Chromium Code Reviews Chromium Code Reviews
Issue 2616323002:
CrossOriginAccessControl: separate access checks and error message generation (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 30 matching lines...) Expand all Loading... | |
| 41 | 41 |
| 42 struct ResourceLoaderOptions; | 42 struct ResourceLoaderOptions; |
| 43 class ResourceRequest; | 43 class ResourceRequest; |
| 44 class ResourceResponse; | 44 class ResourceResponse; |
| 45 class SecurityOrigin; | 45 class SecurityOrigin; |
| 46 | 46 |
| 47 class CrossOriginAccessControl { | 47 class CrossOriginAccessControl { |
| 48 STATIC_ONLY(CrossOriginAccessControl); | 48 STATIC_ONLY(CrossOriginAccessControl); |
| 49 | 49 |
| 50 public: | 50 public: |
| 51 // Given the new request URL, returns true if | 51 // Enumerating the error conditions that the CORS |
| 52 // access control check can report, including success. | |
| 53 // | |
| 54 // See |checkAccess()| and |accessControlErrorString()| which respectively | |
| 55 // produce and consume these error values, for precise meaning. | |
| 56 enum AccessStatus { | |
| 57 kAccessAllowed, | |
| 58 kInvalidResponse, | |
| 59 kAllowOriginMismatch, | |
| 60 kSubOriginMismatch, | |
| 61 kWildcardOriginNotAllowed, | |
| 62 kMissingAllowOriginHeader, | |
| 63 kMultipleAllowOriginValues, | |
| 64 kInvalidAllowOriginValue, | |
| 65 kDisallowCredentialsNotSetToTrue, | |
| 66 }; | |
| 67 | |
| 68 // Enumerating the error conditions that CORS preflight | |
| 69 // can report, including success. | |
| 70 // | |
| 71 // See |checkPreflight()| methods and |preflightErrorString()| which | |
| 72 // respectively produce and consume these error values, for precise meaning. | |
| 73 enum PreflightStatus { | |
| 74 kPreflightSuccess, | |
| 75 kPreflightInvalidStatus, | |
| 76 // Experimental Access-Control-Allow-External error conditions: | |
|
Mike West
2017/01/09 09:02:22
Nit: Can you add a link to https://wicg.github.io/
sof
2017/01/09 09:36:49
Makes sense, added.
| |
| 77 kPreflightMissingAllowExternal, | |
| 78 kPreflightInvalidAllowExternal, | |
| 79 }; | |
| 80 | |
| 81 // Enumerating the error conditions that CORS redirect target URL | |
| 82 // checks can report, including success. | |
| 83 // | |
| 84 // See |checkRedirectLocation()| methods and |redirectErrorString()| which | |
| 85 // respectively produce and consume these error values, for precise meaning. | |
| 86 enum RedirectStatus { | |
| 87 kRedirectSuccess, | |
| 88 kRedirectDisallowedScheme, | |
| 89 kRedirectContainsCredentials, | |
| 90 }; | |
| 91 | |
| 92 // Perform a CORS access check on the response. Returns |kAccessAllowed| if | |
| 93 // access is allowed. Use |accessControlErrorString()| to construct a | |
| 94 // user-friendly error message for any of the other (error) conditions. | |
| 95 static AccessStatus checkAccess(const ResourceResponse&, | |
| 96 StoredCredentials, | |
| 97 const SecurityOrigin*); | |
| 98 | |
| 99 // Perform the required CORS checks on the response to a preflight request. | |
| 100 // Returns |kPreflightSuccess| if preflight response was successful. | |
| 101 // Use |preflightErrorString()| to construct a user-friendly error message | |
| 102 // for any of the other (error) conditions. | |
| 103 static PreflightStatus checkPreflight(const ResourceResponse&); | |
| 104 | |
| 105 // Error checking for the currently experimental | |
| 106 // Access-Control-Allow-External: | |
| 107 // header. Shares error conditions with standard preflight. | |
| 108 static PreflightStatus checkExternalPreflight(const ResourceResponse&); | |
| 109 | |
| 110 // Given a redirected-to URL, check if the location is allowed | |
| 111 // according to CORS. That is, | |
|
Mike West
2017/01/09 09:02:22
Nit: s/,/:/?
