third_party/WebKit/Source/core/loader/FrameFetchContext.cpp - Issue 2343053002: Service worker bypass for resource requests from suborigins

Side by Side Diff: third_party/WebKit/Source/core/loader/FrameFetchContext.cpp

Issue 2343053002: Service worker bypass for resource requests from suborigins (Closed)

Patch Set: Nits from falken@ Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« third_party/WebKit/LayoutTests/http/tests/security/suborigins/suborigin-service-worker-no-xorigin-caching.html ('K') | « third_party/WebKit/Source/core/fetch/ResourceFetcher.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2013 Google Inc. All rights reserved.	2 * Copyright (C) 2013 Google Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions are	5 * modification, are permitted provided that the following conditions are

6 * met:	6 * met:

7 *	7 *

8 * * Redistributions of source code must retain the above copyright	8 * * Redistributions of source code must retain the above copyright

9 * notice, this list of conditions and the following disclaimer.	9 * notice, this list of conditions and the following disclaimer.

10 * * Redistributions in binary form must reproduce the above	10 * * Redistributions in binary form must reproduce the above

(...skipping 576 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
587 DocumentLoader* documentLoader = masterDocumentLoader();	587 DocumentLoader* documentLoader = masterDocumentLoader();

588 if (documentLoader && documentLoader->subresourceFilter() && type != Resourc e::MainResource && type != Resource::ImportResource && !documentLoader->subresou rceFilter()->allowLoad(url, resourceRequest.requestContext()))	588 if (documentLoader && documentLoader->subresourceFilter() && type != Resourc e::MainResource && type != Resource::ImportResource && !documentLoader->subresou rceFilter()->allowLoad(url, resourceRequest.requestContext()))

589 return ResourceRequestBlockedReasonSubresourceFilter;	589 return ResourceRequestBlockedReasonSubresourceFilter;

590	590

591 return ResourceRequestBlockedReasonNone;	591 return ResourceRequestBlockedReasonNone;

592 }	592 }

593	593

594 bool FrameFetchContext::isControlledByServiceWorker() const	594 bool FrameFetchContext::isControlledByServiceWorker() const

595 {	595 {

596 ASSERT(m_documentLoader \|\| frame()->loader().documentLoader());	596 ASSERT(m_documentLoader \|\| frame()->loader().documentLoader());

	597

	598 if (getSecurityOrigin() && getSecurityOrigin()->hasSuborigin())

	599 return false;
	falken 2016/09/20 04:52:52 OK the rationale for allowing .controller makes se OK the rationale for allowing .controller makes sense. But it's not obvious to me why we need this code, I'd naively expect the setSkipServiceWorker() call to do everything. Was this needed for the mem cache thing? Can you add a brief comment about that? jww 2016/09/20 17:52:26 Yes, it was needed for the mem cache bit. Otherwis Show quoted text On 2016/09/20 04:52:52, falken wrote: > OK the rationale for allowing .controller makes sense. But it's not obvious to > me why we need this code, I'd naively expect the setSkipServiceWorker() call to > do everything. Was this needed for the mem cache thing? Can you add a brief > comment about that? Yes, it was needed for the mem cache bit. Otherwise, when the mem cache ID is reached for, if this returns true, it will set the mem cache id to be that of the service worker controller (and thus return any resources cached by the service worker, which is bad since we want to bypass the service worker for suborigins). See ResourceFetcher::getCacheIdentifier() to see where this occurs. Adding a comment to clarify all of this.
	600

597 if (m_documentLoader)	601 if (m_documentLoader)

598 return frame()->loader().client()->isControlledByServiceWorker(*m_docume ntLoader);	602 return frame()->loader().client()->isControlledByServiceWorker(*m_docume ntLoader);

599 // m_documentLoader is null while loading resources from an HTML import.	603 // m_documentLoader is null while loading resources from an HTML import.

600 // In such cases whether the request is controlled by ServiceWorker or not	604 // In such cases whether the request is controlled by ServiceWorker or not

601 // is determined by the document loader of the frame.	605 // is determined by the document loader of the frame.

602 return frame()->loader().client()->isControlledByServiceWorker(*frame()->loa der().documentLoader());	606 return frame()->loader().client()->isControlledByServiceWorker(*frame()->loa der().documentLoader());

603 }	607 }

604	608

605 int64_t FrameFetchContext::serviceWorkerID() const	609 int64_t FrameFetchContext::serviceWorkerID() const

606 {	610 {

(...skipping 192 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
799 }	803 }

800	804

801 DEFINE_TRACE(FrameFetchContext)	805 DEFINE_TRACE(FrameFetchContext)

802 {	806 {

803 visitor->trace(m_document);	807 visitor->trace(m_document);

804 visitor->trace(m_documentLoader);	808 visitor->trace(m_documentLoader);

805 FetchContext::trace(visitor);	809 FetchContext::trace(visitor);

806 }	810 }

807	811

808 } // namespace blink	812 } // namespace blink

OLD	NEW