Add about:flags support for doc.write script blocking.

third_party/WebKit/Source/core/loader/FrameFetchContext.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 57 matching lines @@
 #include "platform/network/ResourceTimingInfo.h"
 #include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityPolicy.h"
 #include "public/platform/WebCachePolicy.h"
 #include "public/platform/WebFrameScheduler.h"
 
 #include <algorithm>
 
 namespace blink {
 
+namespace {

[Nate Chapin, 2016/04/12 16:53:15]

Why this namespace?

[Bryan McQuade, 2016/04/12 17:28:38]

Oh, I'm accustomed to using an anonymous namespace for functions in the C++
file, per the C++ style guide
https://google.github.io/styleguide/cppguide.html#Namespaces

I do see some code in blink that does this as well.

I can remove the anonymous namespace if you prefer - let me know.

+
+bool ShouldDisallowFetchForMainFrameScript(const ResourceRequest& request, FetchRequest::DeferOption defer, const Document& document)

[Nate Chapin, 2016/04/12 16:53:15]

Nit: shouldDisallowFetchForMainFrameScript

[Bryan McQuade, 2016/04/12 17:28:38]

Done

+{
+    // Only scripts inserted via document.write are candidates for having their
+    // fetch disallowed.
+    if (!document.isInDocumentWrite()) {

[Nate Chapin, 2016/04/12 16:53:15]

Here and below, no {} for ifs with single-line bodies.

[Bryan McQuade, 2016/04/12 17:28:38]

Done

+        return false;
+    }
+
+    if (!document.settings()) {
+        return false;
+    }
+
+    const bool isSlowConnection = networkStateNotifier().connectionType() == WebConnectionTypeCellular2G;
+    const bool disallowFetch = document.settings()->disallowFetchForDocWrittenScriptsInMainFrame() || (document.settings()->disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections() && isSlowConnection);
+    if (!disallowFetch) {
+        return false;
+    }
+
+    // Only block synchronously loaded (parser blocking) scripts.
+    if (defer != FetchRequest::NoDefer) {
+        return false;
+    }
+
+    // Avoid blocking same origin scripts, as they may be used to render main
+    // page content, whereas cross-origin scripts inserted via document.write
+    // are likely to be third party content.
+    if (request.url().host() == document.getSecurityOrigin()->domain()) {
+        return false;
+    }
+
+    return true;
+}
+
+} // namespace
+
 FrameFetchContext::FrameFetchContext(DocumentLoader* loader, Document* document)
     : m_document(document)
     , m_documentLoader(loader)
     , m_imageFetched(false)
 {
     ASSERT(frame());
 }
 
 FrameFetchContext::~FrameFetchContext()
 {
@@ skipping 110 matching lines @@
                 return WebCachePolicy::BypassingCache;
             if (frameLoadType == FrameLoadTypeReload)
                 return WebCachePolicy::ValidatingCacheData;
         }
         return WebCachePolicy::UseProtocolCachePolicy;
     }
 
     // For users on slow connections, we want to avoid blocking the parser in
     // the main frame on script loads inserted via document.write, since it can
     // add significant delays before page content is displayed on the screen.
-    if (type == Resource::Script && isMainFrame()) {
-        const bool isInDocumentWrite = m_document && m_document->isInDocumentWrite();
-        const bool disallowFetchForDocWriteScripts = frame()->settings() && frame()->settings()->disallowFetchForDocWrittenScriptsInMainFrame();
-
-        if (isInDocumentWrite && disallowFetchForDocWriteScripts) {
-            // only synchronously loaded scripts should be blocked
-            const bool isSync = defer == FetchRequest::NoDefer;
-
-            // Not blocking same origin scripts as they may be used to render main page content
-            // whereas cross-origin scripts inserted via document.write are likely
-            // for third party content.
-            const bool isThirdParty = request.url().host() != m_document->getSecurityOrigin()->domain();
-
-            // Only blocking in slow connections where the performance penalty is worst case.
-            // For now we restrict slow connections to 2G, in future this might be expanded using the
-            // network quality estimator.
-            const bool isSlowConnection = networkStateNotifier().connectionType() == WebConnectionTypeCellular2G;
-
-            if (isSync && isThirdParty && isSlowConnection)
-                return WebCachePolicy::ReturnCacheDataDontLoad;
-        }
+    if (type == Resource::Script && isMainFrame() && m_document && ShouldDisallowFetchForMainFrameScript(request, defer, *m_document)) {
+        return WebCachePolicy::ReturnCacheDataDontLoad;
     }
 
     if (request.isConditional())
         return WebCachePolicy::ValidatingCacheData;
 
     if (m_documentLoader && m_document && !m_document->loadEventFinished()) {
         // For POST requests, we mutate the main resource's cache policy to avoid form resubmission.
         // This policy should not be inherited by subresources.
         WebCachePolicy mainResourceCachePolicy = m_documentLoader->request().getCachePolicy();
         if (m_documentLoader->request().httpMethod() == "POST") {
@@ skipping 542 matching lines @@
 }
 
 DEFINE_TRACE(FrameFetchContext)
 {
     visitor->trace(m_document);
     visitor->trace(m_documentLoader);
     FetchContext::trace(visitor);
 }
 
 } // namespace blink