| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008, 2009 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008, 2009 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 96 m_headers.clear(); | 96 m_headers.clear(); |
| 97 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al
low-Headers"), m_headers)) { | 97 if (!parseAccessControlAllowList(response.httpHeaderField("Access-Control-Al
low-Headers"), m_headers)) { |
| 98 errorDescription = "Cannot parse Access-Control-Allow-Headers response h
eader field."; | 98 errorDescription = "Cannot parse Access-Control-Allow-Headers response h
eader field."; |
| 99 return false; | 99 return false; |
| 100 } | 100 } |
| 101 | 101 |
| 102 unsigned expiryDelta; | 102 unsigned expiryDelta; |
| 103 if (parseAccessControlMaxAge(response.httpHeaderField("Access-Control-Max-Ag
e"), expiryDelta)) { | 103 if (parseAccessControlMaxAge(response.httpHeaderField("Access-Control-Max-Ag
e"), expiryDelta)) { |
| 104 if (expiryDelta > maxPreflightCacheTimeoutSeconds) | 104 if (expiryDelta > maxPreflightCacheTimeoutSeconds) |
| 105 expiryDelta = maxPreflightCacheTimeoutSeconds; | 105 expiryDelta = maxPreflightCacheTimeoutSeconds; |
| 106 } else | 106 } else { |
| 107 expiryDelta = defaultPreflightCacheTimeoutSeconds; | 107 expiryDelta = defaultPreflightCacheTimeoutSeconds; |
| 108 } |
| 108 | 109 |
| 109 m_absoluteExpiryTime = currentTime() + expiryDelta; | 110 m_absoluteExpiryTime = currentTime() + expiryDelta; |
| 110 return true; | 111 return true; |
| 111 } | 112 } |
| 112 | 113 |
| 113 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod(const String&
method, String& errorDescription) const | 114 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginMethod(const String&
method, String& errorDescription) const |
| 114 { | 115 { |
| 115 if (m_methods.contains(method) || isOnAccessControlSimpleRequestMethodWhitel
ist(method)) | 116 if (m_methods.contains(method) || CrossOriginAccessControl::isSimpleMethod(m
ethod)) |
| 116 return true; | 117 return true; |
| 117 | 118 |
| 118 errorDescription = "Method " + method + " is not allowed by Access-Control-A
llow-Methods."; | 119 errorDescription = "Method " + method + " is not allowed by Access-Control-A
llow-Methods."; |
| 119 return false; | 120 return false; |
| 120 } | 121 } |
| 121 | 122 |
| 122 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders(const HTTPHea
derMap& requestHeaders, String& errorDescription) const | 123 bool CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders(const HTTPHea
derMap& requestHeaders, String& errorDescription) const |
| 123 { | 124 { |
| 124 HTTPHeaderMap::const_iterator end = requestHeaders.end(); | 125 HTTPHeaderMap::const_iterator end = requestHeaders.end(); |
| 125 for (HTTPHeaderMap::const_iterator it = requestHeaders.begin(); it != end; +
+it) { | 126 for (HTTPHeaderMap::const_iterator it = requestHeaders.begin(); it != end; +
+it) { |
| 126 if (!m_headers.contains(it->key) && !isOnAccessControlSimpleRequestHeade
rWhitelist(it->key, it->value)) { | 127 if (!m_headers.contains(it->key) && !CrossOriginAccessControl::isSimpleH
eader(it->key, it->value)) { |
| 127 errorDescription = "Request header field " + it->key.string() + " is
not allowed by Access-Control-Allow-Headers."; | 128 errorDescription = "Request header field " + it->key.string() + " is
not allowed by Access-Control-Allow-Headers."; |
| 128 return false; | 129 return false; |
| 129 } | 130 } |
| 130 } | 131 } |
| 131 return true; | 132 return true; |
| 132 } | 133 } |
| 133 | 134 |
| 134 bool CrossOriginPreflightResultCacheItem::allowsRequest(StoredCredentials includ
eCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const | 135 bool CrossOriginPreflightResultCacheItem::allowsRequest(StoredCredentials includ
eCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const |
| 135 { | 136 { |
| 136 String ignoredExplanation; | 137 String ignoredExplanation; |
| (...skipping 29 matching lines...) Expand all Loading... |
| 166 return false; | 167 return false; |
| 167 | 168 |
| 168 if (cacheIt->value->allowsRequest(includeCredentials, method, requestHeaders
)) | 169 if (cacheIt->value->allowsRequest(includeCredentials, method, requestHeaders
)) |
| 169 return true; | 170 return true; |
| 170 | 171 |
| 171 m_preflightHashMap.remove(cacheIt); | 172 m_preflightHashMap.remove(cacheIt); |
| 172 return false; | 173 return false; |
| 173 } | 174 } |
| 174 | 175 |
| 175 } // namespace WebCore | 176 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 379113002:
Move fetch-related predicates to core/fetch. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master