void HTMLAnchorElement::parseAttribute(Attribute* attr)
{
if (attr->name() == hrefAttr) {
bool wasLink = isLink();
setIsLink(!attr->isNull());
if (wasLink != isLink())
setNeedsStyleRecalc();
if (isLink()) {
String parsedURL = stripLeadingAndTrailingHTMLSpaces(attr->value());
if (document()->isDNSPrefetchEnabled()) {
if (protocolIs(parsedURL, "http") || protocolIs(parsedURL, "https") || parsedURL.startsWith("//"))
prefetchDNS(document()->completeURL(parsedURL).host());
}
if (document()->page() && !document()->page()->javaScriptURLsAreAllowed() && protocolIsJavaScript(parsedURL)) {
clearIsLink();
attr->setValue(nullAtom);
}
}
invalidateCachedVisitedLinkHash();
} else if (attr->name() == nameAttr || attr->name() == titleAttr) {
// Do nothing.
} else if (attr->name() == relAttr)
setRel(attr->value());
else
HTMLElement::parseAttribute(attr);
}
void MyResourceLoader::handleRequest()
{
if (protocolIs(m_url, "data"))
loadData(m_url.substring(5)); // 5 for data:
else if (protocolIs(m_url, "file"))
loadFile(m_url.substring(7)); // 7 for file://
}
void HTMLAnchorElement::parseAttribute(Attribute* attr)
{
if (attr->name() == hrefAttr) {
bool wasLink = isLink();
setIsLink(!attr->isNull());
if (wasLink != isLink())
setNeedsStyleRecalc();
if (isLink()) {
String parsedURL = stripLeadingAndTrailingHTMLSpaces(attr->value());
if (document()->isDNSPrefetchEnabled()) {
if (protocolIs(parsedURL, "http") || protocolIs(parsedURL, "https") || parsedURL.startsWith("//"))
prefetchDNS(document()->completeURL(parsedURL).host());
}
if (document()->page() && !document()->page()->javaScriptURLsAreAllowed() && protocolIsJavaScript(parsedURL)) {
clearIsLink();
// FIXME: This is horribly factored.
if (Attribute* hrefAttribute = getAttributeItem(hrefAttr))
hrefAttribute->setValue(nullAtom);
}
#ifdef ARTEMIS
else if(protocolIsJavaScript(parsedURL) && !hasEventListeners(eventNames().clickEvent)) {
// Don't set the onclick event handler if it already has one.
setAttributeEventListener(eventNames().clickEvent, createAttributeEventListener(this, attr));
}
#endif
}
invalidateCachedVisitedLinkHash();
} else if (attr->name() == nameAttr || attr->name() == titleAttr) {
// Do nothing.
} else if (attr->name() == relAttr)
setRel(attr->value());
else
HTMLElement::parseAttribute(attr);
}
String KURL::strippedForUseAsReferrer() const
{
if (protocolIsAbout() || protocolIs("data") || protocolIs("javascript"))
return String();
if (m_parsed.username.is_nonempty() || m_parsed.password.is_nonempty() || m_parsed.ref.is_nonempty()) {
KURL referrer(*this);
referrer.setUser(String());
referrer.setPass(String());
referrer.removeFragmentIdentifier();
return referrer.string();
}
return string();
}
bool SecurityPolicy::shouldHideReferrer(const KURL& url, const String& referrer)
{
bool referrerIsSecureURL = protocolIs(referrer, "https");
bool referrerIsWebURL = referrerIsSecureURL || protocolIs(referrer, "http");
if (!referrerIsWebURL)
return true;
if (!referrerIsSecureURL)
return false;
bool URLIsSecureURL = url.protocolIs("https");
return !URLIsSecureURL;
}
String KURL::fileSystemPath() const
{
if (!isValid() || !protocolIs("file"))
return String();
return String(path());
}
ResourceRequest ResourceHandleCFURLConnectionDelegate::createResourceRequest(CFURLRequestRef cfRequest, CFURLResponseRef redirectResponse)
{
ResourceRequest request;
CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(redirectResponse);
if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
RetainPtr<CFStringRef> lastHTTPMethod = m_handle->lastHTTPMethod().createCFString();
RetainPtr<CFStringRef> newMethod = adoptCF(CFURLRequestCopyHTTPRequestMethod(cfRequest));
if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
RetainPtr<CFMutableURLRequestRef> mutableRequest = adoptCF(CFURLRequestCreateMutableCopy(0, cfRequest));
wkSetRequestStorageSession(m_handle->storageSession(), mutableRequest.get());
CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
FormData* body = m_handle->firstRequest().httpBody();
if (!equalIgnoringCase(m_handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
WebCore::setHTTPBody(mutableRequest.get(), body);
String originalContentType = m_handle->firstRequest().httpContentType();
if (!originalContentType.isEmpty())
CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentType.createCFString().get());
request = mutableRequest.get();
}
}
if (request.isNull())
request = cfRequest;
if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && m_handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect())
request.clearHTTPReferrer();
return request;
}
bool KURL::isLocalFile() const {
// Including feed here might be a bad idea since drag and drop uses this check
// and including feed would allow feeds to potentially let someone's blog
// read the contents of the clipboard on a drag, even without a drop.
