Blocking synchronous and third party doc.written scripts

third_party/WebKit/Source/core/loader/FrameFetchContext.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 39 matching lines @@
 #include "core/inspector/InstrumentingAgents.h"
 #include "core/loader/DocumentLoader.h"
 #include "core/loader/FrameLoader.h"
 #include "core/loader/FrameLoaderClient.h"
 #include "core/loader/LinkLoader.h"
 #include "core/loader/MixedContentChecker.h"
 #include "core/loader/NetworkHintsInterface.h"
 #include "core/loader/PingLoader.h"
 #include "core/loader/ProgressTracker.h"
 #include "core/loader/appcache/ApplicationCacheHost.h"
+#include "core/page/NetworkStateNotifier.h"
 #include "core/page/Page.h"
 #include "core/svg/graphics/SVGImageChromeClient.h"
 #include "core/timing/DOMWindowPerformance.h"
 #include "core/timing/Performance.h"
 #include "platform/Logging.h"
 #include "platform/TracedValue.h"
 #include "platform/mhtml/MHTMLArchive.h"
 #include "platform/network/ResourceTimingInfo.h"
 #include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityPolicy.h"
@@ skipping 98 matching lines @@
         return UseProtocolCachePolicy;
     if (policy == CachePolicyRevalidate)
         return ValidatingCacheData;
     if (policy == CachePolicyReload)
         return BypassingCache;
     if (policy == CachePolicyHistoryBuffer)
         return ReturnCacheDataElseLoad;
     return UseProtocolCachePolicy;
 }
 
-ResourceRequestCachePolicy FrameFetchContext::resourceRequestCachePolicy(const ResourceRequest& request, Resource::Type type) const
+ResourceRequestCachePolicy FrameFetchContext::resourceRequestCachePolicy(const ResourceRequest& request, Resource::Type type, FetchRequest::DeferOption defer) const
 {
     ASSERT(frame());
     if (type == Resource::MainResource) {
         FrameLoadType frameLoadType = frame()->loader().loadType();
         if (request.httpMethod() == "POST" && frameLoadType == FrameLoadTypeBackForward)
             return ReturnCacheDataDontLoad;
         if (!frame()->host()->overrideEncoding().isEmpty())
             return ReturnCacheDataElseLoad;
         if (frameLoadType == FrameLoadTypeSame || request.isConditional() || request.httpMethod() == "POST")
             return ValidatingCacheData;
 
         for (Frame* f = frame(); f; f = f->tree().parent()) {
             if (!f->isLocalFrame())
                 continue;
             frameLoadType = toLocalFrame(f)->loader().loadType();
             if (frameLoadType == FrameLoadTypeBackForward)
                 return ReturnCacheDataElseLoad;
             if (frameLoadType == FrameLoadTypeReloadBypassingCache)
                 return BypassingCache;
             if (frameLoadType == FrameLoadTypeReload)
                 return ValidatingCacheData;
         }
         return UseProtocolCachePolicy;
     }
 
     // For users on slow connections, we want to avoid blocking the parser in
     // the main frame on script loads inserted via document.write, since it can
     // add significant delays before page content is displayed on the screen.
-    // For now, as a prototype, we block fetches for main frame scripts
-    // inserted via document.write as long as the
-    // disallowFetchForDocWrittenScriptsInMainFrame setting is enabled. In the
-    // future, we'll extend this logic to only block if estimated network RTT
-    // is above some threshold.
     if (type == Resource::Script && isMainFrame()) {
+        const bool disallowFetchForDocWriteScripts = frame()->settings() && frame()->settings()->disallowFetchForDocWrittenScriptsInMainFrame();

[Nate Chapin, 2016/04/07 16:25:48]

Why did this move?

[shivanisha, 2016/04/08 14:54:32]

Moving it back in order to have less diffs 

         const bool isInDocumentWrite = m_document && m_document->isInDocumentWrite();
-        const bool disallowFetchForDocWriteScripts = frame()->settings() && frame()->settings()->disallowFetchForDocWrittenScriptsInMainFrame();
-        if (isInDocumentWrite && disallowFetchForDocWriteScripts)
-            return ReturnCacheDataDontLoad;
+
+        if (isInDocumentWrite && disallowFetchForDocWriteScripts) {
+            // only synchronously loaded scripts should be blocked
+            const bool isSync = defer == FetchRequest::NoDefer;
+
+            // Not blocking same origin scripts as they may be used to render main page content
+            // whereas cross-origin scripts inserted via document.write are likely
+            // for third party content.
+            const bool isThirdParty = request.url().host() != m_document->getSecurityOrigin()->domain();
+
+            // Only blocking in slow connections where the performance penalty is worst case.
+            // For now we restrict slow connections to 2G, in future this might be expanded using the
+            // network quality estimator.
+            const bool isSlowConnection = networkStateNotifier().connectionType() == WebConnectionTypeCellular2G;
+
+            if (isSync && isThirdParty && isSlowConnection)
+                return ReturnCacheDataDontLoad;
+        }
     }
 
     if (request.isConditional())
         return ValidatingCacheData;
 
     if (m_documentLoader && m_document && !m_document->loadEventFinished()) {
         // For POST requests, we mutate the main resource's cache policy to avoid form resubmission.
         // This policy should not be inherited by subresources.
         ResourceRequestCachePolicy mainResourceCachePolicy = m_documentLoader->request().getCachePolicy();
         if (m_documentLoader->request().httpMethod() == "POST") {
@@ skipping 594 matching lines @@
 }
 
 DEFINE_TRACE(FrameFetchContext)
 {
     visitor->trace(m_document);
     visitor->trace(m_documentLoader);
     FetchContext::trace(visitor);
 }
 
 } // namespace blink