Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(37)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/fetch/ResourceFetcher.cpp

Issue 901903003: CSP: Adding the 'upgrade-insecure-requests' directive. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: WebSockets + Tests. Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/fetch/ResourceFetcher.h ('k') | Source/core/fetch/ResourceFetcherTest.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de) 2 Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de)
3 Copyright (C) 2001 Dirk Mueller (mueller@kde.org) 3 Copyright (C) 2001 Dirk Mueller (mueller@kde.org)
4 Copyright (C) 2002 Waldo Bastian (bastian@kde.org) 4 Copyright (C) 2002 Waldo Bastian (bastian@kde.org)
5 Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserved. 5 Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserved.
6 Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/ 6 Copyright (C) 2009 Torch Mobile Inc. http://www.torchmobile.com/
7 7
8 This library is free software; you can redistribute it and/or 8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Library General Public 9 modify it under the terms of the GNU Library General Public
10 License as published by the Free Software Foundation; either 10 License as published by the Free Software Foundation; either
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
59 #include "core/loader/PingLoader.h" 59 #include "core/loader/PingLoader.h"
60 #include "core/loader/SubstituteData.h" 60 #include "core/loader/SubstituteData.h"
61 #include "core/loader/UniqueIdentifier.h" 61 #include "core/loader/UniqueIdentifier.h"
62 #include "core/loader/appcache/ApplicationCacheHost.h" 62 #include "core/loader/appcache/ApplicationCacheHost.h"
63 #include "core/timing/Performance.h" 63 #include "core/timing/Performance.h"
64 #include "core/timing/ResourceTimingInfo.h" 64 #include "core/timing/ResourceTimingInfo.h"
65 #include "core/svg/graphics/SVGImageChromeClient.h" 65 #include "core/svg/graphics/SVGImageChromeClient.h"
66 #include "platform/Logging.h" 66 #include "platform/Logging.h"
67 #include "platform/RuntimeEnabledFeatures.h" 67 #include "platform/RuntimeEnabledFeatures.h"
68 #include "platform/TraceEvent.h" 68 #include "platform/TraceEvent.h"
69 #include "platform/weborigin/KnownPorts.h"
69 #include "platform/weborigin/SchemeRegistry.h" 70 #include "platform/weborigin/SchemeRegistry.h"
70 #include "platform/weborigin/SecurityOrigin.h" 71 #include "platform/weborigin/SecurityOrigin.h"
71 #include "platform/weborigin/SecurityPolicy.h" 72 #include "platform/weborigin/SecurityPolicy.h"
72 #include "public/platform/Platform.h" 73 #include "public/platform/Platform.h"
73 #include "public/platform/WebURL.h" 74 #include "public/platform/WebURL.h"
74 #include "public/platform/WebURLRequest.h" 75 #include "public/platform/WebURLRequest.h"
75 #include "wtf/text/CString.h" 76 #include "wtf/text/CString.h"
76 #include "wtf/text/WTFString.h" 77 #include "wtf/text/WTFString.h"
77 78
78 #define PRELOAD_DEBUG 0 79 #define PRELOAD_DEBUG 0
(...skipping 629 matching lines...) Expand 10 before | Expand all | Expand 10 after
708 } 709 }
709 m_validatedURLs.add(request.resourceRequest().url()); 710 m_validatedURLs.add(request.resourceRequest().url());
710 } 711 }
711 712
712 ResourcePtr<Resource> ResourceFetcher::requestResource(Resource::Type type, Fetc hRequest& request) 713 ResourcePtr<Resource> ResourceFetcher::requestResource(Resource::Type type, Fetc hRequest& request)
713 { 714 {
714 ASSERT(request.options().synchronousPolicy == RequestAsynchronously || type == Resource::Raw); 715 ASSERT(request.options().synchronousPolicy == RequestAsynchronously || type == Resource::Raw);
715 716
716 TRACE_EVENT0("blink", "ResourceFetcher::requestResource"); 717 TRACE_EVENT0("blink", "ResourceFetcher::requestResource");
717 718
719 maybeUpgradeInsecureRequestURL(request);
720
718 KURL url = request.resourceRequest().url(); 721 KURL url = request.resourceRequest().url();
719 722
720 WTF_LOG(ResourceLoading, "ResourceFetcher::requestResource '%s', charset '%s ', priority=%d, forPreload=%u, type=%s", url.elidedString().latin1().data(), req uest.charset().latin1().data(), request.priority(), request.forPreload(), Resour ceTypeName(type)); 723 WTF_LOG(ResourceLoading, "ResourceFetcher::requestResource '%s', charset '%s ', priority=%d, forPreload=%u, type=%s", url.elidedString().latin1().data(), req uest.charset().latin1().data(), request.priority(), request.forPreload(), Resour ceTypeName(type));
721 724
722 // If only the fragment identifiers differ, it is the same resource. 725 // If only the fragment identifiers differ, it is the same resource.
