PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, SubresourceLoaderClient* client, const ResourceRequest& request, SecurityCheckPolicy securityCheck, bool sendResourceLoadCallbacks, bool shouldContentSniff)
{
if (!frame)
return 0;
FrameLoader* fl = frame->loader();
if (securityCheck == DoSecurityCheck && (fl->state() == FrameStateProvisional || !fl->activeDocumentLoader() || fl->activeDocumentLoader()->isStopping()))
return 0;
ResourceRequest newRequest = request;
if (securityCheck == DoSecurityCheck && !frame->document()->securityOrigin()->canDisplay(request.url())) {
FrameLoader::reportLocalLoadFailed(frame, request.url().string());
return 0;
}
if (SecurityOrigin::shouldHideReferrer(request.url(), fl->outgoingReferrer()))
newRequest.clearHTTPReferrer();
else if (!request.httpReferrer())
newRequest.setHTTPReferrer(fl->outgoingReferrer());
FrameLoader::addHTTPOriginIfNeeded(newRequest, fl->outgoingOrigin());
fl->addExtraFieldsToSubresourceRequest(newRequest);
RefPtr<SubresourceLoader> subloader(adoptRef(new SubresourceLoader(frame, client, sendResourceLoadCallbacks, shouldContentSniff)));
subloader->documentLoader()->addSubresourceLoader(subloader.get());
if (!subloader->load(newRequest))
return 0;
return subloader.release();
}
void CachedResource::addAdditionalRequestHeaders(CachedResourceLoader* cachedResourceLoader)
{
// Note: We skip the Content-Security-Policy check here because we check
// the Content-Security-Policy at the CachedResourceLoader layer so we can
// handle different resource types differently.
FrameLoader* frameLoader = cachedResourceLoader->frame()->loader();
String outgoingReferrer;
String outgoingOrigin;
if (m_resourceRequest.httpReferrer().isNull()) {
outgoingReferrer = frameLoader->outgoingReferrer();
outgoingOrigin = frameLoader->outgoingOrigin();
} else {
outgoingReferrer = m_resourceRequest.httpReferrer();
outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString();
}
outgoingReferrer = SecurityPolicy::generateReferrerHeader(cachedResourceLoader->document()->referrerPolicy(), m_resourceRequest.url(), outgoingReferrer);
if (outgoingReferrer.isEmpty())
m_resourceRequest.clearHTTPReferrer();
else if (!m_resourceRequest.httpReferrer())
m_resourceRequest.setHTTPReferrer(outgoingReferrer);
FrameLoader::addHTTPOriginIfNeeded(m_resourceRequest, outgoingOrigin);
frameLoader->addExtraFieldsToSubresourceRequest(m_resourceRequest);
}
static bool webKitWebSrcStart(WebKitWebSrc* src)
{
WebKitWebSrcPrivate* priv = src->priv;
if (!priv->uri) {
GST_ERROR_OBJECT(src, "No URI provided");
return false;
}
KURL url = KURL(KURL(), priv->uri);
ResourceRequest request(url);
request.setTargetType(ResourceRequestBase::TargetIsMedia);
request.setAllowCookies(true);
NetworkingContext* context = 0;
if (priv->frame) {
Document* document = priv->frame->document();
if (document)
request.setHTTPReferrer(document->documentURI());
FrameLoader* loader = priv->frame->loader();
if (loader) {
loader->addExtraFieldsToSubresourceRequest(request);
context = loader->networkingContext();
}
}
// Let Apple web servers know we want to access their nice movie trailers.
