Reland of Set the request mode and the credentials mode of FetchEvent in the service worker correct…

third_party/WebKit/Source/modules/fetch/FetchManager.cpp

Index: third_party/WebKit/Source/modules/fetch/FetchManager.cpp
diff --git a/third_party/WebKit/Source/modules/fetch/FetchManager.cpp b/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
index 735755a1ab4ee2dc6af0b949d8fc9fb3adefc1a6..d06a16cc27c9c4a3ac6607b905e2fa5a940e1d18 100644
--- a/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
+++ b/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
@@ -223,11 +223,12 @@ void FetchManager::Loader::didReceiveResponse(unsigned long, const ResourceRespo
     }
 
     m_responseHttpStatusCode = response.httpStatusCode();
+    FetchRequestData::Tainting tainting = m_request->responseTainting();
 
     if (response.url().protocolIsData()) {
         if (m_request->url() == response.url()) {
             // A direct request to data.
-            m_request->setResponseTainting(FetchRequestData::BasicTainting);
+            tainting = FetchRequestData::BasicTainting;
         } else {
             // A redirect to data: scheme occured.
             // Redirects to data URLs are rejected by the spec because
@@ -236,7 +237,7 @@ void FetchManager::Loader::didReceiveResponse(unsigned long, const ResourceRespo
             // mode is also rejected by Chromium side.
             switch (m_request->mode()) {
             case WebURLRequest::FetchRequestModeNoCORS:
-                m_request->setResponseTainting(FetchRequestData::OpaqueTainting);
+                tainting = FetchRequestData::OpaqueTainting;
                 break;
             case WebURLRequest::FetchRequestModeSameOrigin:
             case WebURLRequest::FetchRequestModeCORS:
@@ -254,17 +255,37 @@ void FetchManager::Loader::didReceiveResponse(unsigned long, const ResourceRespo
             ASSERT_NOT_REACHED();
             break;
         case WebURLRequest::FetchRequestModeNoCORS:
-            m_request->setResponseTainting(FetchRequestData::OpaqueTainting);
+            tainting = FetchRequestData::OpaqueTainting;
             break;
         case WebURLRequest::FetchRequestModeCORS:
         case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:
-            m_request->setResponseTainting(FetchRequestData::CORSTainting);
+            tainting = FetchRequestData::CORSTainting;
             break;
         case WebURLRequest::FetchRequestModeNavigate:
             RELEASE_ASSERT_NOT_REACHED();
             break;
         }
     }
+    if (response.wasFetchedViaServiceWorker()) {
+        switch (response.serviceWorkerResponseType()) {

[tyoshino (SeeGerritForStatus), 2016/03/07 14:48:22]

it looks good to just honor the tainting of the response created in the
ServiceWorker for now.

is this likely to change in the future e.g. with foreign fetch?

i.e. is there any possibility we need to choose the stronger tainting from one
set for the fetch() in the controlled page and one set for the response from the
ServiceWorker?

[horo, 2016/03/08 03:11:02]

+CC:mek@

According to
https://github.com/slightlyoff/ServiceWorker/blob/master/foreign_fetch_explai...
So I think the response will be opaque-tainted here.

[tyoshino (SeeGerritForStatus), 2016/03/08 05:30:05]

Great! Thanks for the explanation.

+        case WebServiceWorkerResponseTypeBasic:
+        case WebServiceWorkerResponseTypeDefault:
+            tainting = FetchRequestData::BasicTainting;
+            break;
+        case WebServiceWorkerResponseTypeCORS:
+            tainting = FetchRequestData::CORSTainting;
+            break;
+        case WebServiceWorkerResponseTypeOpaque:
+            tainting = FetchRequestData::OpaqueTainting;
+            break;
+        case WebServiceWorkerResponseTypeOpaqueRedirect:
+            // ServiceWorker can't respond to the request from fetch() with an opaque redirect response.

[tyoshino (SeeGerritForStatus), 2016/03/07 14:48:22]

let's wrap comments to fit 80 col

[horo, 2016/03/08 03:11:02]

Done.

+        case WebServiceWorkerResponseTypeError:
+            // When ServiceWorker respond to the request from fetch() with an error response, FetchManager::Loader::didFail() must be called instead.

[tyoshino (SeeGerritForStatus), 2016/03/07 14:48:22]

let's wrap comments to fit 80 col

[horo, 2016/03/08 03:11:02]

Done.

+            RELEASE_ASSERT_NOT_REACHED();
+            break;
+        }
+    }
 
     FetchResponseData* responseData = nullptr;
     CompositeDataConsumerHandle::Updater* updater = nullptr;
@@ -302,7 +323,7 @@ void FetchManager::Loader::didReceiveResponse(unsigned long, const ResourceRespo
         // as a redirect response, and execute tainting.
     }
     if (!taintedResponse) {
-        switch (m_request->responseTainting()) {
+        switch (tainting) {
         case FetchRequestData::BasicTainting:
             taintedResponse = responseData->createBasicFilteredResponse();
             break;
@@ -532,6 +553,8 @@ void FetchManager::Loader::performHTTPFetch(bool corsFlag, bool corsPreflightFla
     ResourceRequest request(m_request->url());
     request.setRequestContext(m_request->context());
     request.setHTTPMethod(m_request->method());
+    request.setFetchRequestMode(m_request->mode());
+    request.setFetchCredentialsMode(m_request->credentials());
     const Vector<OwnPtr<FetchHeaderList::Header>>& list = m_request->headerList()->list();
     for (size_t i = 0; i < list.size(); ++i) {
         request.addHTTPHeaderField(AtomicString(list[i]->first), AtomicString(list[i]->second));