| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 68 #include "platform/network/ResourceTimingInfo.h" | 68 #include "platform/network/ResourceTimingInfo.h" |
| 69 #include "platform/weborigin/SchemeRegistry.h" | 69 #include "platform/weborigin/SchemeRegistry.h" |
| 70 #include "platform/weborigin/SecurityPolicy.h" | 70 #include "platform/weborigin/SecurityPolicy.h" |
| 71 #include "public/platform/WebCachePolicy.h" | 71 #include "public/platform/WebCachePolicy.h" |
| 72 #include "public/platform/WebFrameScheduler.h" | 72 #include "public/platform/WebFrameScheduler.h" |
| 73 | 73 |
| 74 #include <algorithm> | 74 #include <algorithm> |
| 75 | 75 |
| 76 namespace blink { | 76 namespace blink { |
| 77 | 77 |
| 78 namespace { |
| 79 |
| 80 bool shouldDisallowFetchForMainFrameScript(const ResourceRequest& request, Fetch
Request::DeferOption defer, const Document& document) |
| 81 { |
| 82 // Only scripts inserted via document.write are candidates for having their |
| 83 // fetch disallowed. |
| 84 if (!document.isInDocumentWrite()) |
| 85 return false; |
| 86 |
| 87 if (!document.settings()) |
| 88 return false; |
| 89 |
| 90 const bool isSlowConnection = networkStateNotifier().connectionType() == Web
ConnectionTypeCellular2G; |
| 91 const bool disallowFetch = document.settings()->disallowFetchForDocWrittenSc
riptsInMainFrame() || (document.settings()->disallowFetchForDocWrittenScriptsInM
ainFrameOnSlowConnections() && isSlowConnection); |
| 92 if (!disallowFetch) |
| 93 return false; |
| 94 |
| 95 // Only block synchronously loaded (parser blocking) scripts. |
| 96 if (defer != FetchRequest::NoDefer) |
| 97 return false; |
| 98 |
| 99 // Avoid blocking same origin scripts, as they may be used to render main |
| 100 // page content, whereas cross-origin scripts inserted via document.write |
| 101 // are likely to be third party content. |
| 102 if (request.url().host() == document.getSecurityOrigin()->domain()) |
| 103 return false; |
| 104 |
| 105 return true; |
| 106 } |
| 107 |
| 108 } // namespace |
| 109 |
| 78 FrameFetchContext::FrameFetchContext(DocumentLoader* loader, Document* document) | 110 FrameFetchContext::FrameFetchContext(DocumentLoader* loader, Document* document) |
| 79 : m_document(document) | 111 : m_document(document) |
| 80 , m_documentLoader(loader) | 112 , m_documentLoader(loader) |
| 81 , m_imageFetched(false) | 113 , m_imageFetched(false) |
| 82 { | 114 { |
| 83 ASSERT(frame()); | 115 ASSERT(frame()); |
| 84 } | 116 } |
| 85 | 117 |
| 86 FrameFetchContext::~FrameFetchContext() | 118 FrameFetchContext::~FrameFetchContext() |
| 87 { | 119 { |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 198 return WebCachePolicy::BypassingCache; | 230 return WebCachePolicy::BypassingCache; |
| 199 if (frameLoadType == FrameLoadTypeReload) | 231 if (frameLoadType == FrameLoadTypeReload) |
| 200 return WebCachePolicy::ValidatingCacheData; | 232 return WebCachePolicy::ValidatingCacheData; |
| 201 } | 233 } |
| 202 return WebCachePolicy::UseProtocolCachePolicy; | 234 return WebCachePolicy::UseProtocolCachePolicy; |
| 203 } | 235 } |
| 204 | 236 |
| 205 // For users on slow connections, we want to avoid blocking the parser in | 237 // For users on slow connections, we want to avoid blocking the parser in |
| 206 // the main frame on script loads inserted via document.write, since it can | 238 // the main frame on script loads inserted via document.write, since it can |
| 207 // add significant delays before page content is displayed on the screen. | 239 // add significant delays before page content is displayed on the screen. |
| 208 if (type == Resource::Script && isMainFrame()) { | 240 if (type == Resource::Script && isMainFrame() && m_document && shouldDisallo
wFetchForMainFrameScript(request, defer, *m_document)) |
| 209 const bool isInDocumentWrite = m_document && m_document->isInDocumentWri
te(); | 241 return WebCachePolicy::ReturnCacheDataDontLoad; |
| 210 const bool disallowFetchForDocWriteScripts = frame()->settings() && fram
e()->settings()->disallowFetchForDocWrittenScriptsInMainFrame(); | |
| 211 | |
| 212 if (isInDocumentWrite && disallowFetchForDocWriteScripts) { | |
| 213 // only synchronously loaded scripts should be blocked | |
| 214 const bool isSync = defer == FetchRequest::NoDefer; | |
| 215 | |
| 216 // Not blocking same origin scripts as they may be used to render ma
in page content | |
| 217 // whereas cross-origin scripts inserted via document.write are like
ly | |
| 218 // for third party content. | |
| 219 const bool isThirdParty = request.url().host() != m_document->getSec
urityOrigin()->domain(); | |
| 220 | |
| 221 // Only blocking in slow connections where the performance penalty i
s worst case. | |
| 222 // For now we restrict slow connections to 2G, in future this might
be expanded using the | |
| 223 // network quality estimator. | |
| 224 const bool isSlowConnection = networkStateNotifier().connectionType(
) == WebConnectionTypeCellular2G; | |
| 225 | |
| 226 if (isSync && isThirdParty && isSlowConnection) | |
| 227 return WebCachePolicy::ReturnCacheDataDontLoad; | |
| 228 } | |
| 229 } | |
| 230 | 242 |
| 231 if (request.isConditional()) | 243 if (request.isConditional()) |
| 232 return WebCachePolicy::ValidatingCacheData; | 244 return WebCachePolicy::ValidatingCacheData; |
| 233 | 245 |
| 234 if (m_documentLoader && m_document && !m_document->loadEventFinished()) { | 246 if (m_documentLoader && m_document && !m_document->loadEventFinished()) { |
| 235 // For POST requests, we mutate the main resource's cache policy to avoi
d form resubmission. | 247 // For POST requests, we mutate the main resource's cache policy to avoi
d form resubmission. |
| 236 // This policy should not be inherited by subresources. | 248 // This policy should not be inherited by subresources. |
| 237 WebCachePolicy mainResourceCachePolicy = m_documentLoader->request().get
CachePolicy(); | 249 WebCachePolicy mainResourceCachePolicy = m_documentLoader->request().get
CachePolicy(); |
| 238 if (m_documentLoader->request().httpMethod() == "POST") { | 250 if (m_documentLoader->request().httpMethod() == "POST") { |
| 239 if (mainResourceCachePolicy == WebCachePolicy::ReturnCacheDataDontLo
ad) | 251 if (mainResourceCachePolicy == WebCachePolicy::ReturnCacheDataDontLo
ad) |
| (...skipping 541 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 781 } | 793 } |
| 782 | 794 |
| 783 DEFINE_TRACE(FrameFetchContext) | 795 DEFINE_TRACE(FrameFetchContext) |
| 784 { | 796 { |
| 785 visitor->trace(m_document); | 797 visitor->trace(m_document); |
| 786 visitor->trace(m_documentLoader); | 798 visitor->trace(m_documentLoader); |
| 787 FetchContext::trace(visitor); | 799 FetchContext::trace(visitor); |
| 788 } | 800 } |
| 789 | 801 |
| 790 } // namespace blink | 802 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1868413002:
Add about:flags support for doc.write script blocking. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master