if (!g_ascii_strcasecmp("movies.apple.com", url.host().utf8().data())
|| !g_ascii_strcasecmp("trailers.apple.com", url.host().utf8().data()))
request.setHTTPUserAgent("Quicktime/7.6.6");
if (priv->requestedOffset) {
GOwnPtr<gchar> val;
val.set(g_strdup_printf("bytes=%" G_GUINT64_FORMAT "-", priv->requestedOffset));
request.setHTTPHeaderField("Range", val.get());
}
if (priv->iradioMode)
request.setHTTPHeaderField("icy-metadata", "1");
// Needed to use DLNA streaming servers
request.setHTTPHeaderField("transferMode.dlna", "Streaming");
priv->resourceHandle = ResourceHandle::create(context, request, priv->client, false, false);
if (!priv->resourceHandle) {
GST_ERROR_OBJECT(src, "Failed to create ResourceHandle");
return false;
}
GST_DEBUG_OBJECT(src, "Started request");
return true;
}
PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, SubresourceLoaderClient* client, const ResourceRequest& request, SecurityCheckPolicy securityCheck, bool sendResourceLoadCallbacks, bool shouldContentSniff, bool shouldBufferData)
{
if (!frame)
return 0;
FrameLoader* fl = frame->loader();
if (securityCheck == DoSecurityCheck && (fl->state() == FrameStateProvisional || !fl->activeDocumentLoader() || fl->activeDocumentLoader()->isStopping()))
return 0;
ResourceRequest newRequest = request;
if (securityCheck == DoSecurityCheck && !frame->document()->securityOrigin()->canDisplay(request.url())) {
FrameLoader::reportLocalLoadFailed(frame, request.url().string());
return 0;
}
// Note: We skip the Content-Security-Policy check here because we check
// the Content-Security-Policy at the CachedResourceLoader layer so we can
// handle different resource types differently.
String outgoingReferrer;
String outgoingOrigin;
if (request.httpReferrer().isNull()) {
outgoingReferrer = fl->outgoingReferrer();
outgoingOrigin = fl->outgoingOrigin();
} else {
outgoingReferrer = request.httpReferrer();
outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString();
}
if (SecurityOrigin::shouldHideReferrer(request.url(), outgoingReferrer))
newRequest.clearHTTPReferrer();
else if (!request.httpReferrer())
newRequest.setHTTPReferrer(outgoingReferrer);
FrameLoader::addHTTPOriginIfNeeded(newRequest, outgoingOrigin);
fl->addExtraFieldsToSubresourceRequest(newRequest);
RefPtr<SubresourceLoader> subloader(adoptRef(new SubresourceLoader(frame, client, sendResourceLoadCallbacks, shouldContentSniff)));
subloader->setShouldBufferData(shouldBufferData);
subloader->documentLoader()->addSubresourceLoader(subloader.get());
if (!subloader->init(newRequest))
return 0;
return subloader.release();
}
PassRefPtr<SubresourceLoader> SubresourceLoader::create(Frame* frame, CachedResource* resource, const ResourceRequest& request, const ResourceLoaderOptions& options)
{
if (!frame)
return 0;
FrameLoader* frameLoader = frame->loader();
if (options.securityCheck == DoSecurityCheck && (frameLoader->state() == FrameStateProvisional || !frameLoader->activeDocumentLoader() || frameLoader->activeDocumentLoader()->isStopping()))
return 0;
ResourceRequest newRequest = request;
// Note: We skip the Content-Security-Policy check here because we check
// the Content-Security-Policy at the CachedResourceLoader layer so we can
// handle different resource types differently.
String outgoingReferrer;
String outgoingOrigin;
if (request.httpReferrer().isNull()) {
outgoingReferrer = frameLoader->outgoingReferrer();
outgoingOrigin = frameLoader->outgoingOrigin();
} else {
outgoingReferrer = request.httpReferrer();
outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString();
}
outgoingReferrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), request.url(), outgoingReferrer);
if (outgoingReferrer.isEmpty())
newRequest.clearHTTPReferrer();
else if (!request.httpReferrer())
newRequest.setHTTPReferrer(outgoingReferrer);
FrameLoader::addHTTPOriginIfNeeded(newRequest, outgoingOrigin);
frameLoader->addExtraFieldsToSubresourceRequest(newRequest);
RefPtr<SubresourceLoader> subloader(adoptRef(new SubresourceLoader(frame, resource, options)));
if (!subloader->init(newRequest))
return 0;
return subloader.release();
}