bool ArgumentCoder<ResourceRequest>::decode(ArgumentDecoder* decoder, ResourceRequest& resourceRequest)
{
#if USE(CFNETWORK)
bool requestIsPresent;
if (!decoder->decode(requestIsPresent))
return false;
if (!requestIsPresent) {
resourceRequest = ResourceRequest();
return true;
}
RetainPtr<CFDictionaryRef> dictionary;
if (!CoreIPC::decode(decoder, dictionary))
return false;
RetainPtr<CFURLRequestRef> cfURLRequest(AdoptCF, wkCFURLRequestCreateFromSerializableRepresentation(dictionary.get(), CoreIPC::tokenNullTypeRef()));
if (!cfURLRequest)
return false;
RetainPtr<CFMutableURLRequestRef> mutableCFURLRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfURLRequest.get()));
#if USE(CFURLSTORAGESESSIONS)
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), mutableCFURLRequest.get());
#endif
resourceRequest = ResourceRequest(mutableCFURLRequest.get());
return true;
#else
return false;
#endif
}
ResourceRequest ResourceHandleCFURLConnectionDelegate::createResourceRequest(CFURLRequestRef cfRequest, CFURLResponseRef redirectResponse)
{
ResourceRequest request;
CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(redirectResponse);
if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
RetainPtr<CFStringRef> lastHTTPMethod = m_handle->lastHTTPMethod().createCFString();
RetainPtr<CFStringRef> newMethod = adoptCF(CFURLRequestCopyHTTPRequestMethod(cfRequest));
if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
RetainPtr<CFMutableURLRequestRef> mutableRequest = adoptCF(CFURLRequestCreateMutableCopy(0, cfRequest));
wkSetRequestStorageSession(m_handle->storageSession(), mutableRequest.get());
CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
FormData* body = m_handle->firstRequest().httpBody();
if (!equalIgnoringCase(m_handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
WebCore::setHTTPBody(mutableRequest.get(), body);
String originalContentType = m_handle->firstRequest().httpContentType();
if (!originalContentType.isEmpty())
CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentType.createCFString().get());
request = mutableRequest.get();
}
}
if (request.isNull())
request = cfRequest;
if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https") && m_handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect())
request.clearHTTPReferrer();
return request;
}
static CFURLRequestRef willSendRequest(CFURLConnectionRef conn, CFURLRequestRef cfRequest, CFURLResponseRef cfRedirectResponse, const void* clientInfo)
{
#if LOG_DISABLED
UNUSED_PARAM(conn);
#endif
ResourceHandle* handle = static_cast<ResourceHandle*>(const_cast<void*>(clientInfo));
if (!cfRedirectResponse) {
CFRetain(cfRequest);
return cfRequest;
}
LOG(Network, "CFNet - willSendRequest(conn=%p, handle=%p) (%s)", conn, handle, handle->firstRequest().url().string().utf8().data());
ResourceRequest request;
if (cfRedirectResponse) {
CFHTTPMessageRef httpMessage = CFURLResponseGetHTTPResponse(cfRedirectResponse);
if (httpMessage && CFHTTPMessageGetResponseStatusCode(httpMessage) == 307) {
RetainPtr<CFStringRef> lastHTTPMethod(AdoptCF, handle->lastHTTPMethod().createCFString());
RetainPtr<CFStringRef> newMethod(AdoptCF, CFURLRequestCopyHTTPRequestMethod(cfRequest));
if (CFStringCompareWithOptions(lastHTTPMethod.get(), newMethod.get(), CFRangeMake(0, CFStringGetLength(lastHTTPMethod.get())), kCFCompareCaseInsensitive)) {
RetainPtr<CFMutableURLRequestRef> mutableRequest(AdoptCF, CFURLRequestCreateMutableCopy(0, cfRequest));
#if USE(CFURLSTORAGESESSIONS)
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), mutableRequest.get());
#endif
CFURLRequestSetHTTPRequestMethod(mutableRequest.get(), lastHTTPMethod.get());
FormData* body = handle->firstRequest().httpBody();
if (!equalIgnoringCase(handle->firstRequest().httpMethod(), "GET") && body && !body->isEmpty())
WebCore::setHTTPBody(mutableRequest.get(), body);
String originalContentType = handle->firstRequest().httpContentType();
RetainPtr<CFStringRef> originalContentTypeCF(AdoptCF, originalContentType.createCFString());
if (!originalContentType.isEmpty())
CFURLRequestSetHTTPHeaderFieldValue(mutableRequest.get(), CFSTR("Content-Type"), originalContentTypeCF.get());
request = mutableRequest.get();
}
}
}
if (request.isNull())
request = cfRequest;
// Should not set Referer after a redirect from a secure resource to non-secure one.
