1 | /* |
2 | * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
3 | * |
4 | * Redistribution and use in source and binary forms, with or without |
5 | * modification, are permitted provided that the following conditions |
6 | * are met: |
7 | * 1. Redistributions of source code must retain the above copyright |
8 | * notice, this list of conditions and the following disclaimer. |
9 | * 2. Redistributions in binary form must reproduce the above copyright |
10 | * notice, this list of conditions and the following disclaimer in the |
11 | * documentation and/or other materials provided with the distribution. |
12 | * |
13 | * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY |
14 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
15 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
16 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR |
17 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
18 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
19 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
20 | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
21 | * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
23 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | * |
25 | */ |
26 | |
27 | #pragma once |
28 | |
29 | #include "HTTPHeaderNames.h" |
30 | #include "ReferrerPolicy.h" |
31 | #include "StoredCredentialsPolicy.h" |
32 | #include <wtf/Forward.h> |
33 | #include <wtf/HashSet.h> |
34 | |
35 | namespace WebCore { |
36 | |
37 | class CachedResourceRequest; |
38 | class Document; |
39 | class ; |
40 | class ResourceError; |
41 | class ResourceRequest; |
42 | class ResourceResponse; |
43 | class SecurityOrigin; |
44 | |
45 | struct ResourceLoaderOptions; |
46 | |
47 | WEBCORE_EXPORT bool (const String& method, const HTTPHeaderMap&); |
48 | bool isOnAccessControlSimpleRequestMethodWhitelist(const String&); |
49 | |
50 | void updateRequestReferrer(ResourceRequest&, ReferrerPolicy, const String&); |
51 | |
52 | WEBCORE_EXPORT void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin&, StoredCredentialsPolicy); |
53 | |
54 | WEBCORE_EXPORT ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&, const String&); |
55 | CachedResourceRequest createPotentialAccessControlRequest(ResourceRequest&&, Document&, const String& crossOriginAttribute, ResourceLoaderOptions&&); |
56 | |
57 | bool isValidCrossOriginRedirectionURL(const URL&); |
58 | |
59 | using = HashSet<HTTPHeaderName, WTF::IntHash<HTTPHeaderName>, WTF::StrongEnumHashTraits<HTTPHeaderName>>; |
60 | HTTPHeaderNameSet (const HTTPHeaderMap&); |
61 | WEBCORE_EXPORT void (ResourceRequest&, const HTTPHeaderNameSet& = { }); |
62 | |
63 | WEBCORE_EXPORT bool passesAccessControlCheck(const ResourceResponse&, StoredCredentialsPolicy, SecurityOrigin&, String& errorDescription); |
64 | WEBCORE_EXPORT bool validatePreflightResponse(const ResourceRequest&, const ResourceResponse&, StoredCredentialsPolicy, SecurityOrigin&, String& errorDescription); |
65 | |
66 | WEBCORE_EXPORT Optional<ResourceError> validateCrossOriginResourcePolicy(const SecurityOrigin&, const URL&, const ResourceResponse&); |
67 | |
68 | } // namespace WebCore |
69 | |