Set SkipServiceWorker flag in DocumentThreadableLoader::loadActualRequest().

third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp

 /*
  * Copyright (C) 2011, 2012 Google Inc. All rights reserved.
  * Copyright (C) 2013, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
@@ skipping 788 matching lines @@
 {
     ResourceRequest actualRequest = m_actualRequest;
     ResourceLoaderOptions actualOptions = m_actualOptions;
     m_actualRequest = ResourceRequest();
     m_actualOptions = ResourceLoaderOptions();
 
     actualRequest.setHTTPOrigin(getSecurityOrigin());
 
     clearResource();
 
+    // Explicitly set the SkipServiceWorker flag here. Even if the page was not
+    // controlled by a SW when the preflight request was sent, a new SW may be
+    // controlling the page now by calling clients.claim(). We should not send
+    // the actual request to the SW. https://crbug.com/604583
+    actualRequest.setSkipServiceWorker(true);

[tyoshino (SeeGerritForStatus), 2016/05/10 09:17:01]

So, the approach is to have the series of requests following a request which has
been handled without SW?

As I chatted offline, I'm guessing that similar issue may happen in following
redirect chain.

This code change looks good, but shouldn't we just mark the request in
DocumentThreadableLoader::start() so that it and its child requests never go
through SW?

[horo, 2016/05/10 13:20:27]

In the redirect case, the request is passed from
WebURLLoaderImpl::Context::OnReceivedRedirect() to
DocumentThreadableLoader::redirectReceived(). The SkipServiceWorker flag of the
request must be true if the page was not controlled by a SW when the first
request was sent. So I think there is no problem in the redirect case.

(And also we can't simply set the flag in DocumentThreadableLoader::start()
because the flag must be false when the request is for SharedWorker script and
ServiceWorker script and the scripts imported from those workers.)

[tyoshino (SeeGerritForStatus), 2016/05/10 13:52:48]

ok

+
     loadRequest(actualRequest, actualOptions);
     // |this| may be dead here in async mode.
 }
 
 void DocumentThreadableLoader::handlePreflightFailure(const String& url, const String& errorDescription)
 {
     ResourceError error(errorDomainBlinkInternal, 0, url, errorDescription);
 
     // Prevent handleSuccessfulFinish() from bypassing access check.
     m_actualRequest = ResourceRequest();
@@ skipping 149 matching lines @@
     return m_securityOrigin ? m_securityOrigin.get() : document().getSecurityOrigin();
 }
 
 Document& DocumentThreadableLoader::document() const
 {
     ASSERT(m_document);
     return *m_document;
 }
 
 } // namespace blink