if (!request.url().protocolIs("https") && protocolIs(request.httpReferrer(), "https"))
request.clearHTTPReferrer();
handle->willSendRequest(request, cfRedirectResponse);
if (request.isNull())
return 0;
cfRequest = request.cfURLRequest();
CFRetain(cfRequest);
return cfRequest;
}
void ResourceRequest::setStorageSession(CFURLStorageSessionRef storageSession)
{
CFMutableURLRequestRef cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get());
wkSetRequestStorageSession(storageSession, cfRequest);
m_cfRequest.adoptCF(cfRequest);
#if PLATFORM(MAC)
updateNSURLRequest();
#endif
}
void ResourceRequest::setStorageSession(CFURLStorageSessionRef storageSession)
{
updatePlatformRequest();
CFMutableURLRequestRef cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get());
wkSetRequestStorageSession(storageSession, cfRequest);
m_cfRequest = adoptCF(cfRequest);
#if PLATFORM(COCOA)
clearOrUpdateNSURLRequest();
#endif
}
void ResourceRequest::doUpdatePlatformRequest()
{
CFMutableURLRequestRef cfRequest;
RetainPtr<CFURLRef> url(AdoptCF, ResourceRequest::url().createCFURL());
RetainPtr<CFURLRef> firstPartyForCookies(AdoptCF, ResourceRequest::firstPartyForCookies().createCFURL());
if (m_cfRequest) {
cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get());
CFURLRequestSetURL(cfRequest, url.get());
CFURLRequestSetMainDocumentURL(cfRequest, firstPartyForCookies.get());
CFURLRequestSetCachePolicy(cfRequest, (CFURLRequestCachePolicy)cachePolicy());
CFURLRequestSetTimeoutInterval(cfRequest, timeoutInterval());
} else
cfRequest = CFURLRequestCreateMutable(0, url.get(), (CFURLRequestCachePolicy)cachePolicy(), timeoutInterval(), firstPartyForCookies.get());
#if USE(CFURLSTORAGESESSIONS)
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), cfRequest);
#endif
RetainPtr<CFStringRef> requestMethod(AdoptCF, httpMethod().createCFString());
CFURLRequestSetHTTPRequestMethod(cfRequest, requestMethod.get());
if (httpPipeliningEnabled())
wkSetHTTPPipeliningPriority(cfRequest, toHTTPPipeliningPriority(m_priority));
setHeaderFields(cfRequest, httpHeaderFields());
WebCore::setHTTPBody(cfRequest, httpBody());
CFURLRequestSetShouldHandleHTTPCookies(cfRequest, allowCookies());
unsigned fallbackCount = m_responseContentDispositionEncodingFallbackArray.size();
RetainPtr<CFMutableArrayRef> encodingFallbacks(AdoptCF, CFArrayCreateMutable(kCFAllocatorDefault, fallbackCount, 0));
for (unsigned i = 0; i != fallbackCount; ++i) {
RetainPtr<CFStringRef> encodingName(AdoptCF, m_responseContentDispositionEncodingFallbackArray[i].createCFString());
CFStringEncoding encoding = CFStringConvertIANACharSetNameToEncoding(encodingName.get());
if (encoding != kCFStringEncodingInvalidId)
CFArrayAppendValue(encodingFallbacks.get(), reinterpret_cast<const void*>(encoding));
}
setContentDispositionEncodingFallbackArray(cfRequest, encodingFallbacks.get());
if (m_cfRequest) {
RetainPtr<CFHTTPCookieStorageRef> cookieStorage(AdoptCF, CFURLRequestCopyHTTPCookieStorage(m_cfRequest.get()));
if (cookieStorage)
CFURLRequestSetHTTPCookieStorage(cfRequest, cookieStorage.get());
CFURLRequestSetHTTPCookieStorageAcceptPolicy(cfRequest, CFURLRequestGetHTTPCookieStorageAcceptPolicy(m_cfRequest.get()));
CFURLRequestSetSSLProperties(cfRequest, CFURLRequestGetSSLProperties(m_cfRequest.get()));
