Index: third_party/WebKit/Source/core/loader/DocumentLoader.cpp |
diff --git a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp |
index 20cc631f83d3df36e97abbc90e1d8b872ee382f6..d393122b2c8f9f9091f11e79e3abbdf46024eb06 100644 |
--- a/third_party/WebKit/Source/core/loader/DocumentLoader.cpp |
+++ b/third_party/WebKit/Source/core/loader/DocumentLoader.cpp |
@@ -107,7 +107,7 @@ DocumentLoader::DocumentLoader(LocalFrame* frame, const ResourceRequest& req, co |
, m_documentLoadTiming(*this) |
, m_timeOfLastDataReceived(0.0) |
, m_applicationCacheHost(ApplicationCacheHost::create(this)) |
- , m_wasBlockedAfterXFrameOptionsOrCSP(false) |
+ , m_wasBlockedAfterCSP(false) |
, m_state(NotStarted) |
, m_inDataReceived(false) |
, m_dataBuffer(SharedBuffer::create()) |
@@ -257,6 +257,11 @@ void DocumentLoader::notifyFinished(Resource* resource) |
if (m_applicationCacheHost) |
m_applicationCacheHost->failedLoadingMainResource(); |
m_state = MainResourceDone; |
+ |
+ // TODO(mkwst): Magic numbers bad. |
+ if (m_mainResource->resourceError().errorCode() == -27) |
+ InspectorInstrumentation::canceledAfterReceivedResourceResponse(m_frame, this, mainResourceIdentifier(), resource->response()); |
+ |
frameLoader()->loadFailed(this, m_mainResource->resourceError()); |
clearMainResourceHandle(); |
} |
@@ -350,11 +355,11 @@ bool DocumentLoader::shouldContinueForResponse() const |
return true; |
} |
-void DocumentLoader::cancelLoadAfterXFrameOptionsOrCSPDenied(const ResourceResponse& response) |
+void DocumentLoader::cancelLoadAfterCSPDenied(const ResourceResponse& response) |
{ |
- InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame, this, mainResourceIdentifier(), response); |
+ InspectorInstrumentation::canceledAfterReceivedResourceResponse(m_frame, this, mainResourceIdentifier(), response); |
- setWasBlockedAfterXFrameOptionsOrCSP(); |
+ setWasBlockedAfterCSP(); |
// Pretend that this was an empty HTTP 200 response. |
clearMainResourceHandle(); |
@@ -382,27 +387,10 @@ void DocumentLoader::responseReceived(Resource* resource, const ResourceResponse |
m_contentSecurityPolicy->setOverrideURLForSelf(response.url()); |
m_contentSecurityPolicy->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(response)); |
if (!m_contentSecurityPolicy->allowAncestors(m_frame, response.url())) { |
- cancelLoadAfterXFrameOptionsOrCSPDenied(response); |
+ cancelLoadAfterCSPDenied(response); |
return; |
} |
- // 'frame-ancestors' obviates 'x-frame-options': https://w3c.github.io/webappsec/specs/content-security-policy/#frame-ancestors-and-frame-options |
- if (!m_contentSecurityPolicy->isFrameAncestorsEnforced()) { |
- HTTPHeaderMap::const_iterator it = response.httpHeaderFields().find(HTTPNames::X_Frame_Options); |
- if (it != response.httpHeaderFields().end()) { |
- String content = it->value; |
- if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, response.url(), mainResourceIdentifier())) { |
- String message = "Refused to display '" + response.url().elidedString() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'."; |
- ConsoleMessage* consoleMessage = ConsoleMessage::create(SecurityMessageSource, ErrorMessageLevel, message); |
- consoleMessage->setRequestIdentifier(mainResourceIdentifier()); |
- frame()->document()->addConsoleMessage(consoleMessage); |
- |
- cancelLoadAfterXFrameOptionsOrCSPDenied(response); |
- return; |
- } |
- } |
- } |
- |
ASSERT(!m_frame->page()->defersLoading()); |
m_response = response; |