OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_redirect_job.h" | 5 #include "net/url_request/url_request_redirect_job.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
71 | 71 |
72 int URLRequestRedirectJob::GetResponseCode() const { | 72 int URLRequestRedirectJob::GetResponseCode() const { |
73 // Should only be called after the URLRequest has been notified there's header | 73 // Should only be called after the URLRequest has been notified there's header |
74 // information. | 74 // information. |
75 DCHECK(fake_headers_); | 75 DCHECK(fake_headers_); |
76 return response_code_; | 76 return response_code_; |
77 } | 77 } |
78 | 78 |
79 URLRequestRedirectJob::~URLRequestRedirectJob() {} | 79 URLRequestRedirectJob::~URLRequestRedirectJob() {} |
80 | 80 |
81 void URLRequestRedirectJob::StartAsync() { | 81 void URLRequestRedirectJob::StartAsync() { |
Mike West
2014/09/03 10:35:28
Please note somewhere in this class's header that,
robwu
2014/09/03 17:45:31
Done.
| |
82 receive_headers_end_ = base::TimeTicks::Now(); | 82 receive_headers_end_ = base::TimeTicks::Now(); |
83 response_time_ = base::Time::Now(); | 83 response_time_ = base::Time::Now(); |
84 | 84 |
85 std::string header_string = | 85 std::string header_string = |
86 base::StringPrintf("HTTP/1.1 %i Internal Redirect\n" | 86 base::StringPrintf("HTTP/1.1 %i Internal Redirect\n" |
87 "Location: %s\n" | 87 "Location: %s\n" |
88 "Non-Authoritative-Reason: %s", | 88 "Non-Authoritative-Reason: %s", |
89 response_code_, | 89 response_code_, |
90 redirect_destination_.spec().c_str(), | 90 redirect_destination_.spec().c_str(), |
91 redirect_reason_.c_str()); | 91 redirect_reason_.c_str()); |
92 | |
93 std::string http_origin; | |
94 const net::HttpRequestHeaders& request_headers = | |
95 request_->extra_request_headers(); | |
96 if (request_headers.GetHeader("Origin", &http_origin)) { | |
97 // If this redirect is used in a cross-origin request, add CORS headers to | |
98 // make sure that the redirect gets through. Note that the destination URL | |
99 // is still subject to the usual CORS policy, i.e. the resource will only | |
100 // be available to web pages if the server serves the response with the | |
101 // required CORS response headers. | |
102 // The Origin header is generated by Blink, so its value can safely be used | |
103 // in the header string. | |
104 header_string += base::StringPrintf( | |
105 "\n" | |
106 "Access-Control-Allow-Origin: %s\n" | |
107 "Access-Control-Allow-Credentials: true", | |
108 http_origin.c_str()); | |
Mike West
2014/09/03 10:35:27
It's probably worth DCHECKing that http_origin doe
robwu
2014/09/03 17:45:31
https://codereview.chromium.org/491123004 added DC
| |
109 } | |
110 | |
92 fake_headers_ = new HttpResponseHeaders( | 111 fake_headers_ = new HttpResponseHeaders( |
93 HttpUtil::AssembleRawHeaders(header_string.c_str(), | 112 HttpUtil::AssembleRawHeaders(header_string.c_str(), |
94 header_string.length())); | 113 header_string.length())); |
95 DCHECK(fake_headers_->IsRedirect(NULL)); | 114 DCHECK(fake_headers_->IsRedirect(NULL)); |
96 | 115 |
97 request()->net_log().AddEvent( | 116 request()->net_log().AddEvent( |
98 NetLog::TYPE_URL_REQUEST_FAKE_RESPONSE_HEADERS_CREATED, | 117 NetLog::TYPE_URL_REQUEST_FAKE_RESPONSE_HEADERS_CREATED, |
99 base::Bind( | 118 base::Bind( |
100 &HttpResponseHeaders::NetLogCallback, | 119 &HttpResponseHeaders::NetLogCallback, |
101 base::Unretained(fake_headers_.get()))); | 120 base::Unretained(fake_headers_.get()))); |
102 | 121 |
103 // TODO(mmenke): Consider calling the NetworkDelegate with the headers here. | 122 // TODO(mmenke): Consider calling the NetworkDelegate with the headers here. |
104 // There's some weirdness about how to handle the case in which the delegate | 123 // There's some weirdness about how to handle the case in which the delegate |
105 // tries to modify the redirect location, in terms of how IsSafeRedirect | 124 // tries to modify the redirect location, in terms of how IsSafeRedirect |
106 // should behave, and whether the fragment should be copied. | 125 // should behave, and whether the fragment should be copied. |
107 URLRequestJob::NotifyHeadersComplete(); | 126 URLRequestJob::NotifyHeadersComplete(); |
108 } | 127 } |
109 | 128 |
110 } // namespace net | 129 } // namespace net |
OLD | NEW |