Chromium Code Reviews Chromium Code Reviews
Issue 1868413002:
Add about:flags support for doc.write script blocking. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 68 #include "platform/network/ResourceTimingInfo.h" | 68 #include "platform/network/ResourceTimingInfo.h" |
| 69 #include "platform/weborigin/SchemeRegistry.h" | 69 #include "platform/weborigin/SchemeRegistry.h" |
| 70 #include "platform/weborigin/SecurityPolicy.h" | 70 #include "platform/weborigin/SecurityPolicy.h" |
| 71 #include "public/platform/WebCachePolicy.h" | 71 #include "public/platform/WebCachePolicy.h" |
| 72 #include "public/platform/WebFrameScheduler.h" | 72 #include "public/platform/WebFrameScheduler.h" |
| 73 | 73 |
| 74 #include <algorithm> | 74 #include <algorithm> |
| 75 | 75 |
| 76 namespace blink { | 76 namespace blink { |
| 77 | 77 |
| 78 namespace { | |
| 79 | |
| 80 bool ShouldDisallowFetchForMainFrameScript(const ResourceRequest& request, F etchRequest::DeferOption defer, Document& document) | |
|
kinuko
2016/04/11 13:02:27
Drive-by nit: please not indent in namespace
Bryan McQuade
2016/04/11 13:15:24
for some reason git cl format likes to add the spa
jkarlin
2016/04/11 14:52:27
const Document& ?
It looks like isInDocumentWrit
Bryan McQuade
2016/04/11 16:28:29
Done
| |
| 81 { | |
| 82 // Only scripts inserted via document.write are candidates for having th eir | |
| 83 // fetch disallowed. | |
| 84 if (!document.isInDocumentWrite()) { | |
| 85 return false; | |
| 86 } | |
| 87 | |
| 88 if (!document.settings()) { | |
| 89 return false; | |
| 90 } | |
| 91 | |
| 92 // Only blocking in slow connections where the performance penalty is wo rst | |
| 93 // case. For now we restrict slow connections to 2G, in future this mig ht | |
| 94 // be expanded using the network quality estimator. | |
|
jkarlin
2016/04/11 14:52:27
Not a sentence, perhaps s/Only Blocking in/Block i
Bryan McQuade
2016/04/11 16:28:30
Good call. Once I removed this part of the comment
| |
| 95 const bool isSlowConnection = networkStateNotifier().connectionType() == WebConnectionTypeCellular2G; | |
| 96 const bool disallowFetch = document.settings()->disallowFetchForDocWritt enScriptsInMainFrame() || (document.settings()->disallowFetchForDocWrittenScript sInMainFrameOnSlowConnections() && isSlowConnection); | |
| 97 if (!disallowFetch) { | |
| 98 return false; | |
| 99 } | |
| 100 | |
| 101 // only synchronously loaded scripts should be blocked | |
|
kinuko
2016/04/11 13:02:27
nit: only -> Only, and end comment with period
Bryan McQuade
2016/04/11 13:15:24
Done.
| |
| 102 if (defer != FetchRequest::NoDefer) { | |
| 103 return false; | |
| 104 } | |
| 105 | |
| 106 // Not blocking same origin scripts as they may be used to render main p age | |
|
jkarlin
2016/04/11 14:52:27
Not a sentence, perhaps s/Not blocking/Don't block
Bryan McQuade
2016/04/11 16:28:29
Done
Bryan McQuade
2016/04/11 16:28:30
Done
| |
| 107 // content whereas cross-origin scripts inserted via document.write are | |
| 108 // likely to be third party content. | |
| 109 if (request.url().host() == document.getSecurityOrigin()->domain()) { | |
| 110 return false; | |
| 111 } | |
| 112 | |
| 113 return true; | |
| 114 } | |
| 115 | |
| 116 } // namespace | |
| 117 | |
| 78 FrameFetchContext::FrameFetchContext(DocumentLoader* loader, Document* document) | 118 FrameFetchContext::FrameFetchContext(DocumentLoader* loader, Document* document) |
| 79 : m_document(document) | 119 : m_document(document) |
| 80 , m_documentLoader(loader) | 120 , m_documentLoader(loader) |
| 81 , m_imageFetched(false) | 121 , m_imageFetched(false) |
| 82 { | 122 { |
| 83 ASSERT(frame()); | 123 ASSERT(frame()); |
| 84 } | 124 } |
| 85 | 125 |
| 86 FrameFetchContext::~FrameFetchContext() | 126 FrameFetchContext::~FrameFetchContext() |
| 87 { | 127 { |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 198 return WebCachePolicy::BypassingCache; | 238 return WebCachePolicy::BypassingCache; |