// Likewise with using the FrameLoader::shouldTreatURLAsLocal() function.
return protocolIs("file");
}
void MediaPlayer::load(const String& url, const ContentType& contentType)
{
String type = contentType.type().lower();
String typeCodecs = contentType.parameter(codecs());
// If the MIME type is missing or is not meaningful, try to figure it out from the URL.
if (type.isEmpty() || type == applicationOctetStream() || type == textPlain()) {
if (protocolIs(url, "data"))
type = mimeTypeFromDataURL(url);
else {
size_t pos = url.reverseFind('.');
if (pos != notFound) {
String extension = url.substring(pos + 1);
String mediaType = MIMETypeRegistry::getMediaMIMETypeForExtension(extension);
if (!mediaType.isEmpty())
type = mediaType;
}
}
}
m_url = url;
m_contentMIMEType = type;
m_contentTypeCodecs = typeCodecs;
loadWithNextMediaEngine(0);
}
static CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
{
#if LOG_DISABLED
UNUSED_PARAM(conn);
#endif
ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
if (!cfRedirectResponse) {
CFRetain(cfRequest);
return cfRequest;
}
LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
ResourceRequest request;
if (cfRedirectResponse) {
CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
RetainPtr<CFStringRef> lastHTTPMethod(AdoptCF, handle->lastHTTPMethod().createCFString());
RetainPtr<CFStringRef> newMethod(AdoptCF, CFURLRequestCopyHTTPRequestMethod(cfRequest));
if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
#if USE(CFURLSTORAGESESSIONS)
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), mutableRequest.get());
#endif
CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
FormData* body = handle->firstRequest().httpBody();
if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
WebCore::setHTTPBody(mutableRequest.get(), body);
String originalContentType = handle->firstRequest().httpContentType();
RetainPtr<CFStringRef> originalContentTypeCF(AdoptCF, originalContentType.createCFString());
if (!originalContentType.isEmpty())
CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentTypeCF.get());
request = mutableRequest.get();
}
}
}
if (request.isNull())
request = cfRequest;
// Should not set Referer after a redirect from a secure resource to non-secure one.
if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https"))
request.clearHTTPReferrer();
handle->willSendRequest(request, cfRedirectResponse);
if (request.isNull())
return 0;
cfRequest = request.cfURLRequest();
CFRetain(cfRequest);
return cfRequest;
}
bool HTMLPlugInElement::isImageType()
{
if (m_serviceType.isEmpty() && protocolIs(m_url, "data"))
m_serviceType = mimeTypeFromDataURL(m_url);
if (LocalFrame* frame = document().frame()) {
KURL completedURL = document().completeURL(m_url);
return frame->loader().client()->objectContentType(completedURL, m_serviceType, shouldPreferPlugInsForImages()) == ObjectContentImage;
}
return Image::supportsType(m_serviceType);
}
bool HTMLPlugInImageElement::isImageType()
{
if (m_serviceType.isEmpty() && protocolIs(m_url, "data"))
m_serviceType = mimeTypeFromDataURL(m_url);
if (Frame* frame = document()->frame()) {
KURL completedURL = frame->loader()->completeURL(m_url);
return frame->loader()->client()->objectContentType(completedURL, m_serviceType) == ObjectContentImage;
}
return Image::supportsType(m_serviceType);
}
String mimeTypeFromDataURL(const String& url)
{
ASSERT(protocolIs(url, "data"));
size_t index = url.find(';');
if (index == kNotFound)
index = url.find(',');
if (index != kNotFound) {
if (index > 5)
return url.substring(5, index - 5).lower();
return "text/plain"; // Data URLs with no MIME type are considered text/plain.
