Move fetch-related predicates to core/fetch.

Source/core/fetch/CrossOriginAccessControl.cpp

 /*
  * Copyright (C) 2008 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
@@ skipping 22 matching lines @@
 #include "platform/network/ResourceRequest.h"
 #include "platform/network/ResourceResponse.h"
 #include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "wtf/Threading.h"
 #include "wtf/text/AtomicString.h"
 #include "wtf/text/StringBuilder.h"
 
 namespace WebCore {
 
-bool isOnAccessControlSimpleRequestMethodWhitelist(const String& method)
+namespace {
+
+struct ForbiddenHeaderNames {
+    WTF_MAKE_NONCOPYABLE(ForbiddenHeaderNames); WTF_MAKE_FAST_ALLOCATED;
+public:
+    ForbiddenHeaderNames();
+    bool has(const String& name) const
+    {
+        return m_fixedNames.contains(name)
+            || name.startsWith(m_proxyHeaderPrefix, false)
+            || name.startsWith(m_secHeaderPrefix, false);
+    }
+
+private:
+    String m_proxyHeaderPrefix;
+    String m_secHeaderPrefix;
+    HashSet<String, CaseFoldingHash> m_fixedNames;
+};
+
+ForbiddenHeaderNames::ForbiddenHeaderNames()
+    : m_proxyHeaderPrefix("proxy-")
+    , m_secHeaderPrefix("sec-")
 {
-    return method == "GET" || method == "HEAD" || method == "POST";
+    m_fixedNames.add("accept-charset");
+    m_fixedNames.add("accept-encoding");
+    m_fixedNames.add("access-control-request-headers");
+    m_fixedNames.add("access-control-request-method");
+    m_fixedNames.add("connection");
+    m_fixedNames.add("content-length");
+    m_fixedNames.add("cookie");
+    m_fixedNames.add("cookie2");
+    m_fixedNames.add("date");
+    m_fixedNames.add("dnt");
+    m_fixedNames.add("expect");
+    m_fixedNames.add("host");
+    m_fixedNames.add("keep-alive");
+    m_fixedNames.add("origin");
+    m_fixedNames.add("referer");
+    m_fixedNames.add("te");
+    m_fixedNames.add("trailer");
+    m_fixedNames.add("transfer-encoding");
+    m_fixedNames.add("upgrade");
+    m_fixedNames.add("user-agent");
+    m_fixedNames.add("via");
 }
 
-bool isOnAccessControlSimpleRequestHeaderWhitelist(const AtomicString& name, const AtomicString& value)
+static const ForbiddenHeaderNames* forbiddenHeaderNames = nullptr;
+
+static const ForbiddenHeaderNames* createForbiddenHeaderNames()
 {
-    if (equalIgnoringCase(name, "accept")
-        || equalIgnoringCase(name, "accept-language")
-        || equalIgnoringCase(name, "content-language")
-        || equalIgnoringCase(name, "origin")
-        || equalIgnoringCase(name, "referer"))
-        return true;
-
-    // Preflight is required for MIME types that can not be sent via form submission.
-    if (equalIgnoringCase(name, "content-type")) {
-        AtomicString mimeType = extractMIMETypeFromMediaType(value);
-        return equalIgnoringCase(mimeType, "application/x-www-form-urlencoded")
-            || equalIgnoringCase(mimeType, "multipart/form-data")
-            || equalIgnoringCase(mimeType, "text/plain");
-    }
-
-    return false;
+    forbiddenHeaderNames = new ForbiddenHeaderNames;
+    return forbiddenHeaderNames;
 }
 
-bool isSimpleCrossOriginAccessRequest(const String& method, const HTTPHeaderMap& headerMap)
+static const ForbiddenHeaderNames* initializeForbiddenHeaderNames()

[sof, 2014/07/17 08:18:09]

Unless there are reasons not to, should we move this and the other static
function into ForbiddenHeaderNames as static methods?

[yhirano, 2014/08/06 08:48:03]

Done.

 {
-    if (!isOnAccessControlSimpleRequestMethodWhitelist(method))
-        return false;
+    // Uses dummy to avoid warnings about an unused variable.

[sof, 2014/07/17 08:18:09]

I know this is code that you moved into here, but it is used? Switch to a better
name (and remove comment)?

[yhirano, 2014/08/06 08:48:03]

Done.

+    AtomicallyInitializedStatic(const ForbiddenHeaderNames*, dummy = createForbiddenHeaderNames());
+    return dummy;
+}
 
-    HTTPHeaderMap::const_iterator end = headerMap.end();
-    for (HTTPHeaderMap::const_iterator it = headerMap.begin(); it != end; ++it) {
-        if (!isOnAccessControlSimpleRequestHeaderWhitelist(it->key, it->value))
-            return false;
-    }
-
-    return true;
-}
+} // namespace
 
 static PassOwnPtr<HTTPHeaderSet> createAllowedCrossOriginResponseHeadersSet()
 {
     OwnPtr<HTTPHeaderSet> headerSet = adoptPtr(new HashSet<String, CaseFoldingHash>);
 
     headerSet->add("cache-control");
     headerSet->add("content-language");
     headerSet->add("content-type");
     headerSet->add("expires");
     headerSet->add("last-modified");
@@ skipping 186 matching lines @@
         request.clearHTTPOrigin();
         request.setHTTPOrigin(securityOrigin->toAtomicString());
         // If the user didn't request credentials in the first place, update our
         // state so we neither request them nor expect they must be allowed.
         if (options.credentialsRequested == ClientDidNotRequestCredentials)
             options.allowCredentials = DoNotAllowStoredCredentials;
     }
     return true;
 }
 
+bool CrossOriginAccessControl::isSimpleMethod(const String& method)
+{
+    // "A simple method is a method that is `GET`, `HEAD`, or `POST`."

