OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
6 | 6 |
7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
8 | 8 |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 | 10 |
(...skipping 1483 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1494 bool allow_download = request_data.allow_download && | 1494 bool allow_download = request_data.allow_download && |
1495 IsResourceTypeFrame(request_data.resource_type); | 1495 IsResourceTypeFrame(request_data.resource_type); |
1496 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; | 1496 bool do_not_prompt_for_login = request_data.do_not_prompt_for_login; |
1497 bool is_sync_load = !!sync_result_handler; | 1497 bool is_sync_load = !!sync_result_handler; |
1498 | 1498 |
1499 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only | 1499 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only |
1500 // allow requesting them if requester has ReadRawCookies permission. | 1500 // allow requesting them if requester has ReadRawCookies permission. |
1501 ChildProcessSecurityPolicyImpl* policy = | 1501 ChildProcessSecurityPolicyImpl* policy = |
1502 ChildProcessSecurityPolicyImpl::GetInstance(); | 1502 ChildProcessSecurityPolicyImpl::GetInstance(); |
1503 bool report_raw_headers = request_data.report_raw_headers; | 1503 bool report_raw_headers = request_data.report_raw_headers; |
1504 if (report_raw_headers && !policy->CanReadRawCookies(child_id) && | 1504 if (report_raw_headers && !policy->CanReadRawCookies(child_id)) { |
1505 !requester_info->IsNavigationPreload()) { | |
1506 // For navigation preload, the child_id is -1 so CanReadRawCookies would | |
1507 // return false. But |report_raw_headers| of the navigation preload request | |
1508 // was copied from the original request, so this check has already been | |
1509 // carried out. | |
1510 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? | 1505 // TODO: crbug.com/523063 can we call bad_message::ReceivedBadMessage here? |
1511 VLOG(1) << "Denied unauthorized request for raw headers"; | 1506 VLOG(1) << "Denied unauthorized request for raw headers"; |
1512 report_raw_headers = false; | 1507 report_raw_headers = false; |
1513 } | 1508 } |
1514 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); | 1509 int load_flags = BuildLoadFlagsForRequest(request_data, is_sync_load); |
1515 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || | 1510 if (request_data.resource_type == RESOURCE_TYPE_PREFETCH || |
1516 request_data.resource_type == RESOURCE_TYPE_FAVICON) { | 1511 request_data.resource_type == RESOURCE_TYPE_FAVICON) { |
1517 do_not_prompt_for_login = true; | 1512 do_not_prompt_for_login = true; |
1518 } | 1513 } |
1519 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && | 1514 if (request_data.resource_type == RESOURCE_TYPE_IMAGE && |
(...skipping 1316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2836 &throttles); | 2831 &throttles); |
2837 if (!throttles.empty()) { | 2832 if (!throttles.empty()) { |
2838 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, | 2833 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, |
2839 std::move(throttles))); | 2834 std::move(throttles))); |
2840 } | 2835 } |
2841 } | 2836 } |
2842 return handler; | 2837 return handler; |
2843 } | 2838 } |
2844 | 2839 |
2845 } // namespace content | 2840 } // namespace content |
OLD | NEW |