CrossOriginAccessControl: separate access checks and error message generation

third_party/WebKit/Source/core/fetch/CrossOriginAccessControl.h

 /*
  * Copyright (C) 2008 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
@@ skipping 30 matching lines @@
 
 struct ResourceLoaderOptions;
 class ResourceRequest;
 class ResourceResponse;
 class SecurityOrigin;
 
 class CrossOriginAccessControl {
   STATIC_ONLY(CrossOriginAccessControl);
 
  public:
-  // Given the new request URL, returns true if
+  // Enumerating the error conditions that the CORS
+  // access control check can report, including success.
+  //
+  // See |checkAccess()| and |accessControlErrorString()| which respectively
+  // produce and consume these error values, for precise meaning.
+  enum AccessStatus {
+    kAccessAllowed,
+    kInvalidResponse,
+    kAllowOriginMismatch,
+    kSubOriginMismatch,
+    kWildcardOriginNotAllowed,
+    kMissingAllowOriginHeader,
+    kMultipleAllowOriginValues,
+    kInvalidAllowOriginValue,
+    kDisallowCredentialsNotSetToTrue,
+  };
+
+  // Enumerating the error conditions that CORS preflight
+  // can report, including success.
+  //
+  // See |checkPreflight()| methods and |preflightErrorString()| which
+  // respectively produce and consume these error values, for precise meaning.
+  enum PreflightStatus {
+    kPreflightSuccess,
+    kPreflightInvalidStatus,
+    // "Access-Control-Allow-External:"
+    // ( https://wicg.github.io/cors-rfc1918/#headers ) specific error
+    // conditions:
+    kPreflightMissingAllowExternal,
+    kPreflightInvalidAllowExternal,
+  };
+
+  // Enumerating the error conditions that CORS redirect target URL
+  // checks can report, including success.
+  //
+  // See |checkRedirectLocation()| methods and |redirectErrorString()| which
+  // respectively produce and consume these error values, for precise meaning.
+  enum RedirectStatus {
+    kRedirectSuccess,
+    kRedirectDisallowedScheme,
+    kRedirectContainsCredentials,
+  };
+
+  // Perform a CORS access check on the response. Returns |kAccessAllowed| if
+  // access is allowed. Use |accessControlErrorString()| to construct a
+  // user-friendly error message for any of the other (error) conditions.
+  static AccessStatus checkAccess(const ResourceResponse&,
+                                  StoredCredentials,
+                                  const SecurityOrigin*);
+
+  // Perform the required CORS checks on the response to a preflight request.
+  // Returns |kPreflightSuccess| if preflight response was successful.
+  // Use |preflightErrorString()| to construct a user-friendly error message
+  // for any of the other (error) conditions.
+  static PreflightStatus checkPreflight(const ResourceResponse&);
+
+  // Error checking for the currently experimental
+  // "Access-Control-Allow-External:" header. Shares error conditions with
+  // standard preflight checking.
+  static PreflightStatus checkExternalPreflight(const ResourceResponse&);
+
+  // Given a redirected-to URL, check if the location is allowed
+  // according to CORS. That is:
   // - the URL has a CORS supported scheme and
   // - the URL does not contain the userinfo production.
-  static bool isLegalRedirectLocation(const KURL&, String& errorDescription);
+  //
+  // Returns |kRedirectSuccess| in all other cases. Use
+  // |redirectErrorString()| to construct a user-friendly error
+  // message for any of the error conditions.
+  static RedirectStatus checkRedirectLocation(const KURL&);
+
   static bool handleRedirect(PassRefPtr<SecurityOrigin>,
                              ResourceRequest&,
                              const ResourceResponse&,
                              StoredCredentials,
                              ResourceLoaderOptions&,
                              String&);
+
+  // Stringify errors from CORS access checks, preflight or redirect checks.
+  static void accessControlErrorString(StringBuilder&,
+                                       AccessStatus,
+                                       const ResourceResponse&,
+                                       const SecurityOrigin*,
+                                       WebURLRequest::RequestContext);
+  static void preflightErrorString(StringBuilder&,
+                                   PreflightStatus,
+                                   const ResourceResponse&);
+  static void redirectErrorString(StringBuilder&, RedirectStatus, const KURL&);
 };
 
+// TODO: also migrate these into the above static class.
 CORE_EXPORT bool isOnAccessControlResponseHeaderWhitelist(const String&);
 
 CORE_EXPORT ResourceRequest
 createAccessControlPreflightRequest(const ResourceRequest&,
                                     const SecurityOrigin*);
 
-bool passesAccessControlCheck(const ResourceResponse&,
-                              StoredCredentials,
-                              const SecurityOrigin*,
-                              String& errorDescription,
-                              WebURLRequest::RequestContext requestType);
-bool passesPreflightStatusCheck(const ResourceResponse&,
-                                String& errorDescription);
-bool passesExternalPreflightCheck(const ResourceResponse&,
-                                  String& errorDescription);
 CORE_EXPORT void parseAccessControlExposeHeadersAllowList(
     const String& headerValue,
     HTTPHeaderSet&);
 CORE_EXPORT void extractCorsExposedHeaderNamesList(const ResourceResponse&,
                                                    HTTPHeaderSet&);
 
 }  // namespace blink
 
 #endif  // CrossOriginAccessControl_h