| 199 if (frameLoadType == FrameLoadTypeReload) | 239 if (frameLoadType == FrameLoadTypeReload) |
| 200 return WebCachePolicy::ValidatingCacheData; | 240 return WebCachePolicy::ValidatingCacheData; |
| 201 } | 241 } |
| 202 return WebCachePolicy::UseProtocolCachePolicy; | 242 return WebCachePolicy::UseProtocolCachePolicy; |
| 203 } | 243 } |
| 204 | 244 |
| 205 // For users on slow connections, we want to avoid blocking the parser in | 245 // For users on slow connections, we want to avoid blocking the parser in |
| 206 // the main frame on script loads inserted via document.write, since it can | 246 // the main frame on script loads inserted via document.write, since it can |
| 207 // add significant delays before page content is displayed on the screen. | 247 // add significant delays before page content is displayed on the screen. |
| 208 if (type == Resource::Script && isMainFrame()) { | 248 if (type == Resource::Script && isMainFrame() && m_document && ShouldDisallo wFetchForMainFrameScript(request, defer, *m_document)) { |
| 209 const bool isInDocumentWrite = m_document && m_document->isInDocumentWri te(); | 249 return WebCachePolicy::ReturnCacheDataDontLoad; |
| 210 const bool disallowFetchForDocWriteScripts = frame()->settings() && fram e()->settings()->disallowFetchForDocWrittenScriptsInMainFrame(); | |
| 211 | |
| 212 if (isInDocumentWrite && disallowFetchForDocWriteScripts) { | |
| 213 // only synchronously loaded scripts should be blocked | |
| 214 const bool isSync = defer == FetchRequest::NoDefer; | |
| 215 | |
| 216 // Not blocking same origin scripts as they may be used to render ma in page content | |
| 217 // whereas cross-origin scripts inserted via document.write are like ly | |
| 218 // for third party content. | |
| 219 const bool isThirdParty = request.url().host() != m_document->getSec urityOrigin()->domain(); | |
| 220 | |
| 221 // Only blocking in slow connections where the performance penalty i s worst case. | |
| 222 // For now we restrict slow connections to 2G, in future this might be expanded using the | |
| 223 // network quality estimator. | |
| 224 const bool isSlowConnection = networkStateNotifier().connectionType( ) == WebConnectionTypeCellular2G; | |
| 225 | |
| 226 if (isSync && isThirdParty && isSlowConnection) | |
| 227 return WebCachePolicy::ReturnCacheDataDontLoad; | |
| 228 } | |
| 229 } | 250 } |
| 230 | 251 |
| 231 if (request.isConditional()) | 252 if (request.isConditional()) |
| 232 return WebCachePolicy::ValidatingCacheData; | 253 return WebCachePolicy::ValidatingCacheData; |
| 233 | 254 |
| 234 if (m_documentLoader && m_document && !m_document->loadEventFinished()) { | 255 if (m_documentLoader && m_document && !m_document->loadEventFinished()) { |
| 235 // For POST requests, we mutate the main resource's cache policy to avoi d form resubmission. | 256 // For POST requests, we mutate the main resource's cache policy to avoi d form resubmission. |
| 236 // This policy should not be inherited by subresources. | 257 // This policy should not be inherited by subresources. |
| 237 WebCachePolicy mainResourceCachePolicy = m_documentLoader->request().get CachePolicy(); | 258 WebCachePolicy mainResourceCachePolicy = m_documentLoader->request().get CachePolicy(); |
| 238 if (m_documentLoader->request().httpMethod() == "POST") { | 259 if (m_documentLoader->request().httpMethod() == "POST") { |
| (...skipping 542 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 781 } | 802 } |
| 782 | 803 |
| 783 DEFINE_TRACE(FrameFetchContext) | 804 DEFINE_TRACE(FrameFetchContext) |
| 784 { | 805 { |
| 785 visitor->trace(m_document); | 806 visitor->trace(m_document); |
| 786 visitor->trace(m_documentLoader); | 807 visitor->trace(m_documentLoader); |
| 787 FetchContext::trace(visitor); | 808 FetchContext::trace(visitor); |
| 788 } | 809 } |
| 789 | 810 |
| 790 } // namespace blink | 811 } // namespace blink |
| OLD | NEW |
