OLD | NEW |
| (Empty) |
1 /* | |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | |
3 * | |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions are | |
6 * met: | |
7 * | |
8 * * Redistributions of source code must retain the above copyright | |
9 * notice, this list of conditions and the following disclaimer. | |
10 * * Redistributions in binary form must reproduce the above | |
11 * copyright notice, this list of conditions and the following disclaimer | |
12 * in the documentation and/or other materials provided with the | |
13 * distribution. | |
14 * * Neither the name of Google Inc. nor the names of its | |
15 * contributors may be used to endorse or promote products derived from | |
16 * this software without specific prior written permission. | |
17 * | |
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
29 */ | |
30 | |
31 #ifndef ResourceLoaderOptions_h | |
32 #define ResourceLoaderOptions_h | |
33 | |
34 #include "core/fetch/FetchInitiatorInfo.h" | |
35 #include "core/fetch/IntegrityMetadata.h" | |
36 #include "platform/CrossThreadCopier.h" | |
37 #include "platform/weborigin/SecurityOrigin.h" | |
38 #include "wtf/Allocator.h" | |
39 | |
40 namespace blink { | |
41 | |
42 enum DataBufferingPolicy { BufferData, DoNotBufferData }; | |
43 | |
44 enum ContentSecurityPolicyDisposition { | |
45 CheckContentSecurityPolicy, | |
46 DoNotCheckContentSecurityPolicy | |
47 }; | |
48 | |
49 enum RequestInitiatorContext { | |
50 DocumentContext, | |
51 WorkerContext, | |
52 }; | |
53 | |
54 enum StoredCredentials { AllowStoredCredentials, DoNotAllowStoredCredentials }; | |
55 | |
56 // APIs like XMLHttpRequest and EventSource let the user decide whether to send | |
57 // credentials, but they're always sent for same-origin requests. Additional | |
58 // information is needed to handle cross-origin redirects correctly. | |
59 enum CredentialRequest { | |
60 ClientRequestedCredentials, | |
61 ClientDidNotRequestCredentials | |
62 }; | |
63 | |
64 enum SynchronousPolicy { RequestSynchronously, RequestAsynchronously }; | |
65 | |
66 // A resource fetch can be marked as being CORS enabled. The loader must perform | |
67 // an access check upon seeing the response. | |
68 enum CORSEnabled { NotCORSEnabled, IsCORSEnabled }; | |
69 | |
70 // Was the request generated from a "parser-inserted" element? | |
71 // https://html.spec.whatwg.org/multipage/scripting.html#parser-inserted | |
72 enum ParserDisposition { ParserInserted, NotParserInserted }; | |
73 | |
74 enum CacheAwareLoadingEnabled { | |
75 NotCacheAwareLoadingEnabled, | |
76 IsCacheAwareLoadingEnabled | |
77 }; | |
78 | |
79 struct ResourceLoaderOptions { | |
80 USING_FAST_MALLOC(ResourceLoaderOptions); | |
81 | |
82 public: | |
83 ResourceLoaderOptions() | |
84 : dataBufferingPolicy(BufferData), | |
85 allowCredentials(DoNotAllowStoredCredentials), | |
86 credentialsRequested(ClientDidNotRequestCredentials), | |
87 contentSecurityPolicyOption(CheckContentSecurityPolicy), | |
88 requestInitiatorContext(DocumentContext), | |
89 synchronousPolicy(RequestAsynchronously), | |
90 corsEnabled(NotCORSEnabled), | |
91 parserDisposition(ParserInserted), | |
92 cacheAwareLoadingEnabled(NotCacheAwareLoadingEnabled) {} | |
93 | |
94 ResourceLoaderOptions( | |
95 DataBufferingPolicy dataBufferingPolicy, | |
96 StoredCredentials allowCredentials, | |
97 CredentialRequest credentialsRequested, | |
98 ContentSecurityPolicyDisposition contentSecurityPolicyOption, | |
99 RequestInitiatorContext requestInitiatorContext) | |
100 : dataBufferingPolicy(dataBufferingPolicy), | |
101 allowCredentials(allowCredentials), | |
102 credentialsRequested(credentialsRequested), | |
103 contentSecurityPolicyOption(contentSecurityPolicyOption), | |
104 requestInitiatorContext(requestInitiatorContext), | |
105 synchronousPolicy(RequestAsynchronously), | |
106 corsEnabled(NotCORSEnabled), | |
107 parserDisposition(ParserInserted), | |
108 cacheAwareLoadingEnabled(NotCacheAwareLoadingEnabled) {} | |
109 | |
110 // Answers the question "can a separate request with these different options | |
111 // be re-used" (e.g. preload request) The safe (but possibly slow) answer is | |
112 // always false. | |
113 bool canReuseRequest(const ResourceLoaderOptions& other) const { | |
114 // dataBufferingPolicy differences are believed to be safe for re-use. | |
115 // FIXME: check allowCredentials. | |
116 // FIXME: check credentialsRequested. | |
117 // FIXME: check contentSecurityPolicyOption. | |
118 // initiatorInfo is purely informational and should be benign for re-use. | |
119 // requestInitiatorContext is benign (indicates document vs. worker) | |
120 if (synchronousPolicy != other.synchronousPolicy) | |
121 return false; | |
122 return corsEnabled == other.corsEnabled; | |
123 // securityOrigin has more complicated checks which callers are responsible | |
124 // for. | |
125 } | |
126 | |
127 // When adding members, CrossThreadResourceLoaderOptionsData should be | |
128 // updated. | |
129 DataBufferingPolicy dataBufferingPolicy; | |
130 | |
131 // Whether HTTP credentials and cookies are sent with the request. | |
132 StoredCredentials allowCredentials; | |
133 | |
134 // Whether the client (e.g. XHR) wanted credentials in the first place. | |
135 CredentialRequest credentialsRequested; | |
136 | |
137 ContentSecurityPolicyDisposition contentSecurityPolicyOption; | |
138 FetchInitiatorInfo initiatorInfo; | |
139 RequestInitiatorContext requestInitiatorContext; | |
140 SynchronousPolicy synchronousPolicy; | |
141 | |
142 // If the resource is loaded out-of-origin, whether or not to use CORS. | |
143 CORSEnabled corsEnabled; | |
144 | |
145 RefPtr<SecurityOrigin> securityOrigin; | |
146 String contentSecurityPolicyNonce; | |
147 IntegrityMetadataSet integrityMetadata; | |
148 ParserDisposition parserDisposition; | |
149 CacheAwareLoadingEnabled cacheAwareLoadingEnabled; | |
150 }; | |
151 | |
152 // Encode AtomicString (in FetchInitiatorInfo) as String to cross threads. | |
153 struct CrossThreadResourceLoaderOptionsData { | |
154 DISALLOW_NEW(); | |
155 explicit CrossThreadResourceLoaderOptionsData( | |
156 const ResourceLoaderOptions& options) | |
157 : dataBufferingPolicy(options.dataBufferingPolicy), | |
158 allowCredentials(options.allowCredentials), | |
159 credentialsRequested(options.credentialsRequested), | |
160 contentSecurityPolicyOption(options.contentSecurityPolicyOption), | |
161 initiatorInfo(options.initiatorInfo), | |
162 requestInitiatorContext(options.requestInitiatorContext), | |
163 synchronousPolicy(options.synchronousPolicy), | |
164 corsEnabled(options.corsEnabled), | |
165 securityOrigin(options.securityOrigin | |
166 ? options.securityOrigin->isolatedCopy() | |
167 : nullptr), | |
168 contentSecurityPolicyNonce(options.contentSecurityPolicyNonce), | |
169 integrityMetadata(options.integrityMetadata), | |
170 parserDisposition(options.parserDisposition), | |
171 cacheAwareLoadingEnabled(options.cacheAwareLoadingEnabled) {} | |
172 | |
173 operator ResourceLoaderOptions() const { | |
174 ResourceLoaderOptions options; | |
175 options.dataBufferingPolicy = dataBufferingPolicy; | |
176 options.allowCredentials = allowCredentials; | |
177 options.credentialsRequested = credentialsRequested; | |
178 options.contentSecurityPolicyOption = contentSecurityPolicyOption; | |
179 options.initiatorInfo = initiatorInfo; | |
180 options.requestInitiatorContext = requestInitiatorContext; | |
181 options.synchronousPolicy = synchronousPolicy; | |
182 options.corsEnabled = corsEnabled; | |
183 options.securityOrigin = securityOrigin; | |
184 options.contentSecurityPolicyNonce = contentSecurityPolicyNonce; | |
185 options.integrityMetadata = integrityMetadata; | |
186 options.parserDisposition = parserDisposition; | |
187 options.cacheAwareLoadingEnabled = cacheAwareLoadingEnabled; | |
188 return options; | |
189 } | |
190 | |
191 DataBufferingPolicy dataBufferingPolicy; | |
192 StoredCredentials allowCredentials; | |
193 CredentialRequest credentialsRequested; | |
194 ContentSecurityPolicyDisposition contentSecurityPolicyOption; | |
195 CrossThreadFetchInitiatorInfoData initiatorInfo; | |
196 RequestInitiatorContext requestInitiatorContext; | |
197 SynchronousPolicy synchronousPolicy; | |
198 CORSEnabled corsEnabled; | |
199 RefPtr<SecurityOrigin> securityOrigin; | |
200 String contentSecurityPolicyNonce; | |
201 IntegrityMetadataSet integrityMetadata; | |
202 ParserDisposition parserDisposition; | |
203 CacheAwareLoadingEnabled cacheAwareLoadingEnabled; | |
204 }; | |
205 | |
206 template <> | |
207 struct CrossThreadCopier<ResourceLoaderOptions> { | |
208 using Type = CrossThreadResourceLoaderOptionsData; | |
209 static Type copy(const ResourceLoaderOptions& options) { | |
210 return CrossThreadResourceLoaderOptionsData(options); | |
211 } | |
212 }; | |
213 | |
214 } // namespace blink | |
215 | |
216 #endif // ResourceLoaderOptions_h | |
OLD | NEW |