Beispiel #1
0
void FetchManager::Loader::didFinishLoading(unsigned long, double)
{
    if (!m_resolver->executionContext() || m_resolver->executionContext()->activeDOMObjectsAreStopped())
        return;

    OwnPtr<BlobData> blobData = BlobData::create();
    String filePath = m_response.downloadedFilePath();
    if (!filePath.isEmpty() && m_downloadedBlobLength) {
        blobData->appendFile(filePath);
        blobData->setContentType(m_response.mimeType());
    }
    FetchResponseData* response = FetchResponseData::create();
    response->setStatus(m_response.httpStatusCode());
    response->setStatusMessage(m_response.httpStatusText());
    HTTPHeaderMap::const_iterator end = m_response.httpHeaderFields().end();
    for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(); it != end; ++it) {
        response->headerList()->append(it->key, it->value);
    }
    response->setBlobDataHandle(BlobDataHandle::create(blobData.release(), m_downloadedBlobLength));
    response->setURL(m_request->url());

    switch (m_request->tainting()) {
    case FetchRequestData::BasicTainting:
        response = response->createBasicFilteredResponse();
        break;
    case FetchRequestData::CORSTainting:
        response = response->createCORSFilteredResponse();
        break;
    case FetchRequestData::OpaqueTainting:
        response = response->createOpaqueFilteredResponse();
        break;
    }
    m_resolver->resolve(Response::create(m_resolver->executionContext(), response));
    notifyFinished();
}
TEST_F(FetchResponseDataTest, OpaqueFilter)
{
    FetchResponseData* internalResponse = createInternalResponse();
    FetchResponseData* opaqueResponseData = internalResponse->createOpaqueFilteredResponse();

    EXPECT_FALSE(opaqueResponseData->headerList()->has("set-cookie"));
    EXPECT_FALSE(opaqueResponseData->headerList()->has("bar"));
    EXPECT_FALSE(opaqueResponseData->headerList()->has("cache-control"));
}
TEST_F(FetchResponseDataTest, ToWebServiceWorkerOpaqueType)
{
    WebServiceWorkerResponse webResponse;
    FetchResponseData* internalResponse = createInternalResponse();
    FetchResponseData* opaqueResponseData = internalResponse->createOpaqueFilteredResponse();

    opaqueResponseData->populateWebServiceWorkerResponse(webResponse);
    EXPECT_EQ(WebServiceWorkerResponseTypeOpaque, webResponse.responseType());
    CheckHeaders(webResponse);
}
TEST_F(FetchResponseDataTest, OpaqueFilterOnResponseWithAccessControlExposeHeaders)
{
    FetchResponseData* internalResponse = createInternalResponse();
    internalResponse->headerList()->append("access-control-expose-headers", "set-cookie, bar");

    FetchResponseData* opaqueResponseData = internalResponse->createOpaqueFilteredResponse();

    EXPECT_FALSE(opaqueResponseData->headerList()->has("set-cookie"));
    EXPECT_FALSE(opaqueResponseData->headerList()->has("bar"));
    EXPECT_FALSE(opaqueResponseData->headerList()->has("cache-control"));
}
void FetchManager::Loader::didReceiveResponse(unsigned long, const ResourceResponse& response, PassOwnPtr<WebDataConsumerHandle> handle)
{
    ASSERT(handle);

    m_responseHttpStatusCode = response.httpStatusCode();

    // Recompute the tainting if the request was redirected to a different
    // origin.
    if (!SecurityOrigin::create(response.url())->isSameSchemeHostPort(m_request->origin().get())) {
        switch (m_request->mode()) {
        case WebURLRequest::FetchRequestModeSameOrigin:
            ASSERT_NOT_REACHED();
            break;
        case WebURLRequest::FetchRequestModeNoCORS:
            m_request->setResponseTainting(FetchRequestData::OpaqueTainting);
            break;
        case WebURLRequest::FetchRequestModeCORS:
        case WebURLRequest::FetchRequestModeCORSWithForcedPreflight:
            m_request->setResponseTainting(FetchRequestData::CORSTainting);
            break;
        }
    }
    FetchResponseData* responseData = FetchResponseData::createWithBuffer(BodyStreamBuffer::create(createFetchDataConsumerHandleFromWebHandle(handle)));
    responseData->setStatus(response.httpStatusCode());
    responseData->setStatusMessage(response.httpStatusText());
    for (auto& it : response.httpHeaderFields())
        responseData->headerList()->append(it.key, it.value);
    responseData->setURL(response.url());
    responseData->setMIMEType(response.mimeType());

    FetchResponseData* taintedResponse = responseData;
    switch (m_request->tainting()) {
    case FetchRequestData::BasicTainting:
        taintedResponse = responseData->createBasicFilteredResponse();
        break;
    case FetchRequestData::CORSTainting:
        taintedResponse = responseData->createCORSFilteredResponse();
        break;
    case FetchRequestData::OpaqueTainting:
        taintedResponse = responseData->createOpaqueFilteredResponse();
        break;
    }
    Response* r = Response::create(m_resolver->executionContext(), taintedResponse);
    r->headers()->setGuard(Headers::ImmutableGuard);
    m_resolver->resolve(r);
    m_resolver.clear();
}