Expose and check origin of request in response for foreign fetch.

third_party/WebKit/Source/modules/fetch/FetchResponseData.cpp

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "modules/fetch/FetchResponseData.h"
 
 #include "bindings/core/v8/ScriptState.h"
 #include "core/dom/DOMArrayBuffer.h"
 #include "core/fetch/CrossOriginAccessControl.h"
 #include "core/fetch/FetchUtils.h"
@@ skipping 49 matching lines @@
     return new FetchResponseData(ErrorType, 0, "");
 }
 
 FetchResponseData* FetchResponseData::createWithBuffer(BodyStreamBuffer* buffer)
 {
     FetchResponseData* response = FetchResponseData::create();
     response->m_buffer = buffer;
     return response;
 }
 
-FetchResponseData* FetchResponseData::createBasicFilteredResponse()
+FetchResponseData* FetchResponseData::createBasicFilteredResponse() const
 {
+    DCHECK_EQ(m_type, DefaultType);
     // "A basic filtered response is a filtered response whose type is |basic|,
     // header list excludes any headers in internal response's header list whose
     // name is `Set-Cookie` or `Set-Cookie2`."
     FetchResponseData* response = new FetchResponseData(BasicType, m_status, m_statusMessage);
     response->m_url = m_url;
     for (size_t i = 0; i < m_headerList->size(); ++i) {
         const FetchHeaderList::Header* header = m_headerList->list()[i].get();
         if (FetchUtils::isForbiddenResponseHeaderName(header->first))
             continue;
         response->m_headerList->append(header->first, header->second);
     }
     response->m_buffer = m_buffer;
     response->m_mimeType = m_mimeType;
-    response->m_internalResponse = this;
+    response->m_internalResponse = const_cast<FetchResponseData*>(this);
     return response;
 }
 
-FetchResponseData* FetchResponseData::createCORSFilteredResponse()
+FetchResponseData* FetchResponseData::createCORSFilteredResponse() const
 {
+    DCHECK_EQ(m_type, DefaultType);
     // "A CORS filtered response is a filtered response whose type is |CORS|,
     // header list excludes all headers in internal response's header list,
     // except those whose name is either one of `Cache-Control`,
     // `Content-Language`, `Content-Type`, `Expires`, `Last-Modified`, and
     // `Pragma`, and except those whose name is one of the values resulting from
     // parsing `Access-Control-Expose-Headers` in internal response's header
     // list."
     FetchResponseData* response = new FetchResponseData(CORSType, m_status, m_statusMessage);
     response->m_url = m_url;
     HTTPHeaderSet accessControlExposeHeaderSet;
     String accessControlExposeHeaders;
     if (m_headerList->get("access-control-expose-headers", accessControlExposeHeaders))
         parseAccessControlExposeHeadersAllowList(accessControlExposeHeaders, accessControlExposeHeaderSet);
     for (size_t i = 0; i < m_headerList->size(); ++i) {
         const FetchHeaderList::Header* header = m_headerList->list()[i].get();
         const String& name = header->first;
         if (isOnAccessControlResponseHeaderWhitelist(name) || (accessControlExposeHeaderSet.contains(name) && !FetchUtils::isForbiddenResponseHeaderName(name)))
             response->m_headerList->append(name, header->second);
     }
     response->m_buffer = m_buffer;
     response->m_mimeType = m_mimeType;
-    response->m_internalResponse = this;
+    response->m_internalResponse = const_cast<FetchResponseData*>(this);
     return response;
 }
 
-FetchResponseData* FetchResponseData::createOpaqueFilteredResponse()
+FetchResponseData* FetchResponseData::createOpaqueFilteredResponse() const
 {
+    DCHECK_EQ(m_type, DefaultType);
     // "An opaque filtered response is a filtered response whose type is
     // 'opaque', url list is the empty list, status is 0, status message is the
     // empty byte sequence, header list is the empty list, body is null, and
     // cache state is 'none'."
     //
     // https://fetch.spec.whatwg.org/#concept-filtered-response-opaque
     FetchResponseData* response = new FetchResponseData(OpaqueType, 0, "");
-    response->m_internalResponse = this;
+    response->m_internalResponse = const_cast<FetchResponseData*>(this);
     return response;
 }
 
-FetchResponseData* FetchResponseData::createOpaqueRedirectFilteredResponse()
+FetchResponseData* FetchResponseData::createOpaqueRedirectFilteredResponse() const
 {
+    DCHECK_EQ(m_type, DefaultType);
     // "An opaque filtered response is a filtered response whose type is
     // 'opaqueredirect', status is 0, status message is the empty byte sequence,
     // header list is the empty list, body is null, and cache state is 'none'."
     //
     // https://fetch.spec.whatwg.org/#concept-filtered-response-opaque-redirect
     FetchResponseData* response = new FetchResponseData(OpaqueRedirectType, 0, "");
     response->m_url = m_url;
-    response->m_internalResponse = this;
+    response->m_internalResponse = const_cast<FetchResponseData*>(this);
     return response;
 }
 
 String FetchResponseData::mimeType() const
 {
     return m_mimeType;
 }
 
 BodyStreamBuffer* FetchResponseData::internalBuffer() const
 {
@@ skipping 105 matching lines @@
 }
 
 DEFINE_TRACE(FetchResponseData)
 {
     visitor->trace(m_headerList);
     visitor->trace(m_internalResponse);
     visitor->trace(m_buffer);
 }
 
 } // namespace blink