723 url = MemoryCache::removeFragmentIdentifierIfNeeded(url); 726 url = MemoryCache::removeFragmentIdentifierIfNeeded(url);
724 727
725 if (!url.isValid()) 728 if (!url.isValid())
726 return nullptr; 729 return nullptr;
727 730
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after
888 if (request.requestContext() == WebURLRequest::RequestContextUnspecified) 891 if (request.requestContext() == WebURLRequest::RequestContextUnspecified)
889 determineRequestContext(request, type); 892 determineRequestContext(request, type);
890 if (type == Resource::LinkPrefetch || type == Resource::LinkSubresource) 893 if (type == Resource::LinkPrefetch || type == Resource::LinkSubresource)
891 request.setHTTPHeaderField("Purpose", "prefetch"); 894 request.setHTTPHeaderField("Purpose", "prefetch");
892 if (frame()->document()) 895 if (frame()->document())
893 request.setOriginatesFromReservedIPRange(frame()->document()->isHostedIn ReservedIPRange()); 896 request.setOriginatesFromReservedIPRange(frame()->document()->isHostedIn ReservedIPRange());
894 897
895 context().addAdditionalRequestHeaders(document(), request, (type == Resource ::MainResource) ? FetchMainResource : FetchSubresource); 898 context().addAdditionalRequestHeaders(document(), request, (type == Resource ::MainResource) ? FetchMainResource : FetchSubresource);
896 } 899 }
897 900
901 void ResourceFetcher::maybeUpgradeInsecureRequestURL(FetchRequest& request)
902 {
903 if (!m_document)
904 return;
905
906 KURL url = request.resourceRequest().url();
907 if (m_document->insecureContentPolicy() == SecurityContext::InsecureContentU pgrade && url.protocol() == "http") {
908 url.setProtocol("https");
909 if (url.port() == 80)
910 url.setPort(443);
911 request.mutableResourceRequest().setURL(url);
912 }
913 }
914
898 ResourcePtr<Resource> ResourceFetcher::createResourceForRevalidation(const Fetch Request& request, Resource* resource) 915 ResourcePtr<Resource> ResourceFetcher::createResourceForRevalidation(const Fetch Request& request, Resource* resource)
899 { 916 {
900 ASSERT(resource); 917 ASSERT(resource);
901 ASSERT(memoryCache()->contains(resource)); 918 ASSERT(memoryCache()->contains(resource));
902 ASSERT(resource->isLoaded()); 919 ASSERT(resource->isLoaded());
903 ASSERT(resource->canUseCacheValidator()); 920 ASSERT(resource->canUseCacheValidator());
904 ASSERT(!resource->resourceToRevalidate()); 921 ASSERT(!resource->resourceToRevalidate());
905 ASSERT(!isControlledByServiceWorker()); 922 ASSERT(!isControlledByServiceWorker());
906 923
907 ResourceRequest revalidatingRequest(resource->resourceRequest()); 924 ResourceRequest revalidatingRequest(resource->resourceRequest());
(...skipping 671 matching lines...) Expand 10 before | Expand all | Expand 10 after
1579 1596
1580 void ResourceFetcher::trace(Visitor* visitor) 1597 void ResourceFetcher::trace(Visitor* visitor)
1581 { 1598 {
1582 visitor->trace(m_document); 1599 visitor->trace(m_document);
1583 visitor->trace(m_loaders); 1600 visitor->trace(m_loaders);
1584 visitor->trace(m_nonBlockingLoaders); 1601 visitor->trace(m_nonBlockingLoaders);
1585 ResourceLoaderHost::trace(visitor); 1602 ResourceLoaderHost::trace(visitor);
1586 } 1603 }
1587 1604
1588 } 1605 }
OLDNEW
« no previous file with comments | « Source/core/fetch/ResourceFetcher.h ('k') | Source/core/fetch/ResourceFetcherTest.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698