OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2006, 2007, 2010, 2011 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2010, 2011 Apple Inc. All rights reserved. |
3 * (C) 2007 Graham Dennis (graham.dennis@gmail.com) | 3 * (C) 2007 Graham Dennis (graham.dennis@gmail.com) |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
7 * are met: | 7 * are met: |
8 * | 8 * |
9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 29 matching lines...) Expand all Loading... |
40 #include "platform/network/ResourceError.h" | 40 #include "platform/network/ResourceError.h" |
41 #include "public/platform/Platform.h" | 41 #include "public/platform/Platform.h" |
42 #include "public/platform/WebCachePolicy.h" | 42 #include "public/platform/WebCachePolicy.h" |
43 #include "public/platform/WebData.h" | 43 #include "public/platform/WebData.h" |
44 #include "public/platform/WebURLError.h" | 44 #include "public/platform/WebURLError.h" |
45 #include "public/platform/WebURLRequest.h" | 45 #include "public/platform/WebURLRequest.h" |
46 #include "public/platform/WebURLResponse.h" | 46 #include "public/platform/WebURLResponse.h" |
47 #include "wtf/Assertions.h" | 47 #include "wtf/Assertions.h" |
48 #include "wtf/CurrentTime.h" | 48 #include "wtf/CurrentTime.h" |
49 #include "wtf/PtrUtil.h" | 49 #include "wtf/PtrUtil.h" |
| 50 #include "wtf/text/StringBuilder.h" |
50 #include <memory> | 51 #include <memory> |
51 | 52 |
52 namespace blink { | 53 namespace blink { |
53 | 54 |
54 ResourceLoader* ResourceLoader::create(ResourceFetcher* fetcher, | 55 ResourceLoader* ResourceLoader::create(ResourceFetcher* fetcher, |
55 Resource* resource) { | 56 Resource* resource) { |
56 return new ResourceLoader(fetcher, resource); | 57 return new ResourceLoader(fetcher, resource); |
57 } | 58 } |
58 | 59 |
59 ResourceLoader::ResourceLoader(ResourceFetcher* fetcher, Resource* resource) | 60 ResourceLoader::ResourceLoader(ResourceFetcher* fetcher, Resource* resource) |
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
272 | 273 |
273 if (sourceOrigin->canRequestNoSuborigin(response.url())) | 274 if (sourceOrigin->canRequestNoSuborigin(response.url())) |
274 return ResourceRequestBlockedReason::None; | 275 return ResourceRequestBlockedReason::None; |
275 | 276 |
276 // Use the original response instead of the 304 response for a successful | 277 // Use the original response instead of the 304 response for a successful |
277 // revaldiation. | 278 // revaldiation. |
278 const ResourceResponse& responseForAccessControl = | 279 const ResourceResponse& responseForAccessControl = |
279 (resource->isCacheValidator() && response.httpStatusCode() == 304) | 280 (resource->isCacheValidator() && response.httpStatusCode() == 304) |
280 ? resource->response() | 281 ? resource->response() |
281 : response; | 282 : response; |
282 String errorDescription; | 283 |
283 if (!passesAccessControlCheck( | 284 CrossOriginAccessControl::AccessStatus corsStatus = |
| 285 CrossOriginAccessControl::checkAccess( |
284 responseForAccessControl, resource->options().allowCredentials, | 286 responseForAccessControl, resource->options().allowCredentials, |
285 sourceOrigin, errorDescription, | 287 sourceOrigin); |
286 resource->lastResourceRequest().requestContext())) { | 288 if (corsStatus != CrossOriginAccessControl::kAccessAllowed) { |
287 resource->setCORSFailed(); | 289 resource->setCORSFailed(); |
288 if (!forPreload) { | 290 if (!forPreload) { |
289 String resourceType = Resource::resourceTypeToString( | 291 String resourceType = Resource::resourceTypeToString( |
290 resource->getType(), resource->options().initiatorInfo.name); | 292 resource->getType(), resource->options().initiatorInfo.name); |
291 context().addConsoleMessage( | 293 StringBuilder builder; |
292 "Access to " + resourceType + " at '" + response.url().getString() + | 294 builder.append("Access to "); |
293 "' from origin '" + sourceOrigin->toString() + | 295 builder.append(resourceType); |
294 "' has been blocked by CORS policy: " + errorDescription); | 296 builder.append(" at '"); |
| 297 builder.append(response.url().getString()); |
| 298 builder.append("' from origin '"); |
| 299 builder.append(sourceOrigin->toString()); |
| 300 builder.append("' has been blocked by CORS policy: "); |
| 301 CrossOriginAccessControl::accessControlErrorString( |
| 302 builder, corsStatus, responseForAccessControl, sourceOrigin, |
| 303 resource->lastResourceRequest().requestContext()); |
| 304 context().addConsoleMessage(builder.toString()); |
295 } | 305 } |
296 return ResourceRequestBlockedReason::Other; | 306 return ResourceRequestBlockedReason::Other; |
297 } | 307 } |
298 return ResourceRequestBlockedReason::None; | 308 return ResourceRequestBlockedReason::None; |
299 } | 309 } |
300 | 310 |
301 void ResourceLoader::didReceiveResponse( | 311 void ResourceLoader::didReceiveResponse( |
302 const WebURLResponse& webURLResponse, | 312 const WebURLResponse& webURLResponse, |
303 std::unique_ptr<WebDataConsumerHandle> handle) { | 313 std::unique_ptr<WebDataConsumerHandle> handle) { |
304 DCHECK(!webURLResponse.isNull()); | 314 DCHECK(!webURLResponse.isNull()); |
(...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
500 return; | 510 return; |
501 | 511 |
502 // Don't activate if cache policy is explicitly set. | 512 // Don't activate if cache policy is explicitly set. |
503 if (request.getCachePolicy() != WebCachePolicy::UseProtocolCachePolicy) | 513 if (request.getCachePolicy() != WebCachePolicy::UseProtocolCachePolicy) |
504 return; | 514 return; |
505 | 515 |
506 m_isCacheAwareLoadingActivated = true; | 516 m_isCacheAwareLoadingActivated = true; |
507 } | 517 } |
508 | 518 |
509 } // namespace blink | 519 } // namespace blink |
OLD | NEW |