OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
7 * met: | 7 * met: |
8 * | 8 * |
9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
46 #include "core/loader/FrameLoader.h" | 46 #include "core/loader/FrameLoader.h" |
47 #include "core/loader/ThreadableLoaderClient.h" | 47 #include "core/loader/ThreadableLoaderClient.h" |
48 #include "platform/SharedBuffer.h" | 48 #include "platform/SharedBuffer.h" |
49 #include "platform/network/ResourceRequest.h" | 49 #include "platform/network/ResourceRequest.h" |
50 #include "platform/weborigin/SchemeRegistry.h" | 50 #include "platform/weborigin/SchemeRegistry.h" |
51 #include "platform/weborigin/SecurityOrigin.h" | 51 #include "platform/weborigin/SecurityOrigin.h" |
52 #include "wtf/Assertions.h" | 52 #include "wtf/Assertions.h" |
53 | 53 |
54 namespace WebCore { | 54 namespace WebCore { |
55 | 55 |
56 void DocumentThreadableLoader::loadResourceSynchronously(Document& document, con
st ResourceRequest& request, ThreadableLoaderClient& client, const ThreadableLoa
derOptions& options) | 56 void DocumentThreadableLoader::loadResourceSynchronously(Document& document, con
st ResourceRequest& request, ThreadableLoaderClient& client, const ThreadableLoa
derOptions& options, const ResourceLoaderOptions& resourceLoaderOptions) |
57 { | 57 { |
58 // The loader will be deleted as soon as this function exits. | 58 // The loader will be deleted as soon as this function exits. |
59 RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoa
der(document, &client, LoadSynchronously, request, options)); | 59 RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoa
der(document, &client, LoadSynchronously, request, options, resourceLoaderOption
s)); |
60 ASSERT(loader->hasOneRef()); | 60 ASSERT(loader->hasOneRef()); |
61 } | 61 } |
62 | 62 |
63 PassRefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document&
document, ThreadableLoaderClient* client, const ResourceRequest& request, const
ThreadableLoaderOptions& options) | 63 PassRefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document&
document, ThreadableLoaderClient* client, const ResourceRequest& request, const
ThreadableLoaderOptions& options, const ResourceLoaderOptions& resourceLoaderOpt
ions) |
64 { | 64 { |
65 RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoa
der(document, client, LoadAsynchronously, request, options)); | 65 RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoa
der(document, client, LoadAsynchronously, request, options, resourceLoaderOption
s)); |
66 if (!loader->resource()) | 66 if (!loader->resource()) |
67 loader = nullptr; | 67 loader = nullptr; |
68 return loader.release(); | 68 return loader.release(); |
69 } | 69 } |
70 | 70 |
71 DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
eLoaderClient* client, BlockingBehavior blockingBehavior, const ResourceRequest&
request, const ThreadableLoaderOptions& options) | 71 DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
eLoaderClient* client, BlockingBehavior blockingBehavior, const ResourceRequest&
request, const ThreadableLoaderOptions& options, const ResourceLoaderOptions& r
esourceLoaderOptions) |
72 : m_client(client) | 72 : m_client(client) |
73 , m_document(document) | 73 , m_document(document) |
74 , m_options(options) | 74 , m_options(options) |
| 75 , m_resourceLoaderOptions(resourceLoaderOptions) |
| 76 , m_allowCredentials(m_resourceLoaderOptions.allowCredentials) |
| 77 , m_securityOrigin(m_resourceLoaderOptions.securityOrigin) |
75 , m_sameOriginRequest(securityOrigin()->canRequest(request.url())) | 78 , m_sameOriginRequest(securityOrigin()->canRequest(request.url())) |
76 , m_simpleRequest(true) | 79 , m_simpleRequest(true) |
77 , m_async(blockingBehavior == LoadAsynchronously) | 80 , m_async(blockingBehavior == LoadAsynchronously) |
78 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) | 81 , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout) |
79 { | 82 { |
80 ASSERT(client); | 83 ASSERT(client); |
81 // Setting an outgoing referer is only supported in the async code path. | 84 // Setting an outgoing referer is only supported in the async code path. |
