OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
6 | 6 |
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
8 | 8 |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 | 10 |
(...skipping 1483 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1494 bool allow_download = request_data.allow_download && | 1494 bool allow_download = request_data.allow_download && |
1495 IsResourceTypeFrame(request_data.resource_type); | 1495 IsResourceTypeFrame(request_data.resource_type); |
1496 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; | 1496 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; |
1497 bool is_sync_load = !!sync_result_handler; | 1497 bool is_sync_load = !!sync_result_handler; |
1498 | 1498 |
1499 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only | 1499 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only |
1500 // allow requesting them if requester has ReadRawCookies permission. | 1500 // allow requesting them if requester has ReadRawCookies permission. |
1501 ChildProcessSecurityPolicyImpl* policy = | 1501 ChildProcessSecurityPolicyImpl* policy = |
1502 ChildProcessSecurityPolicyImpl::GetInstance(); | 1502 ChildProcessSecurityPolicyImpl::GetInstance(); |
1503 bool report_raw_headers = request_data.report_raw_headers; | 1503 bool report_raw_headers = request_data.report_raw_headers; |
1504 if (report_raw_headers && !policy->CanReadRawCookies(child_id)) { | 1504 if (report_raw_headers && !policy->CanReadRawCookies(child_id) && |
| 1505 !requester_info->IsNavigationPreload()) { |
| 1506 // |report_raw_headers| of navigation preload request was copied from the |
| 1507 // the original request. So this check has already been carried out. |
1505 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? | 1508 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? |
1506 VLOG(1) << "Denied unauthorized request for raw headers"; | 1509 VLOG(1) << "Denied unauthorized request for raw headers"; |
1507 report_raw_headers = false; | 1510 report_raw_headers = false; |
1508 } | 1511 } |
1509 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); | 1512 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); |
1510 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || | 1513 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || |
1511 request_data.resource_type == RESOURCE_TYPE_FAVICON) { | 1514 request_data.resource_type == RESOURCE_TYPE_FAVICON) { |
1512 do_not_prompt_for_login = true; | 1515 do_not_prompt_for_login = true; |
1513 } | 1516 } |
1514 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && | 1517 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && |
(...skipping 1316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2831 &throttles); | 2834 &throttles); |
2832 if (!throttles.empty()) { | 2835 if (!throttles.empty()) { |
2833 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, | 2836 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, |
2834 std::move(throttles))); | 2837 std::move(throttles))); |
2835 } | 2838 } |
2836 } | 2839 } |
2837 return handler; | 2840 return handler; |
2838 } | 2841 } |
2839 | 2842 |
2840 } // namespace content | 2843 } // namespace content |
OLD | NEW |