Forwarding POST body into renderer after a cross-site transfer.

content/browser/frame_host/navigator_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/frame_host/navigator_impl.h"
 
 #include <utility>
 
 #include "base/metrics/histogram.h"
 #include "base/time/time.h"
@@ skipping 239 matching lines @@
         error_description, was_ignored_by_handler);
   }
 }
 
 bool NavigatorImpl::NavigateToEntry(
     FrameTreeNode* frame_tree_node,
     const FrameNavigationEntry& frame_entry,
     const NavigationEntryImpl& entry,
     NavigationController::ReloadType reload_type,
     bool is_same_document_history_load,
-    bool is_pending_entry) {
+    bool is_pending_entry,
+    const scoped_refptr<ResourceRequestBody>& post_body) {
   TRACE_EVENT0("browser,navigation", "NavigatorImpl::NavigateToEntry");
 
   GURL dest_url = frame_entry.url();
   Referrer dest_referrer = frame_entry.referrer();
   if (reload_type ==
           NavigationController::ReloadType::RELOAD_ORIGINAL_REQUEST_URL &&
       entry.GetOriginalRequestURL().is_valid() && !entry.GetHasPostData()) {
     // We may have been redirected when navigating to the current URL.
     // Use the URL the user originally intended to visit, if it's valid and if a
     // POST wasn't involved; the latter case avoids issues with sending data to
@@ skipping 97 matching lines @@
         is_transfer &&
         entry.transferred_global_request_id().child_id ==
             dest_render_frame_host->GetProcess()->GetID();
     if (!is_transfer_to_same) {
       navigation_data_.reset(new NavigationMetricsData(
           navigation_start, dest_url, entry.restore_type()));
       // Create the navigation parameters.
       FrameMsg_Navigate_Type::Value navigation_type = GetNavigationType(
           controller_->GetBrowserContext(), entry, reload_type);
       dest_render_frame_host->Navigate(
-          entry.ConstructCommonNavigationParams(dest_url, dest_referrer,
-                                                navigation_type, lofi_state,
-                                                navigation_start),
-          entry.ConstructStartNavigationParams(),
+          entry.ConstructCommonNavigationParams(frame_entry.method(), dest_url,

[clamy, 2016/05/19 16:08:00]

In the current code, the method is always GET for subframes. Using
frame_entry.method() outside of UseSubframeNavigationEntries mode may lead to
differences in behavior.

[Łukasz Anforowicz, 2016/05/19 18:06:59]

Oh, I see - this is the concern that you're addressing in your CL inside
https://codereview.chromium.org/1907443006/patch/260001/270003.

I think I'll just copy your approach and rebase on top of your CL (and wait with
landing this until your CL can land).

Done?

+                                                dest_referrer, navigation_type,
+                                                lofi_state, navigation_start),
+          entry.ConstructStartNavigationParams(post_body),
           entry.ConstructRequestNavigationParams(
               frame_entry, is_same_document_history_load,
               frame_tree_node->has_committed_real_load(),
               controller_->GetPendingEntryIndex() == -1,
               controller_->GetIndexOfEntry(&entry),
               controller_->GetLastCommittedEntryIndex(),
               controller_->GetEntryCount()));
     } else {
       // No need to navigate again.  Just resume the deferred request.
       dest_render_frame_host->GetProcess()->ResumeDeferredNavigation(
@@ skipping 25 matching lines @@
   return true;
 }
 
 bool NavigatorImpl::NavigateToPendingEntry(
     FrameTreeNode* frame_tree_node,
     const FrameNavigationEntry& frame_entry,
     NavigationController::ReloadType reload_type,
     bool is_same_document_history_load) {
   return NavigateToEntry(frame_tree_node, frame_entry,
                          *controller_->GetPendingEntry(), reload_type,
-                         is_same_document_history_load, true);
+                         is_same_document_history_load, true, nullptr);
 }
 
 bool NavigatorImpl::NavigateNewChildFrame(
     RenderFrameHostImpl* render_frame_host,
     const std::string& unique_name) {
   NavigationEntryImpl* entry =
       controller_->GetEntryWithUniqueID(render_frame_host->nav_entry_id());
   if (!entry)
     return false;
 
   // TODO(creis): Remove unique_name from the IPC, now that we can rely on the
   // replication state.
   DCHECK_EQ(render_frame_host->frame_tree_node()->unique_name(), unique_name);
   FrameNavigationEntry* frame_entry =
       entry->GetFrameEntry(render_frame_host->frame_tree_node());
   if (!frame_entry)
     return false;
 
   return NavigateToEntry(render_frame_host->frame_tree_node(), *frame_entry,
                          *entry, NavigationControllerImpl::NO_RELOAD, false,
-                         false);
+                         false, nullptr);
 }
 
 void NavigatorImpl::DidNavigate(
     RenderFrameHostImpl* render_frame_host,
     const FrameHostMsg_DidCommitProvisionalLoad_Params& params) {
   FrameTree* frame_tree = render_frame_host->frame_tree_node()->frame_tree();
   bool oopifs_possible = SiteIsolationPolicy::AreCrossProcessFramesPossible();
 
   bool has_embedded_credentials =
       params.url.has_username() || params.url.has_password();
@@ skipping 241 matching lines @@
 }
 
 void NavigatorImpl::RequestTransferURL(
     RenderFrameHostImpl* render_frame_host,
     const GURL& url,
     SiteInstance* source_site_instance,
     const std::vector<GURL>& redirect_chain,
     const Referrer& referrer,
     ui::PageTransition page_transition,
     const GlobalRequestID& transferred_global_request_id,
-    bool should_replace_current_entry) {
+    bool should_replace_current_entry,
+    const NavigationHandleImpl* transfer_navigation_handle) {
   // This call only makes sense for subframes if OOPIFs are possible.
   DCHECK(!render_frame_host->GetParent() ||
          SiteIsolationPolicy::AreCrossProcessFramesPossible());
 
+  // Figure out the HTTP method.
+  // TODO(lukasza): Guarantee that |transfer_navigation_handle| is not null (it
+  // is null, when we are called from RenderFrameProxyHost::OnOpenURL).