}
m_cfRequest.adoptCF(cfRequest);
#if PLATFORM(MAC)
updateNSURLRequest();
#endif
}
static RetainPtr<CFCachedURLResponseRef> cachedResponseForURL(WebPage* webPage, const KURL& url)
{
RetainPtr<CFURLRef> cfURL(AdoptCF, url.createCFURL());
RetainPtr<CFMutableURLRequestRef> request(AdoptCF, CFURLRequestCreateMutable(0, cfURL.get(), kCFURLRequestCachePolicyReloadIgnoringCache, 60, 0));
#if NEEDS_FIXING_AFTER_R134960
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), request.get());
#endif
CFURLRequestSetHTTPHeaderFieldValue(request.get(), CFSTR("User-Agent"), webPage->userAgent().createCFString().get());
RetainPtr<CFURLCacheRef> cache;
#if NEEDS_FIXING_AFTER_R134960
if (CFURLStorageSessionRef currentStorageSession = ResourceHandle::currentStorageSession())
cache.adoptCF(wkCopyURLCache(currentStorageSession));
else
cache.adoptCF(CFURLCacheCopySharedURLCache());
#endif
RetainPtr<CFCachedURLResponseRef> response(AdoptCF, CFURLCacheCopyResponseForRequest(cache.get(), request.get()));
return response;
}
static CFURLRequestRef makeFinalRequest(const ResourceRequest& request, bool shouldContentSniff)
{
CFMutableURLRequestRef newRequest = CFURLRequestCreateMutableCopy(kCFAllocatorDefault, request.cfURLRequest());
#if USE(CFURLSTORAGESESSIONS)
wkSetRequestStorageSession(ResourceHandle::currentStorageSession(), newRequest);
#endif
if (!shouldContentSniff)
wkSetCFURLRequestShouldContentSniff(newRequest, false);
RetainPtr<CFMutableDictionaryRef> sslProps;
sslProps.adoptCF(ResourceHandle::createSSLPropertiesFromNSURLRequest(request));
if (sslProps)
CFURLRequestSetSSLProperties(newRequest, sslProps.get());
if (CFHTTPCookieStorageRef cookieStorage = currentCookieStorage()) {
CFURLRequestSetHTTPCookieStorage(newRequest, cookieStorage);
CFURLRequestSetHTTPCookieStorageAcceptPolicy(newRequest, CFHTTPCookieStorageGetCookieAcceptPolicy(cookieStorage));
}
return newRequest;
}
void ResourceRequest::setStorageSession(CFURLStorageSessionRef storageSession)
{
CFMutableURLRequestRef cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get());
wkSetRequestStorageSession(storageSession, cfRequest);
m_cfRequest.adoptCF(cfRequest);
}
void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldContentSniff, SchedulingBehavior schedulingBehavior, CFDictionaryRef clientProperties)
{
if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
// Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
URL urlWithCredentials(firstRequest().url());
urlWithCredentials.setUser(d->m_user);
urlWithCredentials.setPass(d->m_pass);
firstRequest().setURL(urlWithCredentials);
}
// <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
// try and reuse the credential preemptively, as allowed by RFC 2617.
if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
// <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
// try and reuse the credential preemptively, as allowed by RFC 2617.
d->m_initialCredential = CredentialStorage::get(firstRequest().url());
} else {
// If there is already a protection space known for the URL, update stored credentials before sending a request.
// This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
// (so that an authentication dialog doesn't pop up).
CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
}
}
if (!d->m_initialCredential.isEmpty()) {
// FIXME: Support Digest authentication, and Proxy-Authorization.
applyBasicAuthorizationHeader(firstRequest(), d->m_initialCredential);
}
RetainPtr<CFMutableURLRequestRef> request = adoptCF(CFURLRequestCreateMutableCopy(kCFAllocatorDefault, firstRequest().cfURLRequest(UpdateHTTPBody)));
wkSetRequestStorageSession(d->m_storageSession.get(), request.get());
if (!shouldContentSniff)
wkSetCFURLRequestShouldContentSniff(request.get(), false);
RetainPtr<CFMutableDictionaryRef> sslProps;
#if PLATFORM(IOS)
sslProps = adoptCF(ResourceHandle::createSSLPropertiesFromNSURLRequest(firstRequest()));
#else
if (allowsAnyHTTPSCertificateHosts().contains(firstRequest().url().host().lower())) {
sslProps = adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
}
HashMap<String, RetainPtr<CFDataRef>>::iterator clientCert = clientCerts().find(firstRequest().url().host().lower());
if (clientCert != clientCerts().end()) {
if (!sslProps)
sslProps = adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
#if PLATFORM(WIN)
wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->value).get());
#endif
}
#endif // PLATFORM(IOS)
if (sslProps)
CFURLRequestSetSSLProperties(request.get(), sslProps.get());
#if PLATFORM(WIN)
if (CFHTTPCookieStorageRef cookieStorage = overridenCookieStorage()) {
// Overridden cookie storage doesn't come from a session, so the request does not have it yet.
CFURLRequestSetHTTPCookieStorage(request.get(), cookieStorage);
}
#endif
CFMutableDictionaryRef streamProperties = CFDictionaryCreateMutable(0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
if (!shouldUseCredentialStorage) {
// Avoid using existing connections, because they may be already authenticated.
CFDictionarySetValue(streamProperties, CFSTR("_kCFURLConnectionSessionID"), CFSTR("WebKitPrivateSession"));
}
if (schedulingBehavior == SchedulingBehavior::Synchronous) {
// Synchronous requests should not be subject to regular connection count limit to avoid deadlocks.
// If we are using all available connections for async requests, and make a sync request, then prior
// requests may get stuck waiting for delegate calls while we are in nested run loop, and the sync
// request won't start because there are no available connections.
// Connections are grouped by their socket stream properties, with each group having a separate count.
CFDictionarySetValue(streamProperties, CFSTR("_WebKitSynchronousRequest"), kCFBooleanTrue);
}
#if PLATFORM(IOS) || (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090)
RetainPtr<CFDataRef> sourceApplicationAuditData = d->m_context->sourceApplicationAuditData();
if (sourceApplicationAuditData)
CFDictionarySetValue(streamProperties, CFSTR("kCFStreamPropertySourceApplication"), sourceApplicationAuditData.get());
#endif
static const CFStringRef kCFURLConnectionSocketStreamProperties = CFSTR("kCFURLConnectionSocketStreamProperties");
RetainPtr<CFMutableDictionaryRef> propertiesDictionary;
if (clientProperties)
propertiesDictionary = adoptCF(CFDictionaryCreateMutableCopy(kCFAllocatorDefault, 0, clientProperties));
else
propertiesDictionary = adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
// FIXME: This code is different from iOS code in ResourceHandleMac.mm in that here we ignore stream properties that were present in client properties.
