OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved. |
3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org> | 3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org> |
4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org> | 4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org> |
5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved. | 5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved. |
6 * Copyright (C) 2012 Intel Corporation | 6 * Copyright (C) 2012 Intel Corporation |
7 * | 7 * |
8 * This library is free software; you can redistribute it and/or | 8 * This library is free software; you can redistribute it and/or |
9 * modify it under the terms of the GNU Lesser General Public | 9 * modify it under the terms of the GNU Lesser General Public |
10 * License as published by the Free Software Foundation; either | 10 * License as published by the Free Software Foundation; either |
(...skipping 1039 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1050 result.iterator->value = result.iterator->value + ", " + value; | 1050 result.iterator->value = result.iterator->value + ", " + value; |
1051 } | 1051 } |
1052 | 1052 |
1053 String XMLHttpRequest::getRequestHeader(const AtomicString& name) const | 1053 String XMLHttpRequest::getRequestHeader(const AtomicString& name) const |
1054 { | 1054 { |
1055 return m_requestHeaders.get(name); | 1055 return m_requestHeaders.get(name); |
1056 } | 1056 } |
1057 | 1057 |
1058 String XMLHttpRequest::getAllResponseHeaders(ExceptionState& es) const | 1058 String XMLHttpRequest::getAllResponseHeaders(ExceptionState& es) const |
1059 { | 1059 { |
1060 if (m_state < HEADERS_RECEIVED) { | 1060 if (m_state < HEADERS_RECEIVED || m_error) |
1061 es.throwDOMException(InvalidStateError, ExceptionMessages::failedToExecu
te("getAllResponseHeaders", "XMLHttpRequest", "the object's state must not be UN
SENT or OPENED.")); | |
1062 return ""; | 1061 return ""; |
1063 } | |
1064 | 1062 |
1065 StringBuilder stringBuilder; | 1063 StringBuilder stringBuilder; |
1066 | 1064 |
1067 HTTPHeaderSet accessControlExposeHeaderSet; | 1065 HTTPHeaderSet accessControlExposeHeaderSet; |
1068 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-
Control-Expose-Headers"), accessControlExposeHeaderSet); | 1066 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-
Control-Expose-Headers"), accessControlExposeHeaderSet); |
1069 HTTPHeaderMap::const_iterator end = m_response.httpHeaderFields().end(); | 1067 HTTPHeaderMap::const_iterator end = m_response.httpHeaderFields().end(); |
1070 for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(
); it!= end; ++it) { | 1068 for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(
); it!= end; ++it) { |
1071 // Hide Set-Cookie header fields from the XMLHttpRequest client for thes
e reasons: | 1069 // Hide Set-Cookie header fields from the XMLHttpRequest client for thes
e reasons: |
1072 // 1) If the client did have access to the fields, then it could rea
d HTTP-only | 1070 // 1) If the client did have access to the fields, then it could rea
d HTTP-only |
1073 // cookies; those cookies are supposed to be hidden from scripts. | 1071 // cookies; those cookies are supposed to be hidden from scripts. |
(...skipping 12 matching lines...) Expand all Loading... |
1086 stringBuilder.append(it->value); | 1084 stringBuilder.append(it->value); |
1087 stringBuilder.append('\r'); | 1085 stringBuilder.append('\r'); |
1088 stringBuilder.append('\n'); | 1086 stringBuilder.append('\n'); |
1089 } | 1087 } |
1090 | 1088 |
1091 return stringBuilder.toString(); | 1089 return stringBuilder.toString(); |
1092 } | 1090 } |
1093 | 1091 |
1094 String XMLHttpRequest::getResponseHeader(const AtomicString& name, ExceptionStat
e& es) const | 1092 String XMLHttpRequest::getResponseHeader(const AtomicString& name, ExceptionStat
e& es) const |
1095 { | 1093 { |
1096 if (m_state < HEADERS_RECEIVED) { | 1094 if (m_state < HEADERS_RECEIVED || m_error) |
1097 es.throwDOMException(InvalidStateError, ExceptionMessages::failedToExecu
te("getResponseHeader", "XMLHttpRequest", "the object's state must not be UNSENT
or OPENED.")); | |
1098 return String(); | 1095 return String(); |
1099 } | |
1100 | 1096 |
1101 // See comment in getAllResponseHeaders above. | 1097 // See comment in getAllResponseHeaders above. |
1102 if (isSetCookieHeader(name) && !securityOrigin()->canLoadLocalResources()) { | 1098 if (isSetCookieHeader(name) && !securityOrigin()->canLoadLocalResources()) { |
1103 logConsoleError(executionContext(), "Refused to get unsafe header \"" +
name + "\""); | 1099 logConsoleError(executionContext(), "Refused to get unsafe header \"" +
name + "\""); |
1104 return String(); | 1100 return String(); |
1105 } | 1101 } |
1106 | 1102 |
1107 HTTPHeaderSet accessControlExposeHeaderSet; | 1103 HTTPHeaderSet accessControlExposeHeaderSet; |
1108 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-
Control-Expose-Headers"), accessControlExposeHeaderSet); | 1104 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-
Control-Expose-Headers"), accessControlExposeHeaderSet); |
1109 | 1105 |
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1372 { | 1368 { |
1373 return EventTargetNames::XMLHttpRequest; | 1369 return EventTargetNames::XMLHttpRequest; |
1374 } | 1370 } |
1375 | 1371 |
1376 ExecutionContext* XMLHttpRequest::executionContext() const | 1372 ExecutionContext* XMLHttpRequest::executionContext() const |
1377 { | 1373 { |
1378 return ActiveDOMObject::executionContext(); | 1374 return ActiveDOMObject::executionContext(); |
1379 } | 1375 } |
1380 | 1376 |
1381 } // namespace WebCore | 1377 } // namespace WebCore |
OLD | NEW |