OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
63 #include "core/timing/DOMWindowPerformance.h" | 63 #include "core/timing/DOMWindowPerformance.h" |
64 #include "core/timing/Performance.h" | 64 #include "core/timing/Performance.h" |
65 #include "platform/Logging.h" | 65 #include "platform/Logging.h" |
66 #include "platform/TracedValue.h" | 66 #include "platform/TracedValue.h" |
67 #include "platform/mhtml/MHTMLArchive.h" | 67 #include "platform/mhtml/MHTMLArchive.h" |
68 #include "platform/network/ResourceLoadPriority.h" | 68 #include "platform/network/ResourceLoadPriority.h" |
69 #include "platform/network/ResourceTimingInfo.h" | 69 #include "platform/network/ResourceTimingInfo.h" |
70 #include "platform/weborigin/SchemeRegistry.h" | 70 #include "platform/weborigin/SchemeRegistry.h" |
71 #include "platform/weborigin/SecurityPolicy.h" | 71 #include "platform/weborigin/SecurityPolicy.h" |
72 #include "public/platform/WebCachePolicy.h" | 72 #include "public/platform/WebCachePolicy.h" |
| 73 #include "public/platform/WebDocumentSubresourceFilter.h" |
73 #include "public/platform/WebFrameScheduler.h" | 74 #include "public/platform/WebFrameScheduler.h" |
74 | 75 |
75 #include <algorithm> | 76 #include <algorithm> |
76 | 77 |
77 namespace blink { | 78 namespace blink { |
78 | 79 |
79 namespace { | 80 namespace { |
80 | 81 |
81 bool shouldDisallowFetchForMainFrameScript(const ResourceRequest& request, Fetch
Request::DeferOption defer, const Document& document) | 82 bool shouldDisallowFetchForMainFrameScript(const ResourceRequest& request, Fetch
Request::DeferOption defer, const Document& document) |
82 { | 83 { |
(...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
552 // ('http://user:password@...') resources embedded as subresources. in the h
opes that we can | 553 // ('http://user:password@...') resources embedded as subresources. in the h
opes that we can |
553 // block them at some point in the future. | 554 // block them at some point in the future. |
554 if (resourceRequest.frameType() != WebURLRequest::FrameTypeTopLevel) { | 555 if (resourceRequest.frameType() != WebURLRequest::FrameTypeTopLevel) { |
555 ASSERT(frame()->document()); | 556 ASSERT(frame()->document()); |
556 if (SchemeRegistry::shouldTreatURLSchemeAsLegacy(url.protocol()) && !Sch
emeRegistry::shouldTreatURLSchemeAsLegacy(frame()->document()->getSecurityOrigin
()->protocol())) | 557 if (SchemeRegistry::shouldTreatURLSchemeAsLegacy(url.protocol()) && !Sch
emeRegistry::shouldTreatURLSchemeAsLegacy(frame()->document()->getSecurityOrigin
()->protocol())) |
557 UseCounter::count(frame()->document(), UseCounter::LegacyProtocolEmb
eddedAsSubresource); | 558 UseCounter::count(frame()->document(), UseCounter::LegacyProtocolEmb
eddedAsSubresource); |
558 if (!url.user().isEmpty() || !url.pass().isEmpty()) | 559 if (!url.user().isEmpty() || !url.pass().isEmpty()) |
559 UseCounter::count(frame()->document(), UseCounter::RequestedSubresou
rceWithEmbeddedCredentials); | 560 UseCounter::count(frame()->document(), UseCounter::RequestedSubresou
rceWithEmbeddedCredentials); |
560 } | 561 } |
561 | 562 |
562 // Last of all, check for mixed content. We do this last so that when | 563 // Check for mixed content. We do this second-to-last so that when folks blo
ck |
563 // folks block mixed content with a CSP policy, they don't get a warning. | 564 // mixed content with a CSP policy, they don't get a warning. They'll still |
564 // They'll still get a warning in the console about CSP blocking the load. | 565 // get a warning in the console about CSP blocking the load. |
565 MixedContentChecker::ReportingStatus mixedContentReporting = forPreload ? | 566 MixedContentChecker::ReportingStatus mixedContentReporting = forPreload ? |
566 MixedContentChecker::SuppressReport : MixedContentChecker::SendReport; | 567 MixedContentChecker::SuppressReport : MixedContentChecker::SendReport; |
567 if (MixedContentChecker::shouldBlockFetch(frame(), resourceRequest, url, mix
edContentReporting)) | 568 if (MixedContentChecker::shouldBlockFetch(frame(), resourceRequest, url, mix
edContentReporting)) |
568 return ResourceRequestBlockedReasonMixedContent; | 569 return ResourceRequestBlockedReasonMixedContent; |
569 | 570 |
| 571 // Let the client have the final say into whether or not the load should pro
ceed. |
| 572 DocumentLoader* documentLoader = masterDocumentLoader(); |
| 573 if (documentLoader && documentLoader->subresourceFilter() && type != Resourc
e::MainResource && type != Resource::ImportResource && !documentLoader->subresou
rceFilter()->allowLoad(url, resourceRequest.requestContext())) |
| 574 return ResourceRequestBlockedReasonSubresourceFilter; |
| 575 |
570 return ResourceRequestBlockedReasonNone; | 576 return ResourceRequestBlockedReasonNone; |
571 } | 577 } |
572 | 578 |
573 bool FrameFetchContext::isControlledByServiceWorker() const | 579 bool FrameFetchContext::isControlledByServiceWorker() const |
574 { | 580 { |
575 ASSERT(m_documentLoader || frame()->loader().documentLoader()); | 581 ASSERT(m_documentLoader || frame()->loader().documentLoader()); |
576 if (m_documentLoader) | 582 if (m_documentLoader) |
577 return frame()->loader().client()->isControlledByServiceWorker(*m_docume
ntLoader); | 583 return frame()->loader().client()->isControlledByServiceWorker(*m_docume
ntLoader); |
578 // m_documentLoader is null while loading resources from an HTML import. | 584 // m_documentLoader is null while loading resources from an HTML import. |
579 // In such cases whether the request is controlled by ServiceWorker or not | 585 // In such cases whether the request is controlled by ServiceWorker or not |
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
757 } | 763 } |
758 | 764 |
759 DEFINE_TRACE(FrameFetchContext) | 765 DEFINE_TRACE(FrameFetchContext) |
760 { | 766 { |
761 visitor->trace(m_document); | 767 visitor->trace(m_document); |
762 visitor->trace(m_documentLoader); | 768 visitor->trace(m_documentLoader); |
763 FetchContext::trace(visitor); | 769 FetchContext::trace(visitor); |
764 } | 770 } |
765 | 771 |
766 } // namespace blink | 772 } // namespace blink |
OLD | NEW |