Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(111)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/fetch/Resource.cpp

Issue 954233003: Enable SRI only for same origin and CORS content. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Fixed test failures Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/fetch/Resource.h ('k') | Source/core/fetch/ResourceFetcher.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de) 2 Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de)
3 Copyright (C) 2001 Dirk Mueller (mueller@kde.org) 3 Copyright (C) 2001 Dirk Mueller (mueller@kde.org)
4 Copyright (C) 2002 Waldo Bastian (bastian@kde.org) 4 Copyright (C) 2002 Waldo Bastian (bastian@kde.org)
5 Copyright (C) 2006 Samuel Weinig (sam.weinig@gmail.com) 5 Copyright (C) 2006 Samuel Weinig (sam.weinig@gmail.com)
6 Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserved. 6 Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserved.
7 7
8 This library is free software; you can redistribute it and/or 8 This library is free software; you can redistribute it and/or
9 modify it under the terms of the GNU Library General Public 9 modify it under the terms of the GNU Library General Public
10 License as published by the Free Software Foundation; either 10 License as published by the Free Software Foundation; either
(...skipping 291 matching lines...) Expand 10 before | Expand all | Expand 10 after
302 302
303 void Resource::finish() 303 void Resource::finish()
304 { 304 {
305 ASSERT(!m_resourceToRevalidate); 305 ASSERT(!m_resourceToRevalidate);
306 ASSERT(!errorOccurred()); 306 ASSERT(!errorOccurred());
307 finishOnePart(); 307 finishOnePart();
308 if (!errorOccurred()) 308 if (!errorOccurred())
309 m_status = Cached; 309 m_status = Cached;
310 } 310 }
311 311
312 bool Resource::passesAccessControlCheck(ExecutionContext* context, SecurityOrigi n* securityOrigin) 312 bool Resource::passesAccessControlCheck(ExecutionContext* context, SecurityOrigi n* securityOrigin) const
313 { 313 {
314 String ignoredErrorDescription; 314 String ignoredErrorDescription;
315 return passesAccessControlCheck(context, securityOrigin, ignoredErrorDescrip tion); 315 return passesAccessControlCheck(context, securityOrigin, ignoredErrorDescrip tion);
316 } 316 }
317 317
318 bool Resource::passesAccessControlCheck(ExecutionContext* context, SecurityOrigi n* securityOrigin, String& errorDescription) 318 bool Resource::passesAccessControlCheck(ExecutionContext* context, SecurityOrigi n* securityOrigin, String& errorDescription) const
319 { 319 {
320 return blink::passesAccessControlCheck(context, m_response, resourceRequest( ).allowStoredCredentials() ? AllowStoredCredentials : DoNotAllowStoredCredential s, securityOrigin, errorDescription); 320 return blink::passesAccessControlCheck(context, m_response, resourceRequest( ).allowStoredCredentials() ? AllowStoredCredentials : DoNotAllowStoredCredential s, securityOrigin, errorDescription);
321 } 321 }
322 322
323 bool Resource::isEligibleForIntegrityCheck(ExecutionContext* source) const
324 {
325 String errorDescription;
326 return source->securityOrigin()->canRequest(resourceRequest().url()) || pass esAccessControlCheck(source, source->securityContext().securityOrigin(), errorDe scription);
327 }
328
323 static double currentAge(const ResourceResponse& response, double responseTimest amp) 329 static double currentAge(const ResourceResponse& response, double responseTimest amp)
324 { 330 {
325 // RFC2616 13.2.3 331 // RFC2616 13.2.3
326 // No compensation for latency as that is not terribly important in practice 332 // No compensation for latency as that is not terribly important in practice
327 double dateValue = response.date(); 333 double dateValue = response.date();
328 double apparentAge = std::isfinite(dateValue) ? std::max(0., responseTimesta mp - dateValue) : 0; 334 double apparentAge = std::isfinite(dateValue) ? std::max(0., responseTimesta mp - dateValue) : 0;
329 double ageValue = response.age(); 335 double ageValue = response.age();
330 double correctedReceivedAge = std::isfinite(ageValue) ? std::max(apparentAge , ageValue) : apparentAge; 336 double correctedReceivedAge = std::isfinite(ageValue) ? std::max(apparentAge , ageValue) : apparentAge;
331 double residentTime = currentTime() - responseTimestamp; 337 double residentTime = currentTime() - responseTimestamp;
332 return correctedReceivedAge + residentTime; 338 return correctedReceivedAge + residentTime;
(...skipping 721 matching lines...) Expand 10 before | Expand all | Expand 10 after
1054 return "ImportResource"; 1060 return "ImportResource";
1055 case Resource::Media: 1061 case Resource::Media:
1056 return "Media"; 1062 return "Media";
1057 } 1063 }
1058 ASSERT_NOT_REACHED(); 1064 ASSERT_NOT_REACHED();
1059 return "Unknown"; 1065 return "Unknown";
1060 } 1066 }
1061 #endif // !LOG_DISABLED 1067 #endif // !LOG_DISABLED
1062 1068
1063 } 1069 }
OLDNEW
« no previous file with comments | « Source/core/fetch/Resource.h ('k') | Source/core/fetch/ResourceFetcher.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698