[HTML Import] Respect Content Security Policy Model

Source/core/loader/cache/ResourceFetcher.cpp

 /*
     Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de)
     Copyright (C) 2001 Dirk Mueller (mueller@kde.org)
     Copyright (C) 2002 Waldo Bastian (bastian@kde.org)
     Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserved.
     Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/
 
     This library is free software; you can redistribute it and/or
     modify it under the terms of the GNU Library General Public
     License as published by the Free Software Foundation; either
@@ skipping 13 matching lines @@
     pages from the web. It has a memory cache for these objects.
 */
 
 #include "config.h"
 #include "core/loader/cache/ResourceFetcher.h"
 
 #include "bindings/v8/ScriptController.h"
 #include "core/dom/Document.h"
 #include "core/html/HTMLElement.h"
 #include "core/html/HTMLFrameOwnerElement.h"
+#include "core/html/HTMLImport.h"
 #include "core/inspector/InspectorInstrumentation.h"
 #include "core/loader/DocumentLoader.h"
 #include "core/loader/FrameLoader.h"
 #include "core/loader/FrameLoaderClient.h"
 #include "core/loader/PingLoader.h"
 #include "core/loader/UniqueIdentifier.h"
 #include "core/loader/appcache/ApplicationCacheHost.h"
 #include "core/loader/cache/CachedCSSStyleSheet.h"
 #include "core/loader/cache/CachedDocument.h"
 #include "core/loader/cache/CachedFont.h"
@@ skipping 42 matching lines @@
     case CachedResource::XSLStyleSheet:
         return new CachedXSLStyleSheet(request);
     case CachedResource::LinkPrefetch:
         return new CachedResource(request, CachedResource::LinkPrefetch);
     case CachedResource::LinkSubresource:
         return new CachedResource(request, CachedResource::LinkSubresource);
     case CachedResource::TextTrackResource:
         return new CachedTextTrack(request);
     case CachedResource::ShaderResource:
         return new CachedShader(request);
+    case CachedResource::ImportResource:
+        return new CachedRawResource(request, type);
     }
+
     ASSERT_NOT_REACHED();
     return 0;
 }
 
 static ResourceLoadPriority loadPriority(CachedResource::Type type, const FetchRequest& request)
 {
     if (request.priority() != ResourceLoadPriorityUnresolved)
         return request.priority();
 
     switch (type) {
     case CachedResource::MainResource:
         return ResourceLoadPriorityVeryHigh;
     case CachedResource::CSSStyleSheet:
         return ResourceLoadPriorityHigh;
     case CachedResource::Script:
     case CachedResource::FontResource:
     case CachedResource::RawResource:
+    case CachedResource::ImportResource:
         return ResourceLoadPriorityMedium;
     case CachedResource::ImageResource:
         return request.forPreload() ? ResourceLoadPriorityVeryLow : ResourceLoadPriorityLow;
     case CachedResource::XSLStyleSheet:
         return ResourceLoadPriorityHigh;
     case CachedResource::SVGDocumentResource:
         return ResourceLoadPriorityLow;
     case CachedResource::LinkPrefetch:
         return ResourceLoadPriorityVeryLow;
     case CachedResource::LinkSubresource:
@@ skipping 57 matching lines @@
 }
 
 CachedResource* ResourceFetcher::cachedResource(const KURL& resourceURL) const
 {
     KURL url = MemoryCache::removeFragmentIdentifierIfNeeded(resourceURL);
     return m_documentResources.get(url).get();
 }
 
 Frame* ResourceFetcher::frame() const
 {
-    return m_documentLoader ? m_documentLoader->frame() : 0;
+    if (m_documentLoader)
+        return m_documentLoader->frame();
+    if (m_document && m_document->import())
+        return m_document->import()->frame();
+    return 0;
 }
 