82 ASSERT(m_async || request.httpReferrer().isEmpty()); | 85 ASSERT(m_async || request.httpReferrer().isEmpty()); |
83 | 86 |
84 // Save any CORS simple headers on the request here. If this request redirec
ts cross-origin, we cancel the old request | 87 // Save any CORS simple headers on the request here. If this request redirec
ts cross-origin, we cancel the old request |
(...skipping 23 matching lines...) Expand all Loading... |
108 ASSERT(m_options.crossOriginRequestPolicy == UseAccessControl); | 111 ASSERT(m_options.crossOriginRequestPolicy == UseAccessControl); |
109 | 112 |
110 if ((m_options.preflightPolicy == ConsiderPreflight && isSimpleCrossOriginAc
cessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.pref
lightPolicy == PreventPreflight) { | 113 if ((m_options.preflightPolicy == ConsiderPreflight && isSimpleCrossOriginAc
cessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.pref
lightPolicy == PreventPreflight) { |
111 // Cross-origin requests are only allowed for HTTP and registered scheme
s. We would catch this when checking response headers later, but there is no rea
son to send a request that's guaranteed to be denied. | 114 // Cross-origin requests are only allowed for HTTP and registered scheme
s. We would catch this when checking response headers later, but there is no rea
son to send a request that's guaranteed to be denied. |
112 if (!SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(request.url().pro
tocol())) { | 115 if (!SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(request.url().pro
tocol())) { |
113 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn
ternal, 0, request.url().string(), "Cross origin requests are only supported for
HTTP.")); | 116 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn
ternal, 0, request.url().string(), "Cross origin requests are only supported for
HTTP.")); |
114 return; | 117 return; |
115 } | 118 } |
116 | 119 |
117 ResourceRequest crossOriginRequest(request); | 120 ResourceRequest crossOriginRequest(request); |
118 updateRequestForAccessControl(crossOriginRequest, securityOrigin(), m_op
tions.allowCredentials); | 121 updateRequestForAccessControl(crossOriginRequest, securityOrigin(), m_al
lowCredentials); |
119 loadRequest(crossOriginRequest); | 122 loadRequest(crossOriginRequest); |
120 } else { | 123 } else { |
121 m_simpleRequest = false; | 124 m_simpleRequest = false; |
122 | 125 |
123 OwnPtr<ResourceRequest> crossOriginRequest = adoptPtr(new ResourceReques
t(request)); | 126 OwnPtr<ResourceRequest> crossOriginRequest = adoptPtr(new ResourceReques
t(request)); |
124 // Do not set the Origin header for preflight requests. | 127 // Do not set the Origin header for preflight requests. |
125 updateRequestForAccessControl(*crossOriginRequest, 0, m_options.allowCre
dentials); | 128 updateRequestForAccessControl(*crossOriginRequest, 0, m_allowCredentials
); |
126 m_actualRequest = crossOriginRequest.release(); | 129 m_actualRequest = crossOriginRequest.release(); |
127 | 130 |
128 if (CrossOriginPreflightResultCache::shared().canSkipPreflight(securityO
rigin()->toString(), m_actualRequest->url(), m_options.allowCredentials, m_actua
lRequest->httpMethod(), m_actualRequest->httpHeaderFields())) { | 131 if (CrossOriginPreflightResultCache::shared().canSkipPreflight(securityO
rigin()->toString(), m_actualRequest->url(), m_allowCredentials, m_actualRequest
->httpMethod(), m_actualRequest->httpHeaderFields())) { |
129 loadActualRequest(); | 132 loadActualRequest(); |
130 } else { | 133 } else { |
131 ResourceRequest preflightRequest = createAccessControlPreflightReque
st(*m_actualRequest, securityOrigin()); | 134 ResourceRequest preflightRequest = createAccessControlPreflightReque
st(*m_actualRequest, securityOrigin()); |
132 loadRequest(preflightRequest); | 135 loadRequest(preflightRequest); |
133 } | 136 } |
134 } | 137 } |
135 } | 138 } |
136 | 139 |
137 DocumentThreadableLoader::~DocumentThreadableLoader() | 140 DocumentThreadableLoader::~DocumentThreadableLoader() |
138 { | 141 { |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
