OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Google Inc. All rights reserved. | 2 * Copyright (C) 2010 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
54 void PingLoader::loadImage(Frame* frame, const KURL& url) | 54 void PingLoader::loadImage(Frame* frame, const KURL& url) |
55 { | 55 { |
56 if (!frame->document()->securityOrigin()->canDisplay(url)) { | 56 if (!frame->document()->securityOrigin()->canDisplay(url)) { |
57 FrameLoader::reportLocalLoadFailed(frame, url.string()); | 57 FrameLoader::reportLocalLoadFailed(frame, url.string()); |
58 return; | 58 return; |
59 } | 59 } |
60 | 60 |
61 ResourceRequest request(url); | 61 ResourceRequest request(url); |
62 request.setTargetType(ResourceRequest::TargetIsImage); | 62 request.setTargetType(ResourceRequest::TargetIsImage); |
63 request.setHTTPHeaderField("Cache-Control", "max-age=0"); | 63 request.setHTTPHeaderField("Cache-Control", "max-age=0"); |
64 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->
referrerPolicy(), request.url(), frame->loader()->outgoingReferrer()); | 64 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->
referrerPolicy(), request.url(), frame->loader().outgoingReferrer()); |
65 if (!referrer.isEmpty()) | 65 if (!referrer.isEmpty()) |
66 request.setHTTPReferrer(referrer); | 66 request.setHTTPReferrer(referrer); |
67 frame->loader()->addExtraFieldsToRequest(request); | 67 frame->loader().addExtraFieldsToRequest(request); |
68 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); | 68 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); |
69 | 69 |
70 // Leak the ping loader, since it will kill itself as soon as it receives a
response. | 70 // Leak the ping loader, since it will kill itself as soon as it receives a
response. |
71 PingLoader* leakedPingLoader = pingLoader.leakPtr(); | 71 PingLoader* leakedPingLoader = pingLoader.leakPtr(); |
72 UNUSED_PARAM(leakedPingLoader); | 72 UNUSED_PARAM(leakedPingLoader); |
73 } | 73 } |
74 | 74 |
75 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperl
ink-auditing | 75 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperl
ink-auditing |
76 void PingLoader::sendPing(Frame* frame, const KURL& pingURL, const KURL& destina
tionURL) | 76 void PingLoader::sendPing(Frame* frame, const KURL& pingURL, const KURL& destina
tionURL) |
77 { | 77 { |
78 ResourceRequest request(pingURL); | 78 ResourceRequest request(pingURL); |
79 request.setTargetType(ResourceRequest::TargetIsSubresource); | 79 request.setTargetType(ResourceRequest::TargetIsSubresource); |
80 request.setHTTPMethod("POST"); | 80 request.setHTTPMethod("POST"); |
81 request.setHTTPContentType("text/ping"); | 81 request.setHTTPContentType("text/ping"); |
82 request.setHTTPBody(FormData::create("PING")); | 82 request.setHTTPBody(FormData::create("PING")); |
83 request.setHTTPHeaderField("Cache-Control", "max-age=0"); | 83 request.setHTTPHeaderField("Cache-Control", "max-age=0"); |
84 frame->loader()->addExtraFieldsToRequest(request); | 84 frame->loader().addExtraFieldsToRequest(request); |
85 | 85 |
86 SecurityOrigin* sourceOrigin = frame->document()->securityOrigin(); | 86 SecurityOrigin* sourceOrigin = frame->document()->securityOrigin(); |
87 RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL); | 87 RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL); |
88 FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString()); | 88 FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString()); |
89 request.setHTTPHeaderField("Ping-To", destinationURL.string()); | 89 request.setHTTPHeaderField("Ping-To", destinationURL.string()); |
90 if (!SecurityPolicy::shouldHideReferrer(pingURL, frame->loader()->outgoingRe
ferrer())) { | 90 if (!SecurityPolicy::shouldHideReferrer(pingURL, frame->loader().outgoingRef
errer())) { |
91 request.setHTTPHeaderField("Ping-From", frame->document()->url().string(
)); | 91 request.setHTTPHeaderField("Ping-From", frame->document()->url().string(
)); |
92 if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get())) { | 92 if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get())) { |
93 String referrer = SecurityPolicy::generateReferrerHeader(frame->docu
ment()->referrerPolicy(), pingURL, frame->loader()->outgoingReferrer()); | 93 String referrer = SecurityPolicy::generateReferrerHeader(frame->docu
ment()->referrerPolicy(), pingURL, frame->loader().outgoingReferrer()); |
94 if (!referrer.isEmpty()) | 94 if (!referrer.isEmpty()) |
95 request.setHTTPReferrer(referrer); | 95 request.setHTTPReferrer(referrer); |
96 } | 96 } |
97 } | 97 } |
98 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); | 98 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); |
99 | 99 |
100 // Leak the ping loader, since it will kill itself as soon as it receives a
response. | 100 // Leak the ping loader, since it will kill itself as soon as it receives a
response. |
101 PingLoader* leakedPingLoader = pingLoader.leakPtr(); | 101 PingLoader* leakedPingLoader = pingLoader.leakPtr(); |
102 UNUSED_PARAM(leakedPingLoader); | 102 UNUSED_PARAM(leakedPingLoader); |
103 } | 103 } |
104 | 104 |
105 void PingLoader::sendViolationReport(Frame* frame, const KURL& reportURL, PassRe
fPtr<FormData> report, ViolationReportType type) | 105 void PingLoader::sendViolationReport(Frame* frame, const KURL& reportURL, PassRe
fPtr<FormData> report, ViolationReportType type) |
106 { | 106 { |
107 ResourceRequest request(reportURL); | 107 ResourceRequest request(reportURL); |
108 request.setTargetType(ResourceRequest::TargetIsSubresource); | 108 request.setTargetType(ResourceRequest::TargetIsSubresource); |
109 request.setHTTPMethod("POST"); | 109 request.setHTTPMethod("POST"); |
110 request.setHTTPContentType(type == ContentSecurityPolicyViolationReport ? "a
pplication/csp-report" : "application/json"); | 110 request.setHTTPContentType(type == ContentSecurityPolicyViolationReport ? "a
pplication/csp-report" : "application/json"); |
111 request.setHTTPBody(report); | 111 request.setHTTPBody(report); |
112 frame->loader()->addExtraFieldsToRequest(request); | 112 frame->loader().addExtraFieldsToRequest(request); |
113 | 113 |
114 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->
referrerPolicy(), reportURL, frame->loader()->outgoingReferrer()); | 114 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->
referrerPolicy(), reportURL, frame->loader().outgoingReferrer()); |
115 if (!referrer.isEmpty()) | 115 if (!referrer.isEmpty()) |
116 request.setHTTPReferrer(referrer); | 116 request.setHTTPReferrer(referrer); |
117 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request, Secu
rityOrigin::create(reportURL)->isSameSchemeHostPort(frame->document()->securityO
rigin()) ? AllowStoredCredentials : DoNotAllowStoredCredentials)); | 117 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request, Secu
rityOrigin::create(reportURL)->isSameSchemeHostPort(frame->document()->securityO
rigin()) ? AllowStoredCredentials : DoNotAllowStoredCredentials)); |
118 | 118 |
119 // Leak the ping loader, since it will kill itself as soon as it receives a
response. | 119 // Leak the ping loader, since it will kill itself as soon as it receives a
response. |
120 PingLoader* leakedPingLoader = pingLoader.leakPtr(); | 120 PingLoader* leakedPingLoader = pingLoader.leakPtr(); |
121 UNUSED_PARAM(leakedPingLoader); | 121 UNUSED_PARAM(leakedPingLoader); |
122 } | 122 } |
123 | 123 |
124 PingLoader::PingLoader(Frame* frame, ResourceRequest& request, StoredCredentials
credentialsAllowed) | 124 PingLoader::PingLoader(Frame* frame, ResourceRequest& request, StoredCredentials
credentialsAllowed) |
125 : m_timeout(this, &PingLoader::timeout) | 125 : m_timeout(this, &PingLoader::timeout) |
126 { | 126 { |
127 frame->loader()->client()->didDispatchPingLoader(request.url()); | 127 frame->loader().client()->didDispatchPingLoader(request.url()); |
128 | 128 |
129 unsigned long identifier = createUniqueIdentifier(); | 129 unsigned long identifier = createUniqueIdentifier(); |
130 m_loader = adoptPtr(WebKit::Platform::current()->createURLLoader()); | 130 m_loader = adoptPtr(WebKit::Platform::current()->createURLLoader()); |
131 ASSERT(m_loader); | 131 ASSERT(m_loader); |
132 WebKit::WrappedResourceRequest wrappedRequest(request); | 132 WebKit::WrappedResourceRequest wrappedRequest(request); |
133 wrappedRequest.setAllowStoredCredentials(credentialsAllowed == AllowStoredCr
edentials); | 133 wrappedRequest.setAllowStoredCredentials(credentialsAllowed == AllowStoredCr
edentials); |
134 m_loader->loadAsynchronously(wrappedRequest, this); | 134 m_loader->loadAsynchronously(wrappedRequest, this); |
135 | 135 |
136 InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame->
loader()->activeDocumentLoader(), request, ResourceResponse()); | 136 InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame->
loader().activeDocumentLoader(), request, ResourceResponse()); |
137 | 137 |
138 // If the server never responds, FrameLoader won't be able to cancel this lo
ad and | 138 // If the server never responds, FrameLoader won't be able to cancel this lo
ad and |
139 // we'll sit here waiting forever. Set a very generous timeout, just in case
. | 139 // we'll sit here waiting forever. Set a very generous timeout, just in case
. |
140 m_timeout.startOneShot(60000); | 140 m_timeout.startOneShot(60000); |
141 } | 141 } |
142 | 142 |
143 PingLoader::~PingLoader() | 143 PingLoader::~PingLoader() |
144 { | 144 { |
145 if (m_loader) | 145 if (m_loader) |
146 m_loader->cancel(); | 146 m_loader->cancel(); |
147 } | 147 } |
148 | 148 |
149 } | 149 } |
OLD | NEW |