void ResourceRequest::addHTTPOriginIfNeeded(PassRefPtr<SecurityOrigin> origin) { if (!httpOrigin().isEmpty()) return; // Request already has an Origin header. // Don't send an Origin header for GET or HEAD to avoid privacy issues. // For example, if an intranet page has a hyperlink to an external web // site, we don't want to include the Origin of the request because it // will leak the internal host name. Similar privacy concerns have lead // to the widespread suppression of the Referer header at the network // layer. if (httpMethod() == HTTPNames::GET || httpMethod() == HTTPNames::HEAD) return; // For non-GET and non-HEAD methods, always send an Origin header so the // server knows we support this feature. AtomicString originString = origin->toAtomicString(); if (originString.isEmpty()) { // If we don't know what origin header to attach, we attach the value // for an empty origin. setHTTPOrigin(SecurityOrigin::createUnique()); return; } setHTTPOrigin(origin); }
PassOwnPtr<CrossThreadResourceRequestData> ResourceRequest::copyData() const { OwnPtr<CrossThreadResourceRequestData> data = adoptPtr(new CrossThreadResourceRequestData()); data->m_url = url().copy(); data->m_cachePolicy = cachePolicy(); data->m_timeoutInterval = timeoutInterval(); data->m_firstPartyForCookies = firstPartyForCookies().copy(); data->m_httpMethod = httpMethod().string().isolatedCopy(); data->m_httpHeaders = httpHeaderFields().copyData(); data->m_priority = priority(); data->m_intraPriorityValue = m_intraPriorityValue; if (m_httpBody) data->m_httpBody = m_httpBody->deepCopy(); data->m_allowStoredCredentials = m_allowStoredCredentials; data->m_reportUploadProgress = m_reportUploadProgress; data->m_hasUserGesture = m_hasUserGesture; data->m_downloadToFile = m_downloadToFile; data->m_requestorID = m_requestorID; data->m_requestorProcessID = m_requestorProcessID; data->m_appCacheHostID = m_appCacheHostID; data->m_requestContext = m_requestContext; data->m_referrerPolicy = m_referrerPolicy; return data.release(); }
bool KQOAuthRequest_XAuth::isValid() const { // An xAuth can never request temporary credentials. if (requestType() == KQOAuthRequest::TemporaryCredentials) { qWarning() << "XAuth request cannot be of type KQOAuthRequest::TemporaryCredentials. Aborting."; return false; } // Access token must always be retrieved using the POST HTTP method. if (requestType() == KQOAuthRequest::AccessToken && httpMethod() != KQOAuthRequest::POST) { qWarning() << "Access tokens must be fetched using the POST HTTP method. Aborting."; return false; } if (!xauth_parameters_set) { qWarning() << "No XAuth parameters set. Aborting."; return false; } // And then check the validity of the XAuth request. // Provided by the base class as a protected method for us. return validateXAuthRequest(); }
SoupMessage* ResourceRequest::toSoupMessage() const { SoupMessage* soupMessage = soup_message_new(httpMethod().utf8().data(), url().string().utf8().data()); if (!soupMessage) return 0; const HTTPHeaderMap& headers = httpHeaderFields(); SoupMessageHeaders* soupHeaders = soupMessage->request_headers; if (!headers.isEmpty()) { HTTPHeaderMap::const_iterator end = headers.end(); for (HTTPHeaderMap::const_iterator it = headers.begin(); it != end; ++it) soup_message_headers_append(soupHeaders, it->first.string().utf8().data(), it->second.utf8().data()); } #ifdef HAVE_LIBSOUP_2_29_90 String firstPartyString = firstPartyForCookies().string(); if (!firstPartyString.isEmpty()) { GOwnPtr<SoupURI> firstParty(soup_uri_new(firstPartyString.utf8().data())); soup_message_set_first_party(soupMessage, firstParty.get()); } #endif soup_message_set_flags(soupMessage, m_soupFlags); // Body data is only handled at ResourceHandleSoup::startHttp for // now; this is because this may not be a good place to go // openning and mmapping files. We should maybe revisit this. return soupMessage; }
void ResourceRequest::doUpdatePlatformRequest() { CFMutableURLRequestRef cfRequest; RetainPtr<CFURLRef> url(AdoptCF, ResourceRequest::url().createCFURL()); RetainPtr<CFURLRef> firstPartyForCookies(AdoptCF, ResourceRequest::firstPartyForCookies().createCFURL()); if (m_cfRequest) { cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get()); CFURLRequestSetURL(cfRequest, url.get()); CFURLRequestSetMainDocumentURL(cfRequest, firstPartyForCookies.get()); CFURLRequestSetCachePolicy(cfRequest, (CFURLRequestCachePolicy)cachePolicy()); CFURLRequestSetTimeoutInterval(cfRequest, timeoutInterval()); } else cfRequest = CFURLRequestCreateMutable(0, url.get(), (CFURLRequestCachePolicy)cachePolicy(), timeoutInterval(), firstPartyForCookies.get()); CFURLRequestSetHTTPRequestMethod(cfRequest, httpMethod().createCFString().get()); if (httpPipeliningEnabled()) wkSetHTTPPipeliningPriority(cfRequest, toHTTPPipeliningPriority(m_priority)); #if !PLATFORM(WIN) wkCFURLRequestAllowAllPostCaching(cfRequest); #endif setHeaderFields(cfRequest, httpHeaderFields()); CFURLRequestSetShouldHandleHTTPCookies(cfRequest, allowCookies()); unsigned fallbackCount = m_responseContentDispositionEncodingFallbackArray.size(); RetainPtr<CFMutableArrayRef> encodingFallbacks(AdoptCF, CFArrayCreateMutable(kCFAllocatorDefault, fallbackCount, 0)); for (unsigned i = 0; i != fallbackCount; ++i) { RetainPtr<CFStringRef> encodingName = m_responseContentDispositionEncodingFallbackArray[i].createCFString(); CFStringEncoding encoding = CFStringConvertIANACharSetNameToEncoding(encodingName.get()); if (encoding != kCFStringEncodingInvalidId) CFArrayAppendValue(encodingFallbacks.get(), reinterpret_cast<const void*>(encoding)); } setContentDispositionEncodingFallbackArray(cfRequest, encodingFallbacks.get()); if (m_cfRequest) { RetainPtr<CFHTTPCookieStorageRef> cookieStorage(AdoptCF, CFURLRequestCopyHTTPCookieStorage(m_cfRequest.get())); if (cookieStorage) CFURLRequestSetHTTPCookieStorage(cfRequest, cookieStorage.get()); CFURLRequestSetHTTPCookieStorageAcceptPolicy(cfRequest, CFURLRequestGetHTTPCookieStorageAcceptPolicy(m_cfRequest.get())); CFURLRequestSetSSLProperties(cfRequest, CFURLRequestGetSSLProperties(m_cfRequest.get())); } #if ENABLE(CACHE_PARTITIONING) String partition = cachePartition(); if (!partition.isNull() && !partition.isEmpty()) { CString utf8String = partition.utf8(); RetainPtr<CFStringRef> partitionValue(AdoptCF, CFStringCreateWithBytes(0, reinterpret_cast<const UInt8*>(utf8String.data()), utf8String.length(), kCFStringEncodingUTF8, false)); _CFURLRequestSetProtocolProperty(cfRequest, wkCachePartitionKey(), partitionValue.get()); } #endif m_cfRequest.adoptCF(cfRequest); #if PLATFORM(MAC) updateNSURLRequest(); #endif }
void ResourceRequest::updateSoupMessage(SoupMessage* soupMessage) const { g_object_set(soupMessage, SOUP_MESSAGE_METHOD, httpMethod().utf8().data(), NULL); GOwnPtr<SoupURI> uri(soupURI()); soup_message_set_uri(soupMessage, uri.get()); updateSoupMessageMembers(soupMessage); }
/** * @brief Create an AWS V4 Signature canonical request. * * @param[in] operation The HTTP method being used for the request. * @param[in] request The network request to generate a canonical request for. * @param[in] payload Optional data being submitted in the request (eg for `PUT` and `POST` operations). * @param[out] signedHeaders A semi-colon separated list of the names of all headers * included in the result. * * @return An AWS V4 Signature canonical request. * * @see http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html */ QByteArray AwsSignatureV4Private::canonicalRequest(const QNetworkAccessManager::Operation operation, const QNetworkRequest &request, const QByteArray &payload, QByteArray * const signedHeaders) const { return httpMethod(operation).toUtf8() + '\n' + canonicalPath(request.url()).toUtf8() + '\n' + canonicalQuery(QUrlQuery(request.url())) + '\n' + canonicalHeaders(request, signedHeaders) + '\n' + *signedHeaders + '\n' + QCryptographicHash::hash(payload, hashAlgorithm).toHex(); }
void ResourceRequest::doUpdatePlatformRequest() { CFMutableURLRequestRef cfRequest; RetainPtr<CFURLRef> url(AdoptCF, ResourceRequest::url().createCFURL()); RetainPtr<CFURLRef> firstPartyForCookies(AdoptCF, ResourceRequest::firstPartyForCookies().createCFURL()); if (m_cfRequest) { cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get()); CFURLRequestSetURL(cfRequest, url.get()); CFURLRequestSetMainDocumentURL(cfRequest, firstPartyForCookies.get()); CFURLRequestSetCachePolicy(cfRequest, (CFURLRequestCachePolicy)cachePolicy()); CFURLRequestSetTimeoutInterval(cfRequest, timeoutInterval()); } else cfRequest = CFURLRequestCreateMutable(0, url.get(), (CFURLRequestCachePolicy)cachePolicy(), timeoutInterval(), firstPartyForCookies.get()); CFURLRequestSetHTTPRequestMethod(cfRequest, httpMethod().createCFString().get()); if (httpPipeliningEnabled()) wkSetHTTPPipeliningPriority(cfRequest, toHTTPPipeliningPriority(m_priority)); #if !PLATFORM(WIN) wkCFURLRequestAllowAllPostCaching(cfRequest); #endif setHeaderFields(cfRequest, httpHeaderFields()); RefPtr<FormData> formData = httpBody(); if (formData && !formData->isEmpty()) WebCore::setHTTPBody(cfRequest, formData); CFURLRequestSetShouldHandleHTTPCookies(cfRequest, allowCookies()); unsigned fallbackCount = m_responseContentDispositionEncodingFallbackArray.size(); RetainPtr<CFMutableArrayRef> encodingFallbacks(AdoptCF, CFArrayCreateMutable(kCFAllocatorDefault, fallbackCount, 0)); for (unsigned i = 0; i != fallbackCount; ++i) { RetainPtr<CFStringRef> encodingName = m_responseContentDispositionEncodingFallbackArray[i].createCFString(); CFStringEncoding encoding = CFStringConvertIANACharSetNameToEncoding(encodingName.get()); if (encoding