Use RequestContext to apply CSP in FrameFetchContext

third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp

 /*
  * Copyright (C) 2011, 2012 Google Inc. All rights reserved.
  * Copyright (C) 2013, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
@@ skipping 21 matching lines @@
 #include "core/loader/DocumentThreadableLoader.h"
 
 #include "core/dom/Document.h"
 #include "core/fetch/CrossOriginAccessControl.h"
 #include "core/fetch/FetchRequest.h"
 #include "core/fetch/FetchUtils.h"
 #include "core/fetch/Resource.h"
 #include "core/fetch/ResourceFetcher.h"
 #include "core/frame/FrameConsole.h"
 #include "core/frame/LocalFrame.h"
-#include "core/frame/csp/ContentSecurityPolicy.h"
 #include "core/inspector/InspectorInstrumentation.h"
 #include "core/inspector/InspectorTraceEvents.h"
 #include "core/loader/CrossOriginPreflightResultCache.h"
 #include "core/loader/DocumentThreadableLoaderClient.h"
 #include "core/loader/FrameLoader.h"
 #include "core/loader/FrameLoaderClient.h"
 #include "core/loader/ThreadableLoaderClient.h"
 #include "core/page/ChromeClient.h"
 #include "core/page/Page.h"
 #include "platform/SharedBuffer.h"
@@ skipping 381 matching lines @@
         if (m_client) {
             ASSERT(m_actualRequest.isNull());
             notifyFinished(resource);
         }
 
         request = ResourceRequest();
 
         return;
     }
 
-    if (m_redirectMode == WebURLRequest::FetchRedirectModeError || !isAllowedByContentSecurityPolicy(request.url(), ContentSecurityPolicy::DidRedirect)) {
+    if (m_redirectMode == WebURLRequest::FetchRedirectModeError) {
         ThreadableLoaderClient* client = m_client;
         clear();
         client->didFailRedirectCheck();
         // |this| may be dead here.
 
         request = ResourceRequest();
 
         return;
     }
 
@@ skipping 67 matching lines @@
     } else {
         ThreadableLoaderClient* client = m_client;
         clear();
         client->didFailRedirectCheck();
         // |this| may be dead here.
     }
 
     request = ResourceRequest();
 }
 
+void DocumentThreadableLoader::redirectBlocked()
+{
+    // Tells the client that a redirect was received but not followed (for an unknown reason).
+    ThreadableLoaderClient* client = m_client;
+    clear();
+    client->didFailRedirectCheck();
+    // |this| may be dead here
+}
+
 void DocumentThreadableLoader::dataSent(Resource* resource, unsigned long long bytesSent, unsigned long long totalBytesToBeSent)
 {
     ASSERT(m_client);
     ASSERT_UNUSED(resource, resource == this->resource());
     ASSERT(m_async);
 
     m_client->didSendData(bytesSent, totalBytesToBeSent);
     // |this| may be dead here.
 }
 
@@ skipping 332 matching lines @@
     // No exception for file:/// resources, see <rdar://problem/4962298>.
     // Also, if we have an HTTP response, then it wasn't a network error in fact.
     if (!error.isNull() && !requestURL.isLocalFile() && response.httpStatusCode() <= 0) {
         m_client->didFail(error);
         return;
     }
 
     // FIXME: A synchronous request does not tell us whether a redirect happened or not, so we guess by comparing the
     // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was
     // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials.
-    if (requestURL != response.url() && (!isAllowedByContentSecurityPolicy(response.url(), ContentSecurityPolicy::DidRedirect) || !isAllowedRedirect(response.url()))) {
+    if (requestURL != response.url() && !isAllowedRedirect(response.url())) {
         m_client->didFailRedirectCheck();
         return;
     }
 
     handleResponse(identifier, response, nullptr);
 
     // handleResponse() may detect an error. In such a case (check |m_client|
     // as it gets reset by clear() call), skip the rest.
     //
     // |this| is alive here since loadResourceSynchronously() keeps it alive
@@ skipping 14 matching lines @@
 }
 
 bool DocumentThreadableLoader::isAllowedRedirect(const KURL& url) const
 {
     if (m_options.crossOriginRequestPolicy == AllowCrossOriginRequests)
         return true;
 
     return m_sameOriginRequest && getSecurityOrigin()->canRequest(url);
 }
 
-bool DocumentThreadableLoader::isAllowedByContentSecurityPolicy(const KURL& url, ContentSecurityPolicy::RedirectStatus redirectStatus) const
-{
-    if (m_options.contentSecurityPolicyEnforcement != EnforceContentSecurityPolicy)
-        return true;
-
-    return document().contentSecurityPolicy()->allowRequest(m_requestContext, url, redirectStatus);
-}
-
 StoredCredentials DocumentThreadableLoader::effectiveAllowCredentials() const
 {
     if (m_forceDoNotAllowStoredCredentials)
         return DoNotAllowStoredCredentials;
     return m_resourceLoaderOptions.allowCredentials;
 }
 
 SecurityOrigin* DocumentThreadableLoader::getSecurityOrigin() const
 {
     return m_securityOrigin ? m_securityOrigin.get() : document().getSecurityOrigin();
 }
 
 Document& DocumentThreadableLoader::document() const
 {
     ASSERT(m_document);
     return *m_document;
 }
 
 } // namespace blink