191 // original request was not same-origin. | 194 // original request was not same-origin. |
192 if (m_options.crossOriginRequestPolicy == UseAccessControl) { | 195 if (m_options.crossOriginRequestPolicy == UseAccessControl) { |
193 | 196 |
194 InspectorInstrumentation::didReceiveCORSRedirectResponse(m_document.fram
e(), resource->identifier(), m_document.frame()->loader().documentLoader(), redi
rectResponse, 0); | 197 InspectorInstrumentation::didReceiveCORSRedirectResponse(m_document.fram
e(), resource->identifier(), m_document.frame()->loader().documentLoader(), redi
rectResponse, 0); |
195 | 198 |
196 bool allowRedirect = false; | 199 bool allowRedirect = false; |
197 String accessControlErrorDescription; | 200 String accessControlErrorDescription; |
198 | 201 |
199 if (m_simpleRequest) { | 202 if (m_simpleRequest) { |
200 allowRedirect = CrossOriginAccessControl::isLegalRedirectLocation(re
quest.url(), accessControlErrorDescription) | 203 allowRedirect = CrossOriginAccessControl::isLegalRedirectLocation(re
quest.url(), accessControlErrorDescription) |
201 && (m_sameOriginRequest || passesAccessControlCheck(
redirectResponse, m_options.allowCredentials, securityOrigin(), accessControlErr
orDescription)); | 204 && (m_sameOriginRequest || passesAccessControlCheck(redirectResp
onse, m_allowCredentials, securityOrigin(), accessControlErrorDescription)); |
202 } else { | 205 } else { |
203 accessControlErrorDescription = "The request was redirected to '"+ r
equest.url().string() + "', which is disallowed for cross-origin requests that r
equire preflight."; | 206 accessControlErrorDescription = "The request was redirected to '"+ r
equest.url().string() + "', which is disallowed for cross-origin requests that r
equire preflight."; |
204 } | 207 } |
205 | 208 |
206 if (allowRedirect) { | 209 if (allowRedirect) { |
207 // FIXME: consider combining this with CORS redirect handling perfor
med by | 210 // FIXME: consider combining this with CORS redirect handling perfor
med by |
208 // CrossOriginAccessControl::handleRedirect(). | 211 // CrossOriginAccessControl::handleRedirect(). |
209 clearResource(); | 212 clearResource(); |
210 | 213 |
211 RefPtr<SecurityOrigin> originalOrigin = SecurityOrigin::create(redir
ectResponse.url()); | 214 RefPtr<SecurityOrigin> originalOrigin = SecurityOrigin::create(redir
ectResponse.url()); |
212 RefPtr<SecurityOrigin> requestOrigin = SecurityOrigin::create(reques
t.url()); | 215 RefPtr<SecurityOrigin> requestOrigin = SecurityOrigin::create(reques
t.url()); |
213 // If the original request wasn't same-origin, then if the request U
RL origin is not same origin with the original URL origin, | 216 // If the original request wasn't same-origin, then if the request U
RL origin is not same origin with the original URL origin, |
214 // set the source origin to a globally unique identifier. (If the or
iginal request was same-origin, the origin of the new request | 217 // set the source origin to a globally unique identifier. (If the or
iginal request was same-origin, the origin of the new request |
215 // should be the original URL origin.) | 218 // should be the original URL origin.) |
216 if (!m_sameOriginRequest && !originalOrigin->isSameSchemeHostPort(re
questOrigin.get())) | 219 if (!m_sameOriginRequest && !originalOrigin->isSameSchemeHostPort(re
questOrigin.get())) |
217 m_options.securityOrigin = SecurityOrigin::createUnique(); | 220 m_securityOrigin = SecurityOrigin::createUnique(); |
218 // Force any subsequent requests to use these checks. | 221 // Force any subsequent requests to use these checks. |
219 m_sameOriginRequest = false; | 222 m_sameOriginRequest = false; |
220 | 223 |
221 // Since the request is no longer same-origin, if the user didn't re
quest credentials in | 224 // Since the request is no longer same-origin, if the user didn't re
quest credentials in |
222 // the first place, update our state so we neither request them nor
expect they must be allowed. | 225 // the first place, update our state so we neither request them nor
expect they must be allowed. |
223 if (m_options.credentialsRequested == ClientDidNotRequestCredentials