 CachedResourceHandle<CachedImage> ResourceFetcher::requestImage(FetchRequest& request)
 {
     if (Frame* f = frame()) {
         if (f->loader()->pageDismissalEventBeingDispatched() != FrameLoader::NoDismissal) {
             KURL requestURL = request.resourceRequest().url();
             if (requestURL.isValid() && canRequest(CachedResource::ImageResource, requestURL, request.options(), request.forPreload()))
                 PingLoader::loadImage(f, requestURL);
             return 0;
@@ skipping 27 matching lines @@
 CachedResourceHandle<CachedTextTrack> ResourceFetcher::requestTextTrack(FetchRequest& request)
 {
     return static_cast<CachedTextTrack*>(requestResource(CachedResource::TextTrackResource, request).get());
 }
 
 CachedResourceHandle<CachedShader> ResourceFetcher::requestShader(FetchRequest& request)
 {
     return static_cast<CachedShader*>(requestResource(CachedResource::ShaderResource, request).get());
 }
 
+CachedResourceHandle<CachedRawResource> ResourceFetcher::requestImport(FetchRequest& request)
+{
+    return static_cast<CachedRawResource*>(requestResource(CachedResource::ImportResource, request).get());
+}
+
 CachedResourceHandle<CachedCSSStyleSheet> ResourceFetcher::requestCSSStyleSheet(FetchRequest& request)
 {
     return static_cast<CachedCSSStyleSheet*>(requestResource(CachedResource::CSSStyleSheet, request).get());
 }
 
 CachedResourceHandle<CachedCSSStyleSheet> ResourceFetcher::requestUserCSSStyleSheet(FetchRequest& request)
 {
     KURL url = MemoryCache::removeFragmentIdentifierIfNeeded(request.resourceRequest().url());
 
     if (CachedResource* existing = memoryCache()->resourceForURL(url)) {
@@ skipping 38 matching lines @@
     return static_cast<CachedRawResource*>(requestResource(CachedResource::MainResource, request).get());
 }
 
 bool ResourceFetcher::checkInsecureContent(CachedResource::Type type, const KURL& url) const
 {
     switch (type) {
     case CachedResource::Script:
     case CachedResource::XSLStyleSheet:
     case CachedResource::SVGDocumentResource:
     case CachedResource::CSSStyleSheet:
+    case CachedResource::ImportResource:
         // These resource can inject script into the current document (Script,
         // XSL) or exfiltrate the content of the current document (CSS).
         if (Frame* f = frame()) {
             if (!f->loader()->mixedContentChecker()->canRunInsecureContent(m_document->securityOrigin(), url))
                 return false;
         }
 
         break;
     case CachedResource::TextTrackResource:
     case CachedResource::ShaderResource:
@@ skipping 36 matching lines @@
     case CachedResource::MainResource:
     case CachedResource::ImageResource:
     case CachedResource::CSSStyleSheet:
     case CachedResource::Script:
     case CachedResource::FontResource:
     case CachedResource::RawResource:
     case CachedResource::LinkPrefetch:
     case CachedResource::LinkSubresource:
     case CachedResource::TextTrackResource:
     case CachedResource::ShaderResource:
+    case CachedResource::ImportResource:
         // By default these types of resources can be loaded from any origin.
         // FIXME: Are we sure about CachedResource::FontResource?
         if (options.requestOriginPolicy == RestrictToSameOrigin && !m_document->securityOrigin()->canRequest(url)) {
             printAccessDeniedMessage(url);
             return false;
         }
         break;
     case CachedResource::SVGDocumentResource:
     case CachedResource::XSLStyleSheet:
         if (!m_document->securityOrigin()->canRequest(url)) {
             printAccessDeniedMessage(url);
             return false;
         }
         break;
     }
 
     switch (type) {
     case CachedResource::XSLStyleSheet:
         if (!shouldBypassMainWorldContentSecurityPolicy && !m_document->contentSecurityPolicy()->allowScriptFromSource(url))
             return false;
         break;
     case CachedResource::Script:
+    case CachedResource::ImportResource:
         if (!shouldBypassMainWorldContentSecurityPolicy && !m_document->contentSecurityPolicy()->allowScriptFromSource(url))
             return false;
 
