| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_vary_data.h" | 5 #include "net/http/http_vary_data.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include "base/pickle.h" | 9 #include "base/pickle.h" |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 // | 34 // |
| 35 size_t iter = 0; | 35 size_t iter = 0; |
| 36 std::string name = "vary", request_header; | 36 std::string name = "vary", request_header; |
| 37 while (response_headers.EnumerateHeader(&iter, name, &request_header)) { | 37 while (response_headers.EnumerateHeader(&iter, name, &request_header)) { |
| 38 if (request_header == "*") | 38 if (request_header == "*") |
| 39 return false; | 39 return false; |
| 40 AddField(request_info, request_header, &ctx); | 40 AddField(request_info, request_header, &ctx); |
| 41 processed_header = true; | 41 processed_header = true; |
| 42 } | 42 } |
| 43 | 43 |
| 44 // Add an implicit 'Vary: cookie' header to any redirect to avoid redirect | |
| 45 // loops which may result from redirects that are incorrectly marked as | |
| 46 // cachable by the server. Unfortunately, other browsers do not cache | |
| 47 // redirects that result from requests containing a cookie header. We are | |
| 48 // treading on untested waters here, so we want to be extra careful to make | |
| 49 // sure we do not end up with a redirect loop served from cache. | |
| 50 // | |
| 51 // If there is an explicit 'Vary: cookie' header, then we will just end up | |
| 52 // digesting the cookie header twice. Not a problem. | |
| 53 // | |
| 54 std::string location; | |
| 55 if (response_headers.IsRedirect(&location)) { | |
| 56 AddField(request_info, "cookie", &ctx); | |
| 57 processed_header = true; | |
| 58 } | |
| 59 | |
| 60 if (!processed_header) | 44 if (!processed_header) |
| 61 return false; | 45 return false; |
| 62 | 46 |
| 63 base::MD5Final(&request_digest_, &ctx); | 47 base::MD5Final(&request_digest_, &ctx); |
| 64 return is_valid_ = true; | 48 return is_valid_ = true; |
| 65 } | 49 } |
| 66 | 50 |
| 67 bool HttpVaryData::InitFromPickle(base::PickleIterator* iter) { | 51 bool HttpVaryData::InitFromPickle(base::PickleIterator* iter) { |
| 68 is_valid_ = false; | 52 is_valid_ = false; |
| 69 const char* data; | 53 const char* data; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 117 // Append a character that cannot appear in the request header line so that we | 101 // Append a character that cannot appear in the request header line so that we |
| 118 // protect against case where the concatenation of two request headers could | 102 // protect against case where the concatenation of two request headers could |
| 119 // look the same for a variety of values for the individual request headers. | 103 // look the same for a variety of values for the individual request headers. |
| 120 // For example, "foo: 12\nbar: 3" looks like "foo: 1\nbar: 23" otherwise. | 104 // For example, "foo: 12\nbar: 3" looks like "foo: 1\nbar: 23" otherwise. |
| 121 request_value.append(1, '\n'); | 105 request_value.append(1, '\n'); |
| 122 | 106 |
| 123 base::MD5Update(ctx, request_value); | 107 base::MD5Update(ctx, request_value); |
| 124 } | 108 } |
| 125 | 109 |
| 126 } // namespace net | 110 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1965833002:
Remove the implicit add of Vary: Cookie on redirected requests (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master