) | 226 if (m_resourceLoaderOptions.credentialsRequested == ClientDidNotRequ
estCredentials) |
224 m_options.allowCredentials = DoNotAllowStoredCredentials; | 227 m_allowCredentials = DoNotAllowStoredCredentials; |
225 | 228 |
226 // Remove any headers that may have been added by the network layer
that cause access control to fail. | 229 // Remove any headers that may have been added by the network layer
that cause access control to fail. |
227 request.clearHTTPReferrer(); | 230 request.clearHTTPReferrer(); |
228 request.clearHTTPOrigin(); | 231 request.clearHTTPOrigin(); |
229 request.clearHTTPUserAgent(); | 232 request.clearHTTPUserAgent(); |
230 // Add any CORS simple request headers which we previously saved fro
m the original request. | 233 // Add any CORS simple request headers which we previously saved fro
m the original request. |
231 HTTPHeaderMap::const_iterator end = m_simpleRequestHeaders.end(); | 234 HTTPHeaderMap::const_iterator end = m_simpleRequestHeaders.end(); |
232 for (HTTPHeaderMap::const_iterator it = m_simpleRequestHeaders.begin
(); it != end; ++it) { | 235 for (HTTPHeaderMap::const_iterator it = m_simpleRequestHeaders.begin
(); it != end; ++it) { |
233 request.setHTTPHeaderField(it->key, it->value); | 236 request.setHTTPHeaderField(it->key, it->value); |
234 } | 237 } |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
272 // cause the underlying ResourceLoader to be cancelled before it tells the i
nspector about the response. | 275 // cause the underlying ResourceLoader to be cancelled before it tells the i
nspector about the response. |
273 // In that case, if we don't tell the inspector about the response now, the
resource type in the inspector | 276 // In that case, if we don't tell the inspector about the response now, the
resource type in the inspector |
274 // will default to "other" instead of something more descriptive. | 277 // will default to "other" instead of something more descriptive. |
275 DocumentLoader* loader = m_document.frame()->loader().documentLoader(); | 278 DocumentLoader* loader = m_document.frame()->loader().documentLoader(); |
276 TRACE_EVENT_INSTANT1(TRACE_DISABLED_BY_DEFAULT("devtools.timeline"), "Resour
ceReceiveResponse", "data", InspectorReceiveResponseEvent::data(identifier, m_do
cument.frame(), response)); | 279 TRACE_EVENT_INSTANT1(TRACE_DISABLED_BY_DEFAULT("devtools.timeline"), "Resour
ceReceiveResponse", "data", InspectorReceiveResponseEvent::data(identifier, m_do
cument.frame(), response)); |
277 // FIXME(361045): remove InspectorInstrumentation calls once DevTools Timeli
ne migrates to tracing. | 280 // FIXME(361045): remove InspectorInstrumentation calls once DevTools Timeli
ne migrates to tracing. |
278 InspectorInstrumentation::didReceiveResourceResponse(m_document.frame(), ide
ntifier, loader, response, resource() ? resource()->loader() : 0); | 281 InspectorInstrumentation::didReceiveResourceResponse(m_document.frame(), ide
ntifier, loader, response, resource() ? resource()->loader() : 0); |
279 | 282 |
280 String accessControlErrorDescription; | 283 String accessControlErrorDescription; |
281 | 284 |
282 if (!passesAccessControlCheck(response, m_options.allowCredentials, security
Origin(), accessControlErrorDescription)) { | 285 if (!passesAccessControlCheck(response, m_allowCredentials, securityOrigin()
, accessControlErrorDescription)) { |
283 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); | 286 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); |
284 return; | 287 return; |
285 } | 288 } |
286 | 289 |
287 if (!passesPreflightStatusCheck(response, accessControlErrorDescription)) { | 290 if (!passesPreflightStatusCheck(response, accessControlErrorDescription)) { |
288 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); | 291 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); |
289 return; | 292 return; |
290 } | 293 } |
291 | 294 |
292 OwnPtr<CrossOriginPreflightResultCacheItem> preflightResult = adoptPtr(new C
rossOriginPreflightResultCacheItem(m_options.allowCredentials)); | 295 OwnPtr<CrossOriginPreflightResultCacheItem> preflightResult = adoptPtr(new C
