| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2007, 2010, 2011 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2007, 2010, 2011 Apple Inc. All rights reserved. |
| 3 * (C) 2007 Graham Dennis (graham.dennis@gmail.com) | 3 * (C) 2007 Graham Dennis (graham.dennis@gmail.com) |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * | 8 * |
| 9 * 1. Redistributions of source code must retain the above copyright | 9 * 1. Redistributions of source code must retain the above copyright |
| 10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| 24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | 24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
| 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 28 */ | 28 */ |
| 29 | 29 |
| 30 #include "config.h" | 30 #include "config.h" |
| 31 #include "core/fetch/ResourceLoader.h" | 31 #include "core/fetch/ResourceLoader.h" |
| 32 | 32 |
| 33 #include "core/fetch/CSSStyleSheetResource.h" |
| 33 #include "core/fetch/Resource.h" | 34 #include "core/fetch/Resource.h" |
| 34 #include "core/fetch/ResourceLoaderHost.h" | 35 #include "core/fetch/ResourceLoaderHost.h" |
| 35 #include "core/fetch/ResourcePtr.h" | 36 #include "core/fetch/ResourcePtr.h" |
| 36 #include "platform/Logging.h" | 37 #include "platform/Logging.h" |
| 37 #include "platform/SharedBuffer.h" | 38 #include "platform/SharedBuffer.h" |
| 38 #include "platform/ThreadedDataReceiver.h" | 39 #include "platform/ThreadedDataReceiver.h" |
| 39 #include "platform/exported/WrappedResourceRequest.h" | 40 #include "platform/exported/WrappedResourceRequest.h" |
| 40 #include "platform/exported/WrappedResourceResponse.h" | 41 #include "platform/exported/WrappedResourceResponse.h" |
| 41 #include "platform/network/ResourceError.h" | 42 #include "platform/network/ResourceError.h" |
| 42 #include "public/platform/Platform.h" | 43 #include "public/platform/Platform.h" |
| (...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 348 } | 349 } |
| 349 } else { | 350 } else { |
| 350 // If the response successfully validated a cached resource, perform | 351 // If the response successfully validated a cached resource, perform |
| 351 // the access control with respect to it. Need to do this right here | 352 // the access control with respect to it. Need to do this right here |
| 352 // before the resource switches clients over to that validated resou
rce. | 353 // before the resource switches clients over to that validated resou
rce. |
| 353 Resource* resource = m_resource; | 354 Resource* resource = m_resource; |
| 354 if (resource->isCacheValidator() && resourceResponse.httpStatusCode(
) == 304) | 355 if (resource->isCacheValidator() && resourceResponse.httpStatusCode(
) == 304) |
| 355 resource = m_resource->resourceToRevalidate(); | 356 resource = m_resource->resourceToRevalidate(); |
| 356 else | 357 else |
| 357 m_resource->setResponse(resourceResponse); | 358 m_resource->setResponse(resourceResponse); |
| 358 if (!m_host->canAccessResource(resource, m_options.securityOrigin.ge
t(), response.url())) { | 359 if (!m_host->canAccessResource(resource, m_options.securityOrigin.ge
t(), response.url(), ResourceLoaderHost::ShouldLogAccessControlErrors)) { |
| 359 m_host->didReceiveResponse(m_resource, resourceResponse); | 360 m_host->didReceiveResponse(m_resource, resourceResponse); |
| 360 cancel(ResourceError::cancelledDueToAccessCheckError(KURL(respon
se.url()))); | 361 cancel(ResourceError::cancelledDueToAccessCheckError(KURL(respon
se.url()))); |
| 361 return; | 362 return; |
| 362 } | 363 } |
| 363 } | 364 } |
| 364 } | 365 } |
| 365 | 366 |
| 366 // Reference the object in this method since the additional processing can d
o | 367 // Reference the object in this method since the additional processing can d
o |
| 367 // anything including removing the last reference to this object. | 368 // anything including removing the last reference to this object. |
| 368 RefPtrWillBeRawPtr<ResourceLoader> protect(this); | 369 RefPtrWillBeRawPtr<ResourceLoader> protect(this); |
| (...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 525 didFinishLoading(0, monotonicallyIncreasingTime(), encodedDataLength); | 526 didFinishLoading(0, monotonicallyIncreasingTime(), encodedDataLength); |
| 526 } | 527 } |
| 527 | 528 |
| 528 ResourceRequest& ResourceLoader::applyOptions(ResourceRequest& request) const | 529 ResourceRequest& ResourceLoader::applyOptions(ResourceRequest& request) const |
| 529 { | 530 { |
| 530 request.setAllowStoredCredentials(m_options.allowCredentials == AllowStoredC
redentials); | 531 request.setAllowStoredCredentials(m_options.allowCredentials == AllowStoredC
redentials); |
| 531 return request; | 532 return request; |
| 532 } | 533 } |
| 533 | 534 |
| 534 } | 535 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 954233003:
Enable SRI only for same origin and CORS content. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master