetchResponseData* responseData = nullptr;
     CompositeDataConsumerHandle::Updater* updater = nullptr;
     if (m_request->integrity().isEmpty())
         responseData = FetchResponseData::createWithBuffer(new BodyStreamBuffer(createFetchDataConsumerHandleFromWebHandle(handle)));
     else
         responseData = FetchResponseData::createWithBuffer(new BodyStreamBuffer(createFetchDataConsumerHandleFromWebHandle(CompositeDataConsumerHandle::create(createWaitingDataConsumerHandle(), &updater))));
     responseData->setStatus(response.httpStatusCode());
@@ skipping 143 matching lines @@
         // "A network error."
         performNetworkError("Refused to connect to '" + m_request->url().elidedString() + "' because it violates the document's Content Security Policy.");
         return;
     }
 
     // "- |request|'s url's origin is |request|'s origin and the |CORS flag| is
     //    unset"
     // "- |request|'s url's scheme is 'data' and |request|'s same-origin data
     //    URL flag is set"
     // "- |request|'s url's scheme is 'about'"
-    // Note we don't support to call this method with |CORS flag|.
+    // Note we don't support to call this method with |CORS flag|
+    // "- |request|'s mode is |navigate|".
     if ((SecurityOrigin::create(m_request->url())->isSameSchemeHostPortAndSuborigin(m_request->origin().get()))
         || (m_request->url().protocolIsData() && m_request->sameOriginDataURLFlag())
-        || (m_request->url().protocolIsAbout())) {
+        || (m_request->url().protocolIsAbout())
+        || (m_request->mode() == WebURLRequest::FetchRequestModeNavigate)) {
         // "The result of performing a basic fetch using request."
         performBasicFetch();
         return;
     }
 
     // "- |request|'s mode is |same-origin|"
     if (m_request->mode() == WebURLRequest::FetchRequestModeSameOrigin) {
         // "A network error."
         performNetworkError("Fetch API cannot load " + m_request->url().string() + ". Request mode is \"same-origin\" but the URL\'s origin is not same as the request origin " + m_request->origin()->toString() + ".");
         return;
@@ skipping 153 matching lines @@
     case WebURLRequest::FetchRequestModeSameOrigin:
         threadableLoaderOptions.crossOriginRequestPolicy = DenyCrossOriginRequests;
         break;
     case WebURLRequest::FetchRequestModeNoCORS:
         threadableLoaderOptions.crossOriginRequestPolicy = AllowCrossOriginRequests;
         break;
     case WebURLRequest::FetchRequestModeCORS:
     case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:
         threadableLoaderOptions.crossOriginRequestPolicy = UseAccessControl;
         break;
+    case WebURLRequest::FetchRequestModeNavigate:
+        // Using DenyCrossOriginRequests here to reduce the security risk.
+        // "navigate" request is only available in ServiceWorker.
+        threadableLoaderOptions.crossOriginRequestPolicy = DenyCrossOriginRequests;
+        break;
     }
     InspectorInstrumentation::willStartFetch(executionContext(), this);
     m_loader = ThreadableLoader::create(*executionContext(), this, request, threadableLoaderOptions, resourceLoaderOptions);
     if (!m_loader)
         performNetworkError("Can't create ThreadableLoader");
 }
 
 // performDataFetch() is almost the same as performHTTPFetch(), except for:
 // - We set AllowCrossOriginRequests to allow requests to data: URLs in
 //   'same-origin' mode.
@@ skipping 94 matching lines @@
     loader->dispose();
 }
 
 DEFINE_TRACE(FetchManager)
 {
     visitor->trace(m_executionContext);
     visitor->trace(m_loaders);
 }
 
 } // namespace blink