OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. | 2 * Copyright (C) 2009, 2012 Ericsson AB. All rights reserved. |
3 * Copyright (C) 2010 Apple Inc. All rights reserved. | 3 * Copyright (C) 2010 Apple Inc. All rights reserved. |
4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. | 4 * Copyright (C) 2011, Code Aurora Forum. All rights reserved. |
5 * | 5 * |
6 * Redistribution and use in source and binary forms, with or without | 6 * Redistribution and use in source and binary forms, with or without |
7 * modification, are permitted provided that the following conditions | 7 * modification, are permitted provided that the following conditions |
8 * are met: | 8 * are met: |
9 * | 9 * |
10 * 1. Redistributions of source code must retain the above copyright | 10 * 1. Redistributions of source code must retain the above copyright |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
92 } | 92 } |
93 | 93 |
94 KURL fullURL = context->completeURL(url); | 94 KURL fullURL = context->completeURL(url); |
95 if (!fullURL.isValid()) { | 95 if (!fullURL.isValid()) { |
96 exceptionState.throwDOMException( | 96 exceptionState.throwDOMException( |
97 SyntaxError, | 97 SyntaxError, |
98 "Cannot open an EventSource to '" + url + "'. The URL is invalid."); | 98 "Cannot open an EventSource to '" + url + "'. The URL is invalid."); |
99 return nullptr; | 99 return nullptr; |
100 } | 100 } |
101 | 101 |
102 // FIXME: Convert this to check the isolated world's Content Security Policy | |
103 // once webkit.org/b/104520 is solved. | |
104 if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && | |
105 !context->contentSecurityPolicy()->allowConnectToSource(fullURL)) { | |
106 // We can safely expose the URL to JavaScript, as this exception is generate | |
107 // synchronously before any redirects take place. | |
108 exceptionState.throwSecurityError( | |
109 "Refused to connect to '" + fullURL.elidedString() + | |
110 "' because it violates the document's Content Security Policy."); | |
111 return nullptr; | |
112 } | |
113 | |
114 EventSource* source = new EventSource(context, fullURL, eventSourceInit); | 102 EventSource* source = new EventSource(context, fullURL, eventSourceInit); |
115 | 103 |
116 source->scheduleInitialConnect(); | 104 source->scheduleInitialConnect(); |
117 return source; | 105 return source; |
118 } | 106 } |
119 | 107 |
120 EventSource::~EventSource() { | 108 EventSource::~EventSource() { |
121 DCHECK_EQ(kClosed, m_state); | 109 DCHECK_EQ(kClosed, m_state); |
122 DCHECK(!m_loader); | 110 DCHECK(!m_loader); |
123 } | 111 } |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
316 DCHECK_EQ(kOpen, m_state); | 304 DCHECK_EQ(kOpen, m_state); |
317 DCHECK(m_loader); | 305 DCHECK(m_loader); |
318 | 306 |
319 networkRequestEnded(); | 307 networkRequestEnded(); |
320 } | 308 } |
321 | 309 |
322 void EventSource::didFail(const ResourceError& error) { | 310 void EventSource::didFail(const ResourceError& error) { |
323 DCHECK_NE(kClosed, m_state); | 311 DCHECK_NE(kClosed, m_state); |
324 DCHECK(m_loader); | 312 DCHECK(m_loader); |
325 | 313 |
| 314 if (error.isAccessCheck()) { |
| 315 didFailAccessControlCheck(error); |
| 316 return; |
| 317 } |
| 318 |
326 if (error.isCancellation()) | 319 if (error.isCancellation()) |
327 m_state = kClosed; | 320 m_state = kClosed; |
328 networkRequestEnded(); | 321 networkRequestEnded(); |
329 } | 322 } |
330 | 323 |
331 void EventSource::didFailAccessControlCheck(const ResourceError& error) { | 324 void EventSource::didFailAccessControlCheck(const ResourceError& error) { |
332 DCHECK(m_loader); | 325 DCHECK(m_loader); |
333 | 326 |
334 String message = "EventSource cannot load " + error.failingURL() + ". " + | 327 String message = "EventSource cannot load " + error.failingURL() + ". " + |
335 error.localizedDescription(); | 328 error.localizedDescription(); |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
382 | 375 |
383 DEFINE_TRACE(EventSource) { | 376 DEFINE_TRACE(EventSource) { |
384 visitor->trace(m_parser); | 377 visitor->trace(m_parser); |
385 visitor->trace(m_loader); | 378 visitor->trace(m_loader); |
386 EventTargetWithInlineData::trace(visitor); | 379 EventTargetWithInlineData::trace(visitor); |
387 ContextLifecycleObserver::trace(visitor); | 380 ContextLifecycleObserver::trace(visitor); |
388 EventSourceParser::Client::trace(visitor); | 381 EventSourceParser::Client::trace(visitor); |
389 } | 382 } |
390 | 383 |
391 } // namespace blink | 384 } // namespace blink |
OLD | NEW |