Source/core/loader/DocumentThreadableLoader.cpp - Issue 399543002: [ServiceWorker] Make fetch() method better conformance with the spec.

Side by Side Diff: Source/core/loader/DocumentThreadableLoader.cpp

Issue 399543002: [ServiceWorker] Make fetch() method better conformance with the spec. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved.	2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved.

3 * Copyright (C) 2013, Intel Corporation	3 * Copyright (C) 2013, Intel Corporation

4 *	4 *

5 * Redistribution and use in source and binary forms, with or without	5 * Redistribution and use in source and binary forms, with or without

6 * modification, are permitted provided that the following conditions are	6 * modification, are permitted provided that the following conditions are

7 * met:	7 * met:

8 *	8 *

9 * * Redistributions of source code must retain the above copyright	9 * * Redistributions of source code must retain the above copyright

10 * notice, this list of conditions and the following disclaimer.	10 * notice, this list of conditions and the following disclaimer.

(...skipping 168 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
179 if (resource())	179 if (resource())

180 resource()->setDefersLoading(value);	180 resource()->setDefersLoading(value);

181 }	181 }

182	182

183 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse)	183 void DocumentThreadableLoader::redirectReceived(Resource* resource, ResourceRequ est& request, const ResourceResponse& redirectResponse)

184 {	184 {

185 ASSERT(m_client);	185 ASSERT(m_client);

186 ASSERT_UNUSED(resource, resource == this->resource());	186 ASSERT_UNUSED(resource, resource == this->resource());

187	187

188 RefPtr<DocumentThreadableLoader> protect(this);	188 RefPtr<DocumentThreadableLoader> protect(this);

	189

	190 // We don't support redirect in Fech API yet.

	191 // FIXME: Support redirect in Fech API.

	192 if (resource->resourceRequest().requestContext() == blink::WebURLRequest::Re questContextFetch) {

	193 m_client->didFailRedirectCheck();

	194 request = ResourceRequest();

	195 return;

	196 }

	197

189 if (!isAllowedByPolicy(request.url())) {	198 if (!isAllowedByPolicy(request.url())) {

190 m_client->didFailRedirectCheck();	199 m_client->didFailRedirectCheck();

191 request = ResourceRequest();	200 request = ResourceRequest();

192 return;	201 return;

193 }	202 }

194	203

195 // Allow same origin requests to continue after allowing clients to audit th e redirect.	204 // Allow same origin requests to continue after allowing clients to audit th e redirect.

196 if (isAllowedRedirect(request.url())) {	205 if (isAllowedRedirect(request.url())) {

197 if (m_client->isDocumentThreadableLoaderClient())	206 if (m_client->isDocumentThreadableLoaderClient())

198 static_cast<DocumentThreadableLoaderClient*>(m_client)->willSendRequ est(request, redirectResponse);	207 static_cast<DocumentThreadableLoaderClient*>(m_client)->willSendRequ est(request, redirectResponse);

(...skipping 116 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
315	324

316 void DocumentThreadableLoader::handleResponse(unsigned long identifier, const Re sourceResponse& response)	325 void DocumentThreadableLoader::handleResponse(unsigned long identifier, const Re sourceResponse& response)

317 {	326 {

318 ASSERT(m_client);	327 ASSERT(m_client);

319	328

320 if (m_actualRequest) {	329 if (m_actualRequest) {

321 handlePreflightResponse(identifier, response);	330 handlePreflightResponse(identifier, response);

322 return;	331 return;

323 }	332 }

324	333

325 // FIXME: When response.wasFetchedViaServiceWorker() is true, we need to che ck the URL of the response for CSP and CORS.	334 // If the response is fetched via ServiceWorker, the original URL of the res ponse could be different from the URL of the request.

	335 if (response.wasFetchedViaServiceWorker()) {

	336 if (!isAllowedByPolicy(response.url())) {

	337 m_client->didFailRedirectCheck();

	338 return;

	339 }

	340 if (!isAllowedRedirect(response.url())) {

	341 if (m_options.crossOriginRequestPolicy == DenyCrossOriginRequests) {

	342 m_client->didFail(ResourceError(errorDomainBlinkInternal, 0, res ponse.url().string(), "Cross origin requests are not supported."));

	343 return;

	344 }

	345 if (m_options.crossOriginRequestPolicy == UseAccessControl) {
	yhirano 2014/07/16 13:12:27 This block is very similar to one from L355. The o This block is very similar to one from L355. The only difference is this block checks securityOrigin()->canRequest(url) (in isAllowedRedirect). If you can add the check for securityOrigin()->canRequest(url) at L355, we can merge the two blocks. horo 2014/07/18 09:12:18 Done. Show quoted text On 2014/07/16 13:12:27, yhirano wrote: > This block is very similar to one from L355. > The only difference is this block checks securityOrigin()->canRequest(url) (in > isAllowedRedirect). > If you can add the check for securityOrigin()->canRequest(url) at L355, we can > merge the two blocks. Done.
	346 String accessControlErrorDescription;

	347 if (!passesAccessControlCheck(response, effectiveAllowCredential s(), securityOrigin(), accessControlErrorDescription)) {

	348 m_client->didFailAccessControlCheck(ResourceError(errorDomai nBlinkInternal, 0, response.url().string(), accessControlErrorDescription));

	349 return;

	350 }

	351 }

	352 }

	353 }

326	354

327 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == UseAccessC ontrol) {	355 if (!m_sameOriginRequest && m_options.crossOriginRequestPolicy == UseAccessC ontrol) {

328 String accessControlErrorDescription;	356 String accessControlErrorDescription;

329 if (!passesAccessControlCheck(response, effectiveAllowCredentials(), sec urityOrigin(), accessControlErrorDescription)) {	357 if (!passesAccessControlCheck(response, effectiveAllowCredentials(), sec urityOrigin(), accessControlErrorDescription)) {

330 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn ternal, 0, response.url().string(), accessControlErrorDescription));	358 m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkIn ternal, 0, response.url().string(), accessControlErrorDescription));

331 return;	359 return;

332 }	360 }

333 }	361 }

334	362

335 m_client->didReceiveResponse(identifier, response);	363 m_client->didReceiveResponse(identifier, response);

(...skipping 167 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
503 return DoNotAllowStoredCredentials;	531 return DoNotAllowStoredCredentials;

504 return m_resourceLoaderOptions.allowCredentials;	532 return m_resourceLoaderOptions.allowCredentials;

505 }	533 }

506	534

507 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const	535 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const

508 {	536 {

509 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin ();	537 return m_securityOrigin ? m_securityOrigin.get() : m_document.securityOrigin ();

510 }	538 }

511	539

512 } // namespace WebCore	540 } // namespace WebCore

OLD	NEW

« Source/core/fetch/ResourceFetcher.cpp ('K') | « Source/core/fetch/ResourceFetcher.cpp ('k') | Source/core/timing/Performance.cpp » ('j') | Source/modules/serviceworkers/FetchManager.cpp » ('J')