         if (frame()) {
             Settings* settings = frame()->settings();
             if (!frame()->loader()->client()->allowScriptFromSource(!settings || settings->isScriptEnabled(), url)) {
                 frame()->loader()->client()->didNotAllowScript();
                 return false;
             }
         }
@@ skipping 40 matching lines @@
 
 bool ResourceFetcher::canAccess(CachedResource* resource)
 {
     // Redirects can change the response URL different from one of request.
     if (!canRequest(resource->type(), resource->response().url(), resource->options(), false))
         return false;
 
     String error;
     switch (resource->type()) {
     case CachedResource::Script:
-    case CachedResource::RawResource:
+    case CachedResource::ImportResource:
         if (resource->options().requestOriginPolicy == PotentiallyCrossOriginEnabled
             && !m_document->securityOrigin()->canRequest(resource->response().url())
             && !resource->passesAccessControlCheck(m_document->securityOrigin(), error)) {
             m_document->addConsoleMessage(JSMessageSource, ErrorMessageLevel, "Script from origin '" + SecurityOrigin::create(resource->response().url())->toString() + "' has been blocked from loading by Cross-Origin Resource Sharing policy: " + error);
             return false;
         }
 
         break;
     default:
         ASSERT_NOT_REACHED(); // FIXME: generalize to non-script resources
         return false;
     }
 
     return true;
 }
 
+bool ResourceFetcher::shouldLoadNewResource() const
+{
+    if (!frame())
+        return false;
+    if (m_documentLoader) {
+        if (m_documentLoader != frame()->loader()->activeDocumentLoader())
+            return false;
+        if (m_documentLoader->isStopping())
+            return false;
+    }
+
+    return true;
+}
+
 CachedResourceHandle<CachedResource> ResourceFetcher::requestResource(CachedResource::Type type, FetchRequest& request)
 {
     KURL url = request.resourceRequest().url();
 
     LOG(ResourceLoading, "ResourceFetcher::requestResource '%s', charset '%s', priority=%d, forPreload=%u", url.elidedString().latin1().data(), request.charset().latin1().data(), request.priority(), request.forPreload());
 
     // If only the fragment identifiers differ, it is the same resource.
     url = MemoryCache::removeFragmentIdentifierIfNeeded(url);
 
     if (!url.isValid())
@@ skipping 33 matching lines @@
 
     if (!request.forPreload() || policy != Use) {
         ResourceLoadPriority priority = loadPriority(type, request);
         if (priority != resource->resourceRequest().priority()) {
             resource->resourceRequest().setPriority(priority);
             resource->didChangePriority(priority);
         }
     }
 
     if ((policy != Use || resource->stillNeedsLoad()) && FetchRequest::NoDefer == request.defer()) {
-        if (!frame() || m_documentLoader != frame()->loader()->activeDocumentLoader() || m_documentLoader->isStopping()) {
+        if (!shouldLoadNewResource()) {
             if (resource->inCache())
                 memoryCache()->remove(resource.get());
             return 0;
         }
 
-        if (!m_documentLoader->scheduleArchiveLoad(resource.get(), request.resourceRequest()))
+        if (!m_documentLoader || !m_documentLoader->scheduleArchiveLoad(resource.get(), request.resourceRequest()))
             resource->load(this, request.options());
 
         // We don't support immediate loads, but we do support immediate failure.
         if (resource->errorOccurred()) {
             if (resource->inCache())
                 memoryCache()->remove(resource.get());
             return 0;
         }
     }
 
