XMLHttpRequest: implement "send() flag" tracking and updating per spec.

third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp

 /*
  *  Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved.
  *  Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org>
  *  Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org>
  *  Copyright (C) 2008, 2011 Google Inc. All rights reserved.
  *  Copyright (C) 2012 Intel Corporation
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public
  *  License as published by the Free Software Foundation; either
@@ skipping 228 matching lines @@
       m_isolatedWorldSecurityOrigin(isolatedWorldSecurityOrigin),
       m_eventDispatchRecursionLevel(0),
       m_async(true),
       m_includeCredentials(false),
       m_parsedResponse(false),
       m_error(false),
       m_uploadEventsAllowed(true),
       m_uploadComplete(false),
       m_sameOriginRequest(true),
       m_downloadingToFile(false),
       m_responseTextOverflow(false) {}

[yhirano, 2016/11/15 02:26:08]

Please initialize the flag.

[sof, 2016/11/15 06:48:46]

oops, thanks - done.

 
 XMLHttpRequest::~XMLHttpRequest() {}
 
 Document* XMLHttpRequest::document() const {
   DCHECK(getExecutionContext()->isDocument());
   return toDocument(getExecutionContext());
 }
 
 SecurityOrigin* XMLHttpRequest::getSecurityOrigin() const {
   return m_isolatedWorldSecurityOrigin
@@ skipping 285 matching lines @@
     dispatchProgressEventFromSnapshot(EventTypeNames::load);
     dispatchProgressEventFromSnapshot(EventTypeNames::loadend);
     TRACE_EVENT_INSTANT1(TRACE_DISABLED_BY_DEFAULT("devtools.timeline"),
                          "UpdateCounters", TRACE_EVENT_SCOPE_THREAD, "data",
                          InspectorUpdateCountersEvent::data());
   }
 }
 
 void XMLHttpRequest::setWithCredentials(bool value,
                                         ExceptionState& exceptionState) {
-  if (m_state > kOpened || m_loader) {
+  if (m_state > kOpened || m_sendFlag) {
     exceptionState.throwDOMException(
         InvalidStateError,
         "The value may only be set if the object's state is UNSENT or OPENED.");
     return;
   }
 
   m_includeCredentials = value;
 }
 
 void XMLHttpRequest::open(const AtomicString& method,
@@ skipping 95 matching lines @@
           UseCounter::XMLHttpRequestSynchronousInNonWorkerOutsideBeforeUnload);
   }
 
   m_method = FetchUtils::normalizeMethod(method);
 
   m_url = url;
 
   m_async = async;
 
   DCHECK(!m_loader);
+  m_sendFlag = false;
 
   // Check previous state to avoid dispatching readyState event
   // when calling open several times in a row.
   if (previousState != kOpened)
     changeState(kOpened);
   else
     m_state = kOpened;
 }
 
 bool XMLHttpRequest::initSend(ExceptionState& exceptionState) {
   if (!getExecutionContext()) {
     handleNetworkError();
     throwForLoadFailureIfNeeded(exceptionState,
                                 "Document is already detached.");
     return false;
   }
 
-  if (m_state != kOpened || m_loader) {
+  if (m_state != kOpened || m_sendFlag) {
     exceptionState.throwDOMException(InvalidStateError,
                                      "The object's state must be OPENED.");
     return false;
   }
 
   if (!m_async) {
     v8::Isolate* isolate = v8::Isolate::GetCurrent();
     if (isolate && v8::MicrotasksScope::IsRunningMicrotasks(isolate)) {
       UseCounter::count(getExecutionContext(),
                         UseCounter::During_Microtask_SyncXHR);
@@ skipping 223 matching lines @@
     if (!m_async) {
       throwForLoadFailureIfNeeded(
           exceptionState, "'GET' is the only method allowed for 'blob:' URLs.");
     }
     return;
   }
 
   DCHECK(getExecutionContext());
   ExecutionContext& executionContext = *getExecutionContext();
 
+  m_sendFlag = true;
   // The presence of upload event listeners forces us to use preflighting
   // because POSTing to an URL that does not permit cross origin requests should
   // look exactly like POSTing to an URL that does not respond at all.
   // Also, only async requests support upload progress events.
   bool uploadEvents = false;
   if (m_async) {
     InspectorInstrumentation::asyncTaskScheduled(
         &executionContext, "XMLHttpRequest.send", this, true);
     dispatchProgressEvent(EventTypeNames::loadstart, 0, 0);
     if (httpBody && m_upload) {
@@ skipping 83 matching lines @@
   m_exceptionCode = 0;
   m_error = false;
 
   if (m_async) {
     UseCounter::count(&executionContext,
                       UseCounter::XMLHttpRequestAsynchronous);
     if (m_upload)
       request.setReportUploadProgress(true);
 
