Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(44)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_response_headers.h

Issue 18533: Merge r5767 - Protect cookie headers from XHR... (Closed) Base URL: svn://chrome-svn/chrome/branches/release_154.next/src/
Patch Set: Created 11 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/http/http_cache.cc ('k') | net/http/http_response_headers.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_RESPONSE_HEADERS_H_ 5 #ifndef NET_HTTP_RESPONSE_HEADERS_H_
6 #define NET_HTTP_RESPONSE_HEADERS_H_ 6 #define NET_HTTP_RESPONSE_HEADERS_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 23 matching lines...) Expand all
34 // us to access the raw byte sequence as sent by a web server. In any case, 34 // us to access the raw byte sequence as sent by a web server. In any case,
35 // HttpResponseHeaders does not perform any encoding changes on the input. 35 // HttpResponseHeaders does not perform any encoding changes on the input.
36 // 36 //
37 explicit HttpResponseHeaders(const std::string& raw_headers); 37 explicit HttpResponseHeaders(const std::string& raw_headers);
38 38
39 // Initializes from the representation stored in the given pickle. The data 39 // Initializes from the representation stored in the given pickle. The data
40 // for this object is found relative to the given pickle_iter, which should 40 // for this object is found relative to the given pickle_iter, which should
41 // be passed to the pickle's various Read* methods. 41 // be passed to the pickle's various Read* methods.
42 HttpResponseHeaders(const Pickle& pickle, void** pickle_iter); 42 HttpResponseHeaders(const Pickle& pickle, void** pickle_iter);
43 43
44 // Appends a representation of this object to the given pickle. If the 44 // Persist options.
45 // for_cache argument is true, then non-cacheable headers will be pruned from 45 typedef int PersistOptions;
46 // the persisted version of the response headers. 46 static const PersistOptions PERSIST_RAW = -1; // Raw, unparsed headers.
47 void Persist(Pickle* pickle, bool for_cache); 47 static const PersistOptions PERSIST_ALL = 0; // Parsed headers.
48 static const PersistOptions PERSIST_SANS_COOKIES = 1 << 0;
49 static const PersistOptions PERSIST_SANS_CHALLENGES = 1 << 1;
50 static const PersistOptions PERSIST_SANS_HOP_BY_HOP = 1 << 2;
51 static const PersistOptions PERSIST_SANS_NON_CACHEABLE = 1 << 3;
52
53 // Appends a representation of this object to the given pickle.
54 // The options argument can be a combination of PersistOptions.
55 void Persist(Pickle* pickle, PersistOptions options);
48 56
49 // Performs header merging as described in 13.5.3 of RFC 2616. 57 // Performs header merging as described in 13.5.3 of RFC 2616.
50 void Update(const HttpResponseHeaders& new_headers); 58 void Update(const HttpResponseHeaders& new_headers);
51 59
52 // Creates a normalized header string. The output will be formatted exactly 60 // Creates a normalized header string. The output will be formatted exactly
53 // like so: 61 // like so:
54 // HTTP/<version> <status_code> <status_text>\n 62 // HTTP/<version> <status_code> <status_text>\n
55 // [<header-name>: <header-values>\n]* 63 // [<header-name>: <header-values>\n]*
56 // meaning, each line is \n-terminated, and there is no extra whitespace 64 // meaning, each line is \n-terminated, and there is no extra whitespace
57 // beyond the single space separators shown (of course, values can contain 65 // beyond the single space separators shown (of course, values can contain
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after
232 std::string::const_iterator value_end); 240 std::string::const_iterator value_end);
233 241
234 // Add to parsed_ given the fields of a ParsedHeader object. 242 // Add to parsed_ given the fields of a ParsedHeader object.
235 void AddToParsed(std::string::const_iterator name_begin, 243 void AddToParsed(std::string::const_iterator name_begin,
236 std::string::const_iterator name_end, 244 std::string::const_iterator name_end,
237 std::string::const_iterator value_begin, 245 std::string::const_iterator value_begin,
238 std::string::const_iterator value_end); 246 std::string::const_iterator value_end);
239 247
240 typedef base::hash_set<std::string> HeaderSet; 248 typedef base::hash_set<std::string> HeaderSet;
241 249
242 // Returns the values from any 'cache-control: no-cache="foo,bar"' headers as 250 // Adds the values from any 'cache-control: no-cache="foo,bar"' headers.
243 // well as other known-to-be-transient header names. The header names are 251 void AddNonCacheableHeaders(HeaderSet* header_names) const;
244 // all lowercase to support fast lookup. 252
245 void GetTransientHeaders(HeaderSet* header_names) const; 253 // Adds the set of header names that contain cookie values.
254 static void AddSensitiveHeaders(HeaderSet* header_names);
255
256 // Adds the set of rfc2616 hop-by-hop response headers.
257 static void AddHopByHopHeaders(HeaderSet* header_names);
258
259 // Adds the set of challenge response headers.
260 static void AddChallengeHeaders(HeaderSet* header_names);
261
262 // Adds the set of cookie response headers.
263 static void AddCookieHeaders(HeaderSet* header_names);
246 264
247 // The members of this structure point into raw_headers_. 265 // The members of this structure point into raw_headers_.
248 struct ParsedHeader { 266 struct ParsedHeader {
249 std::string::const_iterator name_begin; 267 std::string::const_iterator name_begin;
250 std::string::const_iterator name_end; 268 std::string::const_iterator name_end;
251 std::string::const_iterator value_begin; 269 std::string::const_iterator value_begin;
252 std::string::const_iterator value_end; 270 std::string::const_iterator value_end;
253 271
254 // A header "continuation" contains only a subsequent value for the 272 // A header "continuation" contains only a subsequent value for the
255 // preceding header. (Header values are comma separated.) 273 // preceding header. (Header values are comma separated.)
(...skipping 22 matching lines...) Expand all
278 // The parsed http version number (not normalized). 296 // The parsed http version number (not normalized).
279 HttpVersion parsed_http_version_; 297 HttpVersion parsed_http_version_;
280 298
281 DISALLOW_COPY_AND_ASSIGN(HttpResponseHeaders); 299 DISALLOW_COPY_AND_ASSIGN(HttpResponseHeaders);
282 }; 300 };
283 301
284 } // namespace net 302 } // namespace net
285 303
286 #endif // NET_HTTP_RESPONSE_HEADERS_H_ 304 #endif // NET_HTTP_RESPONSE_HEADERS_H_
287 305
OLDNEW
« no previous file with comments | « net/http/http_cache.cc ('k') | net/http/http_response_headers.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698