CFDictionaryAddValue(propertiesDictionary.get(), kCFURLConnectionSocketStreamProperties, streamProperties);
CFRelease(streamProperties);
#if PLATFORM(COCOA)
if (client() && client()->usesAsyncCallbacks())
d->m_connectionDelegate = adoptRef(new ResourceHandleCFURLConnectionDelegateWithOperationQueue(this));
else
d->m_connectionDelegate = adoptRef(new SynchronousResourceHandleCFURLConnectionDelegate(this));
#else
d->m_connectionDelegate = adoptRef(new SynchronousResourceHandleCFURLConnectionDelegate(this));
#endif
d->m_connectionDelegate->setupRequest(request.get());
CFURLConnectionClient_V6 client = d->m_connectionDelegate->makeConnectionClient();
d->m_connection = adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), propertiesDictionary.get()));
}
void ResourceHandle::createCFURLConnection(bool shouldUseCredentialStorage, bool shouldRelaxThirdPartyCookiePolicy, bool shouldContentSniff)
{
if ((!d->m_user.isEmpty() || !d->m_pass.isEmpty()) && !firstRequest().url().protocolIsInHTTPFamily()) {
// Credentials for ftp can only be passed in URL, the didReceiveAuthenticationChallenge delegate call won't be made.
KURL urlWithCredentials(firstRequest().url());
urlWithCredentials.setUser(d->m_user);
urlWithCredentials.setPass(d->m_pass);
firstRequest().setURL(urlWithCredentials);
}
if (shouldRelaxThirdPartyCookiePolicy)
firstRequest().setFirstPartyForCookies(firstRequest().url());
// <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
// try and reuse the credential preemptively, as allowed by RFC 2617.
if (shouldUseCredentialStorage && firstRequest().url().protocolIsInHTTPFamily()) {
if (d->m_user.isEmpty() && d->m_pass.isEmpty()) {
// <rdar://problem/7174050> - For URLs that match the paths of those previously challenged for HTTP Basic authentication,
// try and reuse the credential preemptively, as allowed by RFC 2617.
d->m_initialCredential = CredentialStorage::get(firstRequest().url());
} else {
// If there is already a protection space known for the URL, update stored credentials before sending a request.
// This makes it possible to implement logout by sending an XMLHttpRequest with known incorrect credentials, and aborting it immediately
// (so that an authentication dialog doesn't pop up).
CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), firstRequest().url());
}
}
if (!d->m_initialCredential.isEmpty()) {
// FIXME: Support Digest authentication, and Proxy-Authorization.
applyBasicAuthorizationHeader(firstRequest(), d->m_initialCredential);
}
RetainPtr<CFMutableURLRequestRef> request = adoptCF(CFURLRequestCreateMutableCopy(kCFAllocatorDefault, firstRequest().cfURLRequest()));
wkSetRequestStorageSession(d->m_storageSession.get(), request.get());
if (!shouldContentSniff)
wkSetCFURLRequestShouldContentSniff(request.get(), false);
RetainPtr<CFMutableDictionaryRef> sslProps;
if (allowsAnyHTTPSCertificateHosts().contains(firstRequest().url().host().lower())) {
sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
}
HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(firstRequest().url().host().lower());
if (clientCert != clientCerts().end()) {
if (!sslProps)
sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
#if PLATFORM(WIN)
wkSetClientCertificateInSSLProperties(sslProps.get(), (clientCert->value).get());
#endif
}
if (sslProps)
CFURLRequestSetSSLProperties(request.get(), sslProps.get());
#if PLATFORM(WIN)
if (CFHTTPCookieStorageRef cookieStorage = overridenCookieStorage()) {
// Overridden cookie storage doesn't come from a session, so the request does not have it yet.
CFURLRequestSetHTTPCookieStorage(request.get(), cookieStorage);
}
#endif
CFURLConnectionClient_V6 client = { 6, this, 0, 0, 0, WebCore::willSendRequest, didReceiveResponse, didReceiveData, 0, didFinishLoading, didFail, willCacheResponse, didReceiveChallenge, didSendBodyData, shouldUseCredentialStorageCallback, 0,
#if USE(PROTECTION_SPACE_AUTH_CALLBACK)
canRespondToProtectionSpace,
#else
0,
#endif
0,
#if USE(NETWORK_CFDATA_ARRAY_CALLBACK)
didReceiveDataArray
#else
0
#endif
};
RetainPtr<CFDictionaryRef> connectionProperties(AdoptCF, createConnectionProperties(shouldUseCredentialStorage));
d->m_connection.adoptCF(CFURLConnectionCreateWithProperties(0, request.get(), reinterpret_cast<CFURLConnectionClient*>(&client), connectionProperties.get()));
}