@@ skipping 39 matching lines @@
         targetType = ResourceRequest::TargetIsScript;
         break;
     case CachedResource::FontResource:
         targetType = ResourceRequest::TargetIsFontResource;
         break;
     case CachedResource::ImageResource:
         targetType = ResourceRequest::TargetIsImage;
         break;
     case CachedResource::ShaderResource:
     case CachedResource::RawResource:
+    case CachedResource::ImportResource:
         targetType = ResourceRequest::TargetIsSubresource;
         break;
     case CachedResource::LinkPrefetch:
         targetType = ResourceRequest::TargetIsPrefetch;
         break;
     case CachedResource::LinkSubresource:
         targetType = ResourceRequest::TargetIsSubresource;
         break;
     case CachedResource::TextTrackResource:
         targetType = ResourceRequest::TargetIsTextTrack;
@@ skipping 19 matching lines @@
         if (!m_documentLoader->overrideEncoding().isEmpty() || frameLoadType == FrameLoadTypeBackForward)
             return ReturnCacheDataElseLoad;
         if (isReload || frameLoadType == FrameLoadTypeSame || request.isConditional())
             return ReloadIgnoringCacheData;
         return UseProtocolCachePolicy;
     }
 
     if (request.isConditional())
         return ReloadIgnoringCacheData;
 
-    if (m_documentLoader->isLoadingInAPISense()) {
+    if (m_documentLoader && m_documentLoader->isLoadingInAPISense()) {
         // For POST requests, we mutate the main resource's cache policy to avoid form resubmission.
         // This policy should not be inherited by subresources.
         ResourceRequestCachePolicy mainResourceCachePolicy = m_documentLoader->request().cachePolicy();
         if (mainResourceCachePolicy == ReturnCacheDataDontLoad)
             return ReturnCacheDataElseLoad;
         return mainResourceCachePolicy;
     }
     return UseProtocolCachePolicy;
 }
 
@@ skipping 292 matching lines @@
         if (it != m_resourceTimingInfoMap.end()) {
             ASSERT(document());
             Document* initiatorDocument = document();
             if (resource->type() == CachedResource::MainResource)
                 initiatorDocument = document()->parentDocument();
             ASSERT(initiatorDocument);
             RefPtr<ResourceTimingInfo> info = it->value;
             info->setInitialRequest(resource->resourceRequest());
             info->setFinalResponse(resource->response());
             info->setLoadFinishTime(resource->loadFinishTime());
-            initiatorDocument->domWindow()->performance()->addResourceTiming(*info, initiatorDocument);
+            if (DOMWindow* initiatorWindow = initiatorDocument->domWindow())
+                initiatorWindow->performance()->addResourceTiming(*info, initiatorDocument);
             m_resourceTimingInfoMap.remove(it);
         }
     }
 
     if (frame())
         frame()->loader()->loadDone();
     performPostLoadActions();
 
     if (!m_garbageCollectDocumentResourcesTimer.isActive())
         m_garbageCollectDocumentResourcesTimer.startOneShot(0);
@@ skipping 151 matching lines @@
     m_preloads.clear();
 }
 
 void ResourceFetcher::clearPendingPreloads()
 {
     m_pendingPreloads.clear();
 }
 
 inline FrameLoader* ResourceFetcher::frameLoader()
 {
-    return frame() ? frame()->loader() : 0;
+    if (Frame* frame = this->frame())
+        return frame->loader();
+    return 0;
 }
 
 void ResourceFetcher::didFinishLoading(const CachedResource* resource, double finishTime, const ResourceLoaderOptions& options)
 {
     if (options.sendLoadCallbacks != SendCallbacks)
         return;
     if (FrameLoader* loader = frameLoader())
         loader->notifier()->dispatchDidFinishLoading(m_documentLoader, resource->identifier(), finishTime);
 }
 
@@ skipping 144 matching lines @@
 }
 #endif
 
 const ResourceLoaderOptions& ResourceFetcher::defaultCachedResourceOptions()
 {
     DEFINE_STATIC_LOCAL(ResourceLoaderOptions, options, (SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, ClientRequestedCredentials, AskClientForCrossOriginCredentials, DoSecurityCheck, CheckContentSecurityPolicy, UseDefaultOriginRestrictionsForType, DocumentContext));
     return options;
 }
 
 }