OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
6 | 6 |
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
8 | 8 |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 | 10 |
(...skipping 1438 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1449 bool allow_download = request_data.allow_download && | 1449 bool allow_download = request_data.allow_download && |
1450 IsResourceTypeFrame(request_data.resource_type); | 1450 IsResourceTypeFrame(request_data.resource_type); |
1451 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; | 1451 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; |
1452 bool is_sync_load = !!sync_result_handler; | 1452 bool is_sync_load = !!sync_result_handler; |
1453 | 1453 |
1454 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only | 1454 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only |
1455 // allow requesting them if requester has ReadRawCookies permission. | 1455 // allow requesting them if requester has ReadRawCookies permission. |
1456 ChildProcessSecurityPolicyImpl* policy = | 1456 ChildProcessSecurityPolicyImpl* policy = |
1457 ChildProcessSecurityPolicyImpl::GetInstance(); | 1457 ChildProcessSecurityPolicyImpl::GetInstance(); |
1458 bool report_raw_headers = request_data.report_raw_headers; | 1458 bool report_raw_headers = request_data.report_raw_headers; |
1459 if (report_raw_headers && !policy->CanReadRawCookies(child_id)) { | 1459 if (report_raw_headers && !policy->CanReadRawCookies(child_id) && |
| 1460 !requester_info->IsNavigationPreload()) { |
| 1461 // For navigation preload, the child_id is -1 so CanReadRawCookies would |
| 1462 // return false. But |report_raw_headers| of the navigation preload request |
| 1463 // was copied from the original request, so this check has already been |
| 1464 // carried out. |
1460 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? | 1465 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? |
1461 VLOG(1) << "Denied unauthorized request for raw headers"; | 1466 VLOG(1) << "Denied unauthorized request for raw headers"; |
1462 report_raw_headers = false; | 1467 report_raw_headers = false; |
1463 } | 1468 } |
1464 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); | 1469 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); |
1465 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || | 1470 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || |
1466 request_data.resource_type == RESOURCE_TYPE_FAVICON) { | 1471 request_data.resource_type == RESOURCE_TYPE_FAVICON) { |
1467 do_not_prompt_for_login = true; | 1472 do_not_prompt_for_login = true; |
1468 } | 1473 } |
1469 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && | 1474 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && |
(...skipping 1318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2788 &throttles); | 2793 &throttles); |
2789 if (!throttles.empty()) { | 2794 if (!throttles.empty()) { |
2790 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, | 2795 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, |
2791 std::move(throttles))); | 2796 std::move(throttles))); |
2792 } | 2797 } |
2793 } | 2798 } |
2794 return handler; | 2799 return handler; |
2795 } | 2800 } |
2796 | 2801 |
2797 } // namespace content | 2802 } // namespace content |
OLD | NEW |