1 | /* |
2 | * Copyright (C) 2009, 2012 Google Inc. All rights reserved. |
3 | * Copyright (C) 2016 Apple Inc. All rights reserved. |
4 | * |
5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions are |
7 | * met: |
8 | * |
9 | * * Redistributions of source code must retain the above copyright |
10 | * notice, this list of conditions and the following disclaimer. |
11 | * * Redistributions in binary form must reproduce the above |
12 | * copyright notice, this list of conditions and the following disclaimer |
13 | * in the documentation and/or other materials provided with the |
14 | * distribution. |
15 | * * Neither the name of Google Inc. nor the names of its |
16 | * contributors may be used to endorse or promote products derived from |
17 | * this software without specific prior written permission. |
18 | * |
19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
22 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
23 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
24 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
25 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
26 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
27 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
28 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
29 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
30 | */ |
31 | |
32 | #pragma once |
33 | |
34 | #include "ContentSecurityPolicy.h" |
35 | #include "CrossOriginPreflightChecker.h" |
36 | #include "ResourceResponse.h" |
37 | #include "SecurityOrigin.h" |
38 | #include "ThreadableLoader.h" |
39 | |
40 | namespace WebCore { |
41 | class CachedRawResource; |
42 | class ContentSecurityPolicy; |
43 | class Document; |
44 | class ThreadableLoaderClient; |
45 | |
46 | class DocumentThreadableLoader : public RefCounted<DocumentThreadableLoader>, public ThreadableLoader, private CachedRawResourceClient { |
47 | WTF_MAKE_FAST_ALLOCATED; |
48 | public: |
49 | static void loadResourceSynchronously(Document&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&); |
50 | static void loadResourceSynchronously(Document&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&); |
51 | |
52 | enum class ShouldLogError { No, Yes }; |
53 | static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&, String&& referrer, ShouldLogError); |
54 | static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, String&& referrer = String()); |
55 | |
56 | virtual ~DocumentThreadableLoader(); |
57 | |
58 | void cancel() override; |
59 | virtual void setDefersLoading(bool); |
60 | |
61 | friend CrossOriginPreflightChecker; |
62 | friend class InspectorInstrumentation; |
63 | friend class InspectorNetworkAgent; |
64 | |
65 | using RefCounted<DocumentThreadableLoader>::ref; |
66 | using RefCounted<DocumentThreadableLoader>::deref; |
67 | |
68 | protected: |
69 | void refThreadableLoader() override { ref(); } |
70 | void derefThreadableLoader() override { deref(); } |
71 | |
72 | private: |
73 | enum BlockingBehavior { |
74 | LoadSynchronously, |
75 | LoadAsynchronously |
76 | }; |
77 | |
78 | DocumentThreadableLoader(Document&, ThreadableLoaderClient&, BlockingBehavior, ResourceRequest&&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&, String&&, ShouldLogError); |
79 | |
80 | void clearResource(); |
81 | |
82 | // CachedRawResourceClient |
83 | void dataSent(CachedResource&, unsigned long long bytesSent, unsigned long long totalBytesToBeSent) override; |
84 | void responseReceived(CachedResource&, const ResourceResponse&, CompletionHandler<void()>&&) override; |
85 | void dataReceived(CachedResource&, const char* data, int dataLength) override; |
86 | void redirectReceived(CachedResource&, ResourceRequest&&, const ResourceResponse&, CompletionHandler<void(ResourceRequest&&)>&&) override; |
87 | void finishedTimingForWorkerLoad(CachedResource&, const ResourceTiming&) override; |
88 | void finishedTimingForWorkerLoad(const ResourceTiming&); |
89 | void notifyFinished(CachedResource&) override; |
90 | |
91 | void didReceiveResponse(unsigned long identifier, const ResourceResponse&); |
92 | void didReceiveData(unsigned long identifier, const char* data, int dataLength); |
93 | void didFinishLoading(unsigned long identifier); |
94 | void didFail(unsigned long identifier, const ResourceError&); |
95 | void makeCrossOriginAccessRequest(ResourceRequest&&); |
96 | void makeSimpleCrossOriginAccessRequest(ResourceRequest&&); |
97 | void makeCrossOriginAccessRequestWithPreflight(ResourceRequest&&); |
98 | void preflightSuccess(ResourceRequest&&); |
99 | void preflightFailure(unsigned long identifier, const ResourceError&); |
100 | |
101 | void loadRequest(ResourceRequest&&, SecurityCheckPolicy); |
102 | bool isAllowedRedirect(const URL&); |
103 | bool isAllowedByContentSecurityPolicy(const URL&, ContentSecurityPolicy::RedirectResponseReceived); |
104 | |
105 | bool isXMLHttpRequest() const final; |
106 | |
107 | SecurityOrigin& securityOrigin() const; |
108 | const ContentSecurityPolicy& contentSecurityPolicy() const; |
109 | |
110 | Document& document() { return m_document; } |
111 | const ThreadableLoaderOptions& options() const { return m_options; } |
112 | const String& referrer() const { return m_referrer; } |
113 | bool isLoading() { return m_resource || m_preflightChecker; } |
114 | |
115 | void reportRedirectionWithBadScheme(const URL&); |
116 | void reportContentSecurityPolicyError(const URL&); |
117 | void reportCrossOriginResourceSharingError(const URL&); |
118 | void reportIntegrityMetadataError(const URL&); |
119 | void logErrorAndFail(const ResourceError&); |
120 | |
121 | bool () const; |
122 | bool checkURLSchemeAsCORSEnabled(const URL&); |
123 | |
124 | CachedResourceHandle<CachedRawResource> m_resource; |
125 | ThreadableLoaderClient* m_client; |
126 | Document& m_document; |
127 | ThreadableLoaderOptions m_options; |
128 | RefPtr<SecurityOrigin> m_origin; |
129 | String m_referrer; |
130 | bool m_sameOriginRequest; |
131 | bool m_simpleRequest; |
132 | bool m_async; |
133 | bool m_delayCallbacksForIntegrityCheck; |
134 | std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy; |
135 | Optional<CrossOriginPreflightChecker> m_preflightChecker; |
136 | Optional<HTTPHeaderMap> ; |
137 | |
138 | ShouldLogError m_shouldLogError; |
139 | #if ENABLE(SERVICE_WORKER) |
140 | Optional<ResourceRequest> m_bypassingPreflightForServiceWorkerRequest; |
141 | #endif |
142 | }; |
143 | |
144 | } // namespace WebCore |
145 | |