webkitgtk-2.16.5HEADwebkitgtk-2.16.5master

1 files changed, 63 insertions, 38 deletions

diff --git a/Source/WebCore/loader/DocumentThreadableLoader.h b/Source/WebCore/loader/DocumentThreadableLoader.h
index bf31ba310..37f951f75 100644
--- a/Source/WebCore/loader/DocumentThreadableLoader.h
+++ b/Source/WebCore/loader/DocumentThreadableLoader.h
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2009, 2012 Google Inc. All rights reserved.
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
@@ -28,44 +29,45 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#ifndef DocumentThreadableLoader_h
-#define DocumentThreadableLoader_h
+#pragma once
 
-#include "CachedRawResourceClient.h"
-#include "CachedResourceHandle.h"
-#include "FrameLoaderTypes.h"
+#include "ContentSecurityPolicy.h"
+#include "CrossOriginPreflightChecker.h"
+#include "ResourceResponse.h"
+#include "SecurityOrigin.h"
 #include "ThreadableLoader.h"
-#include <wtf/Forward.h>
-#include <wtf/OwnPtr.h>
-#include <wtf/PassRefPtr.h>
-#include <wtf/RefCounted.h>
-#include <wtf/RefPtr.h>
-#include <wtf/text/WTFString.h>
 
 namespace WebCore {
     class CachedRawResource;
+    class ContentSecurityPolicy;
     class Document;
-    class URL;
-    class ResourceRequest;
-    class SecurityOrigin;
     class ThreadableLoaderClient;
 
     class DocumentThreadableLoader : public RefCounted<DocumentThreadableLoader>, public ThreadableLoader, private CachedRawResourceClient  {
         WTF_MAKE_FAST_ALLOCATED;
     public:
-        static void loadResourceSynchronously(Document*, const ResourceRequest&, ThreadableLoaderClient&, const ThreadableLoaderOptions&);
-        static PassRefPtr<DocumentThreadableLoader> create(Document*, ThreadableLoaderClient*, const ResourceRequest&, const ThreadableLoaderOptions&);
+        static void loadResourceSynchronously(Document&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&);
+        static void loadResourceSynchronously(Document&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&);
+
+        enum class ShouldLogError { No, Yes };
+        static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&, String&& referrer, ShouldLogError);
+        static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, String&& referrer = String());
+
         virtual ~DocumentThreadableLoader();
 
-        virtual void cancel();
+        void cancel() override;
         virtual void setDefersLoading(bool);
 
+        friend CrossOriginPreflightChecker;
+        friend class InspectorInstrumentation;
+        friend class InspectorNetworkAgent;
+
         using RefCounted<DocumentThreadableLoader>::ref;
         using RefCounted<DocumentThreadableLoader>::deref;
 
     protected:
-        virtual void refThreadableLoader() { ref(); }
-        virtual void derefThreadableLoader() { deref(); }
+        void refThreadableLoader() override { ref(); }
+        void derefThreadableLoader() override { deref(); }
 
     private:
         enum BlockingBehavior {
@@ -73,42 +75,65 @@ namespace WebCore {
             LoadAsynchronously
         };
 
-        DocumentThreadableLoader(Document*, ThreadableLoaderClient*, BlockingBehavior, const ResourceRequest&, const ThreadableLoaderOptions&);
+        DocumentThreadableLoader(Document&, ThreadableLoaderClient&, BlockingBehavior, ResourceRequest&&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&, String&&, ShouldLogError);
 
         void clearResource();
 
         // CachedRawResourceClient
-        virtual void dataSent(CachedResource*, unsigned long long bytesSent, unsigned long long totalBytesToBeSent);
-        virtual void responseReceived(CachedResource*, const ResourceResponse&);
-        virtual void dataReceived(CachedResource*, const char* data, int dataLength);
-        virtual void redirectReceived(CachedResource*, ResourceRequest&, const ResourceResponse&);
-        virtual void notifyFinished(CachedResource*);
-
-        void didReceiveResponse(unsigned long identifier, const ResourceResponse&);
+        void dataSent(CachedResource&, unsigned long long bytesSent, unsigned long long totalBytesToBeSent) override;
+        void responseReceived(CachedResource&, const ResourceResponse&) override;
+        void dataReceived(CachedResource&, const char* data, int dataLength) override;
+        void redirectReceived(CachedResource&, ResourceRequest&, const ResourceResponse&) override;
+        void finishedTimingForWorkerLoad(CachedResource&, const ResourceTiming&) override;
+        void notifyFinished(CachedResource&) override;
+
+        void didReceiveResponse(unsigned long identifier, const ResourceResponse&, ResourceResponse::Tainting);
         void didReceiveData(unsigned long identifier, const char* data, int dataLength);
         void didFinishLoading(unsigned long identifier, double finishTime);
         void didFail(unsigned long identifier, const ResourceError&);
-        void makeCrossOriginAccessRequest(const ResourceRequest&);
-        void makeSimpleCrossOriginAccessRequest(const ResourceRequest& request);
-        void makeCrossOriginAccessRequestWithPreflight(const ResourceRequest& request);
-        void preflightSuccess();
-        void preflightFailure(unsigned long identifier, const String& url, const String& errorDescription);
+        void makeCrossOriginAccessRequest(ResourceRequest&&);
+        void makeSimpleCrossOriginAccessRequest(ResourceRequest&&);
+        void makeCrossOriginAccessRequestWithPreflight(ResourceRequest&&);
+        void preflightSuccess(ResourceRequest&&);
+        void preflightFailure(unsigned long identifier, const ResourceError&);
+
+#if ENABLE(WEB_TIMING)
+        void finishedTimingForWorkerLoad(const ResourceTiming&);
+#endif
 
-        void loadRequest(const ResourceRequest&, SecurityCheckPolicy);
+        void loadRequest(ResourceRequest&&, SecurityCheckPolicy);
         bool isAllowedRedirect(const URL&);
+        bool isAllowedByContentSecurityPolicy(const URL&, ContentSecurityPolicy::RedirectResponseReceived);
 
-        SecurityOrigin* securityOrigin() const;
+        bool isXMLHttpRequest() const final;
+
+        SecurityOrigin& securityOrigin() const;
+        const ContentSecurityPolicy& contentSecurityPolicy() const;
+
+        Document& document() { return m_document; }
+        const ThreadableLoaderOptions& options() const { return m_options; }
+        const String& referrer() const { return m_referrer; }
+        bool isLoading() { return m_resource || m_preflightChecker; }
+
+        void reportRedirectionWithBadScheme(const URL&);
+        void reportContentSecurityPolicyError(const URL&);
+        void reportCrossOriginResourceSharingError(const URL&);
+        void logErrorAndFail(const ResourceError&);
 
         CachedResourceHandle<CachedRawResource> m_resource;
         ThreadableLoaderClient* m_client;
-        Document* m_document;
+        Document& m_document;
         ThreadableLoaderOptions m_options;
+        RefPtr<SecurityOrigin> m_origin;
+        String m_referrer;
         bool m_sameOriginRequest;
         bool m_simpleRequest;
         bool m_async;
-        OwnPtr<ResourceRequest> m_actualRequest;  // non-null during Access Control preflight checks
+        std::unique_ptr<ContentSecurityPolicy> m_contentSecurityPolicy;
+        std::optional<CrossOriginPreflightChecker> m_preflightChecker;
+        std::optional<HTTPHeaderMap> m_originalHeaders;
+
+        ShouldLogError m_shouldLogError;
     };
 
 } // namespace WebCore
-
-#endif // DocumentThreadableLoader_h