sof
2017/01/09 09:36:49
Done.
| |
| 52 // - the URL has a CORS supported scheme and | 112 // - the URL has a CORS supported scheme and |
| 53 // - the URL does not contain the userinfo production. | 113 // - the URL does not contain the userinfo production. |
| 54 static bool isLegalRedirectLocation(const KURL&, String& errorDescription); | 114 // |
| 115 // Returns |kRedirectSuccess| in all other cases. Use | |
| 116 // |redirectErrorString()| to construct a user-friendly error | |
| 117 // message for any of the error conditions. | |
| 118 static RedirectStatus checkRedirectLocation(const KURL&); | |
| 119 | |
| 55 static bool handleRedirect(PassRefPtr<SecurityOrigin>, | 120 static bool handleRedirect(PassRefPtr<SecurityOrigin>, |
| 56 ResourceRequest&, | 121 ResourceRequest&, |
| 57 const ResourceResponse&, | 122 const ResourceResponse&, |
| 58 StoredCredentials, | 123 StoredCredentials, |
| 59 ResourceLoaderOptions&, | 124 ResourceLoaderOptions&, |
| 60 String&); | 125 String&); |
| 126 | |
| 127 // Stringify errors from CORS access checks, preflight or | |
| 128 // redirect checks. | |
| 129 | |
|
Mike West
2017/01/09 09:02:22
Nit: Remove the newline?
sof
2017/01/09 09:36:49
Done.
| |
| 130 static void accessControlErrorString(StringBuilder&, | |
| 131 AccessStatus, | |
| 132 const ResourceResponse&, | |
| 133 const SecurityOrigin*, | |
| 134 WebURLRequest::RequestContext); | |
| 135 static void preflightErrorString(StringBuilder&, | |
| 136 PreflightStatus, | |
| 137 const ResourceResponse&); | |
| 138 static void redirectErrorString(StringBuilder&, RedirectStatus, const KURL&); | |
| 61 }; | 139 }; |
| 62 | 140 |
| 141 // TODO: also migrate these into the above static class. | |
| 63 CORE_EXPORT bool isOnAccessControlResponseHeaderWhitelist(const String&); | 142 CORE_EXPORT bool isOnAccessControlResponseHeaderWhitelist(const String&); |
| 64 | 143 |
| 65 CORE_EXPORT ResourceRequest | 144 CORE_EXPORT ResourceRequest |
| 66 createAccessControlPreflightRequest(const ResourceRequest&, | 145 createAccessControlPreflightRequest(const ResourceRequest&, |
| 67 const SecurityOrigin*); | 146 const SecurityOrigin*); |
| 68 | 147 |
| 69 bool passesAccessControlCheck(const ResourceResponse&, | |
| 70 StoredCredentials, | |
| 71 const SecurityOrigin*, | |
| 72 String& errorDescription, | |
| 73 WebURLRequest::RequestContext requestType); | |
| 74 bool passesPreflightStatusCheck(const ResourceResponse&, | |
| 75 String& errorDescription); | |
| 76 bool passesExternalPreflightCheck(const ResourceResponse&, | |
| 77 String& errorDescription); | |
| 78 CORE_EXPORT void parseAccessControlExposeHeadersAllowList( | 148 CORE_EXPORT void parseAccessControlExposeHeadersAllowList( |
| 79 const String& headerValue, | 149 const String& headerValue, |
| 80 HTTPHeaderSet&); | 150 HTTPHeaderSet&); |
| 81 CORE_EXPORT void extractCorsExposedHeaderNamesList(const ResourceResponse&, | 151 CORE_EXPORT void extractCorsExposedHeaderNamesList(const ResourceResponse&, |
| 82 HTTPHeaderSet&); | 152 HTTPHeaderSet&); |
| 83 | 153 |
| 84 } // namespace blink | 154 } // namespace blink |
| 85 | 155 |
| 86 #endif // CrossOriginAccessControl_h | 156 #endif // CrossOriginAccessControl_h |
| OLD | NEW |