}
return "";
}
void HTMLAnchorElement::parseAttribute(const Attribute& attribute)
{
if (attribute.name() == hrefAttr) {
bool wasLink = isLink();
setIsLink(!attribute.isNull());
if (wasLink != isLink())
setNeedsStyleRecalc();
if (isLink()) {
String parsedURL = stripLeadingAndTrailingHTMLSpaces(attribute.value());
if (document()->isDNSPrefetchEnabled()) {
if (protocolIs(parsedURL, "http") || protocolIs(parsedURL, "https") || parsedURL.startsWith("//"))
prefetchDNS(document()->completeURL(parsedURL).host());
}
}
invalidateCachedVisitedLinkHash();
} else if (attribute.name() == nameAttr || attribute.name() == titleAttr) {
// Do nothing.
} else if (attribute.name() == relAttr)
setRel(attribute.value());
else
HTMLElement::parseAttribute(attribute);
}
void JSHTMLIFrameElement::setSrc(ExecState* exec, JSValue* value)
{
HTMLIFrameElement* imp = static_cast<HTMLIFrameElement*>(impl());
String srcValue = valueToStringWithNullCheck(exec, value);
if (protocolIs(parseURL(srcValue), "javascript")) {
if (!checkNodeSecurity(exec, imp->contentDocument()))
return;
}
imp->setSrc(srcValue);
}
void HTMLAnchorElement::parseAttribute(const QualifiedName& name, const AtomicString& value)
{
if (name == hrefAttr) {
bool wasLink = isLink();
setIsLink(!value.isNull());
if (wasLink != isLink())
didAffectSelector(AffectedSelectorLink | AffectedSelectorVisited | AffectedSelectorEnabled);
if (isLink()) {
String parsedURL = stripLeadingAndTrailingHTMLSpaces(value);
if (document()->isDNSPrefetchEnabled()) {
if (protocolIs(parsedURL, "http") || protocolIs(parsedURL, "https") || parsedURL.startsWith("//"))
prefetchDNS(document()->completeURL(parsedURL).host());
}
}
invalidateCachedVisitedLinkHash();
} else if (name == nameAttr || name == titleAttr) {
// Do nothing.
} else if (name == relAttr)
setRel(value);
else
HTMLElement::parseAttribute(name, value);
}
String KURL::fileSystemPath() const
{
if (!isValid())
return String();
if (isLocalFile())
return static_cast<QUrl>(*this).toLocalFile();
// A valid qrc resource path begins with a colon.
if (protocolIs("qrc"))
return ":" + decodeURLEscapeSequences(path());
return String();
}
// We copied the KURL version here on Sept 12, 2008 while doing a WebKit
// merge.
//
// FIXME Somehow share this with KURL? Like we'd theoretically merge with
// decodeURLEscapeSequences below?
String mimeTypeFromDataURL(const String& url)
{
ASSERT(protocolIs(url, "data"));
int index = url.find(';');
if (index == -1)
index = url.find(',');
if (index != -1) {
int len = index - 5;
if (len > 0)
return url.substring(5, len);
return "text/plain"; // Data URLs with no MIME type are considered text/plain.
}
return "";
}
void HTMLAnchorElement::parseAttribute(const QualifiedName& name, const AtomicString& value)
{
if (name == hrefAttr) {
bool wasLink = isLink();
setIsLink(!value.isNull());
if (wasLink != isLink()) {
setNeedsStyleRecalc();
invalidateParentDistributionIfNecessary(this, SelectRuleFeatureSet::RuleFeatureLink | SelectRuleFeatureSet::RuleFeatureVisited | SelectRuleFeatureSet::RuleFeatureEnabled);
}
if (isLink()) {
String parsedURL = stripLeadingAndTrailingHTMLSpaces(value);
if (document()->isDNSPrefetchEnabled()) {
if (protocolIs(parsedURL, "http") || protocolIs(parsedURL, "https") || parsedURL.startsWith("//"))
prefetchDNS(document()->completeURL(parsedURL).host());
}
}
invalidateCachedVisitedLinkHash();
} else if (name == nameAttr || name == titleAttr) {
// Do nothing.