[clamy, 2016/05/19 16:08:00]

I think it would be better to pass the post data and the method instead of the
handle itself. When we call RenderFrameProxyHost::OnOpenURL the handle should
always be null. However, we could pass method and the post data in
FrameHostMsg_OpenURL_Params, and then to this function.

[Łukasz Anforowicz, 2016/05/19 18:06:59]

Done.  And thanks a lot for the suggestion - it really helps :-) (I think I
might try to handle the open url case next week).

+  std::string method =
+      transfer_navigation_handle ? transfer_navigation_handle->method() : "GET";
+
   // Allow the delegate to cancel the transfer.
   if (!delegate_->ShouldTransferNavigation())
     return;
 
   GURL dest_url(url);
   Referrer referrer_to_use(referrer);
   FrameTreeNode* node = render_frame_host->frame_tree_node();
   SiteInstance* current_site_instance = render_frame_host->GetSiteInstance();
   if (!GetContentClient()->browser()->ShouldAllowOpenURL(current_site_instance,
                                                          url)) {
@@ skipping 39 matching lines @@
     } else {
       // If there's no last committed entry, create an entry for about:blank
       // with a subframe entry for our destination.
       // TODO(creis): Ensure this case can't exist in https://crbug.com/524208.
       entry = NavigationEntryImpl::FromNavigationEntry(
           controller_->CreateNavigationEntry(
               GURL(url::kAboutBlankURL), referrer_to_use, page_transition,
               is_renderer_initiated, std::string(),
               controller_->GetBrowserContext()));
     }
-    // TODO(creis): Handle POST submissions.  See https://crbug.com/582211 and
-    // https://crbug.com/101395.
+    // TODO(lukasza): https://crbug.com/568703: Keep pre-transfer PageState.
     entry->AddOrUpdateFrameEntry(
         node, -1, -1, nullptr,
         static_cast<SiteInstanceImpl*>(source_site_instance), dest_url,
-        referrer_to_use, PageState(), "GET", -1);
+        referrer_to_use, PageState(), method, -1);
   } else {
     // Main frame case.
     entry = NavigationEntryImpl::FromNavigationEntry(
         controller_->CreateNavigationEntry(
             dest_url, referrer_to_use, page_transition, is_renderer_initiated,
             std::string(), controller_->GetBrowserContext()));
     entry->root_node()->frame_entry->set_source_site_instance(
         static_cast<SiteInstanceImpl*>(source_site_instance));
   }
 
   entry->SetRedirectChain(redirect_chain);
   // Don't allow an entry replacement if there is no entry to replace.
   // http://crbug.com/457149
   if (should_replace_current_entry && controller_->GetEntryCount() > 0)
     entry->set_should_replace_entry(true);
   if (controller_->GetLastCommittedEntry() &&
       controller_->GetLastCommittedEntry()->GetIsOverridingUserAgent()) {
     entry->SetIsOverridingUserAgent(true);
   }
   entry->set_transferred_global_request_id(transferred_global_request_id);
   // TODO(creis): Set user gesture and intent received timestamp on Android.
 
   // We may not have successfully added the FrameNavigationEntry to |entry|
   // above (per https://crbug.com/608402), in which case we create it from
   // scratch.  This works because we do not depend on |frame_entry| being inside
   // |entry| during NavigateToEntry.  This will go away when we shortcut this
   // further in https://crbug.com/536906.
   scoped_refptr<FrameNavigationEntry> frame_entry(entry->GetFrameEntry(node));
   if (!frame_entry) {
-    // TODO(creis): Handle POST submissions here, as above.
     frame_entry = new FrameNavigationEntry(
         node->unique_name(), -1, -1, nullptr,
         static_cast<SiteInstanceImpl*>(source_site_instance), dest_url,
-        referrer_to_use, "GET", -1);
+        referrer_to_use, method, -1);
   }
+
+  // TODO(lukasza): Guarantee that |transfer_navigation_handle| is not null (it
+  // is null, when we are called from RenderFrameProxyHost::OnOpenURL).
+  scoped_refptr<ResourceRequestBody> post_body;
+  if (transfer_navigation_handle)
+    post_body = transfer_navigation_handle->resource_request_body();
+
   NavigateToEntry(node, *frame_entry, *entry.get(),
-                  NavigationController::NO_RELOAD, false, false);
+                  NavigationController::NO_RELOAD, false, false, post_body);
 }
 
 // PlzNavigate
 void NavigatorImpl::OnBeforeUnloadACK(FrameTreeNode* frame_tree_node,
                                       bool proceed) {
   CHECK(IsBrowserSideNavigationEnabled());
   DCHECK(frame_tree_node);
 
   NavigationRequest* navigation_request = frame_tree_node->navigation_request();
 
@@ skipping 320 matching lines @@
   if (pending_entry != controller_->GetVisibleEntry() ||
       !should_preserve_entry) {
     controller_->DiscardPendingEntry(true);
 
     // Also force the UI to refresh.
     controller_->delegate()->NotifyNavigationStateChanged(INVALIDATE_TYPE_URL);
   }
 }
 
 }  // namespace content