| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved. |
| 3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org> | 3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org> |
| 4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org> | 4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org> |
| 5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved. | 5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved. |
| 6 * Copyright (C) 2012 Intel Corporation | 6 * Copyright (C) 2012 Intel Corporation |
| 7 * | 7 * |
| 8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
| 9 * modify it under the terms of the GNU Lesser General Public | 9 * modify it under the terms of the GNU Lesser General Public |
| 10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
| (...skipping 1214 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1225 } | 1225 } |
| 1226 | 1226 |
| 1227 String XMLHttpRequest::getAllResponseHeaders() const | 1227 String XMLHttpRequest::getAllResponseHeaders() const |
| 1228 { | 1228 { |
| 1229 if (m_state < HEADERS_RECEIVED || m_error) | 1229 if (m_state < HEADERS_RECEIVED || m_error) |
| 1230 return ""; | 1230 return ""; |
| 1231 | 1231 |
| 1232 StringBuilder stringBuilder; | 1232 StringBuilder stringBuilder; |
| 1233 | 1233 |
| 1234 HTTPHeaderSet accessControlExposeHeaderSet; | 1234 HTTPHeaderSet accessControlExposeHeaderSet; |
| 1235 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField(HTTPName
s::Access_Control_Expose_Headers), accessControlExposeHeaderSet); | 1235 extractCorsExposedHeaderNamesList(m_response, accessControlExposeHeaderSet); |
| 1236 |
| 1236 HTTPHeaderMap::const_iterator end = m_response.httpHeaderFields().end(); | 1237 HTTPHeaderMap::const_iterator end = m_response.httpHeaderFields().end(); |
| 1237 for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(
); it!= end; ++it) { | 1238 for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(
); it!= end; ++it) { |
| 1238 // Hide any headers whose name is a forbidden response-header name. | 1239 // Hide any headers whose name is a forbidden response-header name. |
| 1239 // This is required for all kinds of filtered responses. | 1240 // This is required for all kinds of filtered responses. |
| 1240 // | 1241 // |
| 1241 // TODO: Consider removing canLoadLocalResources() call. | 1242 // TODO: Consider removing canLoadLocalResources() call. |
| 1242 // crbug.com/567527 | 1243 // crbug.com/567527 |
| 1243 if (FetchUtils::isForbiddenResponseHeaderName(it->key) && !getSecurityOr
igin()->canLoadLocalResources()) | 1244 if (FetchUtils::isForbiddenResponseHeaderName(it->key) && !getSecurityOr
igin()->canLoadLocalResources()) |
| 1244 continue; | 1245 continue; |
| 1245 | 1246 |
| (...skipping 16 matching lines...) Expand all Loading... |
| 1262 if (m_state < HEADERS_RECEIVED || m_error) | 1263 if (m_state < HEADERS_RECEIVED || m_error) |
| 1263 return nullAtom; | 1264 return nullAtom; |
| 1264 | 1265 |
| 1265 // See comment in getAllResponseHeaders above. | 1266 // See comment in getAllResponseHeaders above. |
| 1266 if (FetchUtils::isForbiddenResponseHeaderName(name) && !getSecurityOrigin()-
>canLoadLocalResources()) { | 1267 if (FetchUtils::isForbiddenResponseHeaderName(name) && !getSecurityOrigin()-
>canLoadLocalResources()) { |
| 1267 logConsoleError(getExecutionContext(), "Refused to get unsafe header \""
+ name + "\""); | 1268 logConsoleError(getExecutionContext(), "Refused to get unsafe header \""
+ name + "\""); |
| 1268 return nullAtom; | 1269 return nullAtom; |
| 1269 } | 1270 } |
| 1270 | 1271 |
| 1271 HTTPHeaderSet accessControlExposeHeaderSet; | 1272 HTTPHeaderSet accessControlExposeHeaderSet; |
| 1272 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField(HTTPName
s::Access_Control_Expose_Headers), accessControlExposeHeaderSet); | 1273 extractCorsExposedHeaderNamesList(m_response, accessControlExposeHeaderSet); |
| 1273 | 1274 |
| 1274 if (!m_sameOriginRequest && !isOnAccessControlResponseHeaderWhitelist(name)
&& !accessControlExposeHeaderSet.contains(name)) { | 1275 if (!m_sameOriginRequest && !isOnAccessControlResponseHeaderWhitelist(name)
&& !accessControlExposeHeaderSet.contains(name)) { |
| 1275 logConsoleError(getExecutionContext(), "Refused to get unsafe header \""
+ name + "\""); | 1276 logConsoleError(getExecutionContext(), "Refused to get unsafe header \""
+ name + "\""); |
| 1276 return nullAtom; | 1277 return nullAtom; |
| 1277 } | 1278 } |
| 1278 return m_response.httpHeaderField(name); | 1279 return m_response.httpHeaderField(name); |
| 1279 } | 1280 } |
| 1280 | 1281 |
| 1281 AtomicString XMLHttpRequest::finalResponseMIMEType() const | 1282 AtomicString XMLHttpRequest::finalResponseMIMEType() const |
| 1282 { | 1283 { |
| (...skipping 431 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1714 visitor->trace(m_responseArrayBuffer); | 1715 visitor->trace(m_responseArrayBuffer); |
| 1715 visitor->trace(m_progressEventThrottle); | 1716 visitor->trace(m_progressEventThrottle); |
| 1716 visitor->trace(m_upload); | 1717 visitor->trace(m_upload); |
| 1717 visitor->trace(m_blobLoader); | 1718 visitor->trace(m_blobLoader); |
| 1718 XMLHttpRequestEventTarget::trace(visitor); | 1719 XMLHttpRequestEventTarget::trace(visitor); |
| 1719 DocumentParserClient::trace(visitor); | 1720 DocumentParserClient::trace(visitor); |
| 1720 ActiveDOMObject::trace(visitor); | 1721 ActiveDOMObject::trace(visitor); |
| 1721 } | 1722 } |
| 1722 | 1723 |
| 1723 } // namespace blink | 1724 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1965013002:
Implement headers attributes in ForeignFetchResponse (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master