} else if (name == relAttr)
setRel(value);
else
HTMLElement::parseAttribute(name, value);
}
static Frame* createWindow(ExecState* exec, Frame* openerFrame, const String& url,
const String& frameName, const WindowFeatures& windowFeatures, JSValuePtr dialogArgs)
{
Frame* activeFrame = asJSDOMWindow(exec->dynamicGlobalObject())->impl()->frame();
ASSERT(activeFrame);
ResourceRequest request;
request.setHTTPReferrer(activeFrame->loader()->outgoingReferrer());
FrameLoader::addHTTPOriginIfNeeded(request, activeFrame->loader()->outgoingOrigin());
FrameLoadRequest frameRequest(request, frameName);
// FIXME: It's much better for client API if a new window starts with a URL, here where we
// know what URL we are going to open. Unfortunately, this code passes the empty string
// for the URL, but there's a reason for that. Before loading we have to set up the opener,
// openedByDOM, and dialogArguments values. Also, to decide whether to use the URL we currently
// do an allowsAccessFrom call using the window we create, which can't be done before creating it.
// We'd have to resolve all those issues to pass the URL instead of "".
bool created;
// We pass in the opener frame here so it can be used for looking up the frame name, in case the active frame
// is different from the opener frame, and the name references a frame relative to the opener frame, for example
// "_self" or "_parent".
Frame* newFrame = activeFrame->loader()->createWindow(openerFrame->loader(), frameRequest, windowFeatures, created);
if (!newFrame)
return 0;
newFrame->loader()->setOpener(openerFrame);
newFrame->loader()->setOpenedByDOM();
JSDOMWindow* newWindow = toJSDOMWindow(newFrame);
if (dialogArgs)
newWindow->putDirect(Identifier(exec, "dialogArguments"), dialogArgs);
if (!protocolIs(url, "javascript") || newWindow->allowsAccessFrom(exec)) {
KURL completedURL = url.isEmpty() ? KURL("") : activeFrame->document()->completeURL(url);
bool userGesture = activeFrame->script()->processingUserGesture();
if (created)
newFrame->loader()->changeLocation(completedURL, activeFrame->loader()->outgoingReferrer(), false, userGesture);
else if (!url.isEmpty())
newFrame->loader()->scheduleLocationChange(completedURL.string(), activeFrame->loader()->outgoingReferrer(), false, userGesture);
}
return newFrame;
}
// Called each time the message is going to be sent again except the first time.
// It's used mostly to let webkit know about redirects.
static void restartedCallback(SoupMessage* msg, gpointer data)
{
ResourceHandle* handle = static_cast<ResourceHandle*>(data);
if (!handle)
return;
ResourceHandleInternal* d = handle->getInternal();
if (d->m_cancelled)
return;
char* uri = soup_uri_to_string(soup_message_get_uri(msg), false);
String location = String(uri);
g_free(uri);
KURL newURL = KURL(handle->request().url(), location);
ResourceRequest request = handle->request();
ResourceResponse response;
request.setURL(newURL);
request.setHTTPMethod(msg->method);
fillResponseFromMessage(msg, &response);
// Should not set Referer after a redirect from a secure resource to non-secure one.
if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https")) {
request.clearHTTPReferrer();
soup_message_headers_remove(msg->request_headers, "Referer");
}
if (d->client())
d->client()->willSendRequest(handle, request, response);
if (d->m_cancelled)
return;
#ifdef HAVE_LIBSOUP_2_29_90
// Update the first party in case the base URL changed with the redirect
String firstPartyString = request.firstPartyForCookies().string();
if (!firstPartyString.isEmpty()) {
GOwnPtr<SoupURI> firstParty(soup_uri_new(firstPartyString.utf8().data()));
soup_message_set_first_party(d->m_msg, firstParty.get());
}
#endif
}
bool documentCanHaveIcon(const String& documentURL)
{
return !documentURL.isEmpty() && !protocolIs(documentURL, "about");
}
bool KURL::protocolIsInHTTPFamily() const
{
return protocolIs("http") || protocolIs("https");
}
bool KURL::isLocalFile() const
{
return protocolIs("file");
}
bool protocolIsJavaScript(const String& url)
{
return protocolIs(url, "javascript");
}
bool KURL::isBlankURL() const
{
return protocolIs("about");
}