rossOriginPreflightResultCacheItem(m_allowCredentials)); |
293 if (!preflightResult->parse(response, accessControlErrorDescription) | 296 if (!preflightResult->parse(response, accessControlErrorDescription) |
294 || !preflightResult->allowsCrossOriginMethod(m_actualRequest->httpMethod
(), accessControlErrorDescription) | 297 || !preflightResult->allowsCrossOriginMethod(m_actualRequest->httpMethod
(), accessControlErrorDescription) |
295 || !preflightResult->allowsCrossOriginHeaders(m_actualRequest->httpHeade
rFields(), accessControlErrorDescription)) { | 298 || !preflightResult->allowsCrossOriginHeaders(m_actualRequest->httpHeade
rFields(), accessControlErrorDescription)) { |
296 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); | 299 handlePreflightFailure(response.url().string(), accessControlErrorDescri
ption); |
297 return; | 300 return; |
298 } | 301 } |
299 | 302 |
300 CrossOriginPreflightResultCache::shared().appendEntry(securityOrigin()->toSt
ring(), m_actualRequest->url(), preflightResult.release()); | 303 CrossOriginPreflightResultCache::shared().appendEntry(securityOrigin()->toSt
ring(), m_actualRequest->url(), preflightResult.release()); |
301 } | 304 } |
302 | 305 |
303 void DocumentThreadableLoader::handleResponse(unsigned long identifier, const Re
sourceResponse& response) | 306 void DocumentThreadableLoader::handleResponse(unsigned long identifier, const Re
sourceResponse& response) |
304 { | 307 { |
305 ASSERT(m_client); | 308 ASSERT(m_client); |
306 | 309 |
307 if (m_actualRequest) { | 310 if (m_actualRequest) { |
308 handlePreflightResponse(identifier, response); | 311 handlePreflightResponse(identifier, response); |
309 return; | 312 return; |
310 } | 313 } |
311 | 314 |
312 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == UseAccessC
ontrol) { | 315 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == UseAccessC
ontrol) { |
313 String accessControlErrorDescription; | 316 String accessControlErrorDescription; |
314 if (!passesAccessControlCheck(response, m_options.allowCredentials, secu
rityOrigin(), accessControlErrorDescription)) { | 317 if (!passesAccessControlCheck(response, m_allowCredentials, securityOrig
in(), accessControlErrorDescription)) { |
315 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn
ternal, 0, response.url().string(), accessControlErrorDescription)); | 318 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn
ternal, 0, response.url().string(), accessControlErrorDescription)); |
316 return; | 319 return; |
317 } | 320 } |
318 } | 321 } |
319 | 322 |
320 m_client->didReceiveResponse(identifier, response); | 323 m_client->didReceiveResponse(identifier, response); |
321 } | 324 } |
322 | 325 |
323 void DocumentThreadableLoader::dataReceived(Resource* resource, const char* data
, int dataLength) | 326 void DocumentThreadableLoader::dataReceived(Resource* resource, const char* data
, int dataLength) |
324 { | 327 { |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
391 m_client->didFailAccessControlCheck(error); | 394 m_client->didFailAccessControlCheck(error); |
392 } | 395 } |
393 | 396 |
394 void DocumentThreadableLoader::loadRequest(const ResourceRequest& request) | 397 void DocumentThreadableLoader::loadRequest(const ResourceRequest& request) |
395 { | 398 { |
396 // Any credential should have been removed from the cross-site requests. | 399 // Any credential should have been removed from the cross-site requests. |
397 const KURL& requestURL = request.url(); | 400 const KURL& requestURL = request.url(); |
398 ASSERT(m_sameOriginRequest || requestURL.user().isEmpty()); | 401 ASSERT(m_sameOriginRequest || requestURL.user().isEmpty()); |
399 ASSERT(m_sameOriginRequest || requestURL.pass().isEmpty()); | 402 ASSERT(m_sameOriginRequest || requestURL.pass().isEmpty()); |
400 | 403 |
401 ThreadableLoaderOptions options = m_options; | 404 ResourceLoaderOptions resourceLoaderOptions = m_resourceLoaderOptions; |
| 405 // Update resourceLoaderOptions with enforced values. |
| 406 resourceLoaderOptions.allowCredentials = m_allowCredentials; |
| 407 resourceLoaderOptions.securityOrigin = m_securityOrigin; |
402 if (m_async) { | 408 if (m_async) { |
403 if (m_actualRequest) { | 409 if (m_actualRequest) { |
404 options.sniffContent = DoNotSniffContent; | 410 resourceLoaderOptions.sniffContent = DoNotSniffContent; |
405 options.dataBufferingPolicy = BufferData; | 411 resourceLoaderOptions.dataBufferingPolicy = BufferData; |
406 } | 412 } |
407 | 413 |
408 if (m_options.timeoutMilliseconds > 0) | 414 if (m_options.timeoutMilliseconds > 0) |
409 m_timeoutTimer.startOneShot(m_options.timeoutMilliseconds / 1000.0,
FROM_HERE); | 415 m_timeoutTimer.startOneShot(m_options.timeoutMilliseconds / 1000.0,
FROM_HERE); |
410 | 416 |
411 FetchRequest newRequest(request, m_options.initiator, options); | 417 FetchRequest newRequest(request, m_options.initiator, resourceLoaderOpti
ons); |
412 ASSERT(!resource()); | 418 ASSERT(!resource()); |
413 if (request.targetType() == ResourceRequest::TargetIsMedia) | 419 if (request.targetType() == ResourceRequest::TargetIsMedia) |
414 setResource(m_document.fetcher()->fetchMedia(newRequest)); | 420 setResource(m_document.fetcher()->fetchMedia(newRequest)); |
415 else | 421 else |
416 setResource(m_document.fetcher()->fetchRawResource(newRequest)); | 422 setResource(m_document.fetcher()->fetchRawResource(newRequest)); |
417 if (resource() && resource()->loader()) { | 423 if (resource() && resource()->loader()) { |
418 unsigned long identifier = resource()->identifier(); | 424 unsigned long identifier = resource()->identifier(); |
419 InspectorInstrumentation::documentThreadableLoaderStartedLoadingForC
lient(&m_document, identifier, m_client); | 425 InspectorInstrumentation::documentThreadableLoaderStartedLoadingForC
lient(&m_document, identifier, m_client); |
420 } | 426 } |
421 return; | 427 return; |
422 } | 428 } |
423 | 429 |
424 FetchRequest fetchRequest(request, m_options.initiator, options); | 430 FetchRequest fetchRequest(request, m_options.initiator, resourceLoaderOption
s); |
425 ResourcePtr<Resource> resource = m_document.fetcher()->fetchSynchronously(fe
tchRequest); | 431 ResourcePtr<Resource> resource = m_document.fetcher()->fetchSynchronously(fe
tchRequest); |
426 ResourceResponse response = resource ? resource->response() : ResourceRespon
se(); | 432 ResourceResponse response = resource ? resource->response() : ResourceRespon
se(); |
427 unsigned long identifier = resource ? resource->identifier() : std::numeric_
limits<unsigned long>::max(); | 433 unsigned long identifier = resource ? resource->identifier() : std::numeric_
limits<unsigned long>::max(); |
428 ResourceError error = resource ? resource->resourceError() : ResourceError()
; | 434 ResourceError error = resource ? resource->resourceError() : ResourceError()
; |
429 | 435 |
430 InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient(&m
_document, identifier, m_client); | 436 InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient(&m
_document, identifier, m_client); |
431 | 437 |
432 if (!resource) { | 438 if (!resource) { |
433 m_client->didFail(error); | 439 m_client->didFail(error); |
434 return; | 440 return; |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
468 | 474 |
469 bool DocumentThreadableLoader::isAllowedByPolicy(const KURL& url) const | 475 bool DocumentThreadableLoader::isAllowedByPolicy(const KURL& url) const |
470 { | 476 { |
471 if (m_options.contentSecurityPolicyEnforcement != EnforceConnectSrcDirective
) | 477 if (m_options.contentSecurityPolicyEnforcement != EnforceConnectSrcDirective
) |
472 return true; | 478 return true; |
473 return m_document.contentSecurityPolicy()->allowConnectToSource(url); | 479 return m_document.contentSecurityPolicy()->allowConnectToSource(url); |
474 } | 480 } |
475 | 481 |
476 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const | 482 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const |
477 { | 483 { |
478 return m_options.securityOrigin ? m_options.securityOrigin.get() : m_documen
t.securityOrigin(); | 484 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin
(); |
479 } | 485 } |
480 | 486 |
481 } // namespace WebCore | 487 } // namespace WebCore |
OLD | NEW |