     DCHECK(!m_loader);
+    DCHECK(m_sendFlag);
     m_loader = ThreadableLoader::create(executionContext, this, options,
                                         resourceLoaderOptions);
     m_loader->start(request);
 
     return;
   }
 
   // Use count for XHR synchronous requests.
   UseCounter::count(&executionContext, UseCounter::XMLHttpRequestSynchronous);
   ThreadableLoader::loadResourceSynchronously(executionContext, request, *this,
                                               options, resourceLoaderOptions);
 
   throwForLoadFailureIfNeeded(exceptionState, String());
 }
 
 void XMLHttpRequest::abort() {
   NETWORK_DVLOG(1) << this << " abort()";
 
-  // internalAbort() clears |m_loader|. Compute |sendFlag| now.
-  //
-  // |sendFlag| corresponds to "the send() flag" defined in the XHR spec.
-  //
-  // |sendFlag| is only set when we have an active, asynchronous loader.
-  // Don't use it as "the send() flag" when the XHR is in sync mode.
-  bool sendFlag = m_loader.get();
-
   // internalAbort() clears the response. Save the data needed for
   // dispatching ProgressEvents.
   long long expectedLength = m_response.expectedContentLength();
   long long receivedLength = m_receivedLength;
 
   if (!internalAbort())
     return;
 
   // The script never gets any chance to call abort() on a sync XHR between
   // send() call and transition to the DONE state. It's because a sync XHR
   // doesn't dispatch any event between them. So, if |m_async| is false, we
   // can skip the "request error steps" (defined in the XHR spec) without any
   // state check.
   //
   // FIXME: It's possible open() is invoked in internalAbort() and |m_async|
   // becomes true by that. We should implement more reliable treatment for
   // nested method invocations at some point.
   if (m_async) {
-    if ((m_state == kOpened && sendFlag) || m_state == kHeadersReceived ||
+    if ((m_state == kOpened && m_sendFlag) || m_state == kHeadersReceived ||
         m_state == kLoading) {
       DCHECK(!m_loader);
       handleRequestError(0, EventTypeNames::abort, receivedLength,
                          expectedLength);
     }
   }
   m_state = kUnsent;
 }
 
 void XMLHttpRequest::clearVariablesForLoading() {
@@ skipping 128 matching lines @@
 
 void XMLHttpRequest::handleRequestError(ExceptionCode exceptionCode,
                                         const AtomicString& type,
                                         long long receivedLength,
                                         long long expectedLength) {
   NETWORK_DVLOG(1) << this << " handleRequestError()";
 
   InspectorInstrumentation::didFailXHRLoading(getExecutionContext(), this, this,
                                               m_method, m_url);
 
+  m_sendFlag = false;
   if (!m_async) {
     DCHECK(exceptionCode);
     m_state = kDone;
     m_exceptionCode = exceptionCode;
     return;
   }
 
   // With m_error set, the state change steps are minimal: any pending
   // progress event is flushed + a readystatechange is dispatched.
   // No new progress events dispatched; as required, that happens at
@@ skipping 26 matching lines @@
         "MimeType cannot be overridden when the state is LOADING or DONE.");
     return;
   }
 
   m_mimeTypeOverride = mimeType;
 }
 
 void XMLHttpRequest::setRequestHeader(const AtomicString& name,
                                       const AtomicString& value,
                                       ExceptionState& exceptionState) {
-  if (m_state != kOpened || m_loader) {
+  if (m_state != kOpened || m_sendFlag) {
     exceptionState.throwDOMException(InvalidStateError,
                                      "The object's state must be OPENED.");
     return;
   }
 
   if (!isValidHTTPToken(name)) {
     exceptionState.throwDOMException(
         SyntaxError, "'" + name + "' is not a valid HTTP header field name.");
     return;
   }
@@ skipping 317 matching lines @@
   if (m_loader) {
     const bool hasError = m_error;
     // Set |m_error| in order to suppress the cancel notification (see
     // XMLHttpRequest::didFail).
     m_error = true;
     m_loader->cancel();
     m_error = hasError;
     m_loader = nullptr;
   }
 
+  m_sendFlag = false;
   changeState(kDone);
 
   if (!getExecutionContext() || !getExecutionContext()->isDocument() ||
       !document() || !document()->frame() || !document()->frame()->page())
     return;
 
   if (status() >= 200 && status() < 300) {
     document()->frame()->page()->chromeClient().ajaxSucceeded(
         document()->frame());
   }
@@ skipping 219 matching lines @@
   visitor->traceWrappers(m_responseDocument);
   visitor->traceWrappers(m_responseArrayBuffer);
   XMLHttpRequestEventTarget::traceWrappers(visitor);
 }
 
 std::ostream& operator<<(std::ostream& ostream, const XMLHttpRequest* xhr) {
   return ostream << "XMLHttpRequest " << static_cast<const void*>(xhr);
 }
 
 }  // namespace blink