[sof, 2014/07/17 08:18:09]

Anchor this with a spec href?

[yhirano, 2014/08/06 08:48:02]

Done.

+    return method == "GET" || method == "HEAD" || method == "POST";
+}
+
+bool CrossOriginAccessControl::isSimpleHeader(const AtomicString& name, const AtomicString& value)
+{
+    // "A simple header is a header whose name is either one of `Accept`,

[sof, 2014/07/17 08:18:09]

This is also something with a settled spec reference by now; add one?

[yhirano, 2014/08/06 08:48:03]

Done.

+    // `Accept-Language`, and `Content-Language`, or whose name is
+    // `Content-Type` and value, once parsed, is one of
+    // `application/x-www-form-urlencoded`, `multipart/form-data`, and
+    // `text/plain`."
+
+    if (equalIgnoringCase(name, "accept")
+        || equalIgnoringCase(name, "accept-language")
+        || equalIgnoringCase(name, "content-language"))
+        return true;
+
+    // Preflight is required for MIME types that can not be sent via form submission.
+    if (equalIgnoringCase(name, "content-type")) {
+        AtomicString mimeType = extractMIMETypeFromMediaType(value);
+        return equalIgnoringCase(mimeType, "application/x-www-form-urlencoded")
+            || equalIgnoringCase(mimeType, "multipart/form-data")
+            || equalIgnoringCase(mimeType, "text/plain");
+    }
+
+    return false;
+}
+
+bool CrossOriginAccessControl::isSimpleRequest(const String& method, const HTTPHeaderMap& headerMap)
+{
+    if (!isSimpleMethod(method))
+        return false;
+
+    HTTPHeaderMap::const_iterator end = headerMap.end();
+    for (HTTPHeaderMap::const_iterator it = headerMap.begin(); it != end; ++it) {
+        if (!isSimpleHeader(it->key, it->value))
+            return false;
+    }
+
+    return true;
+}
+
+bool CrossOriginAccessControl::isForbiddenMethod(const String& method)
+{
+    // "A forbidden method is a method that is a byte case-insensitive match"

[sof, 2014/07/17 08:18:09]

I think it is a good idea to share definitions like this and a worthwhile
stopping point to have them in CrossOriginAccessControl, but Fetch/XHR
predicates are best kept separate and somewhere else? They're not cross-origin
related, per se.

This is another definition that could do with a spec xref.

[yhirano, 2014/08/06 08:48:02]

I didn't come up with a great name, but moved these code to FetchUtil class.

[sof, 2014/08/06 19:48:15]

Yes, "Utils" classes can grow to become a disparate collection of methods, but
just something to look out for as we go along.

+    //  for one of `CONNECT`, `TRACE`, and `TRACK`."
+    return equalIgnoringCase(method, "TRACE")
+        || equalIgnoringCase(method, "TRACK")
+        || equalIgnoringCase(method, "CONNECT");
+}
+
+bool CrossOriginAccessControl::isForbiddenHeaderName(const String& name)
+{
+    // "A forbidden header name is a header names that is one of:
+    //   `Accept-Charset`, `Accept-Encoding`, `Access-Control-Request-Headers`,
+    //   `Access-Control-Request-Method`, `Connection`,
+    //   `Content-Length, Cookie`, `Cookie2`, `Date`, `DNT`, `Expect`, `Host`,
+    //   `Keep-Alive`, `Origin`, `Referer`, `TE`, `Trailer`,
+    //   `Transfer-Encoding`, `Upgrade`, `User-Agent`, `Via`
+    // or starts with `Proxy-` or `Sec-` (including when it is just `Proxy-` or
+    // `Sec-`)."
+
+    initializeForbiddenHeaderNames();
+    return forbiddenHeaderNames->has(name);
+}
+
+bool CrossOriginAccessControl::isForbiddenResponseHeaderName(const String& name)
+{
+    // "A forbidden response header name is a header name that is one of:
+    // `Set-Cookie`, `Set-Cookie2`"
+
+    return equalIgnoringCase(name, "set-cookie") || equalIgnoringCase(name, "set-cookie2");
+}
+
+bool CrossOriginAccessControl::isSimpleOrForbiddenRequest(const String& method, const HTTPHeaderMap& headerMap)
+{
+    if (!isSimpleMethod(method))
+        return false;
+
+    HTTPHeaderMap::const_iterator end = headerMap.end();
+    for (HTTPHeaderMap::const_iterator it = headerMap.begin(); it != end; ++it) {
+        if (!isSimpleHeader(it->key, it->value) && !isForbiddenHeaderName(it->key))
+            return false;
+    }
+
+    return true;
+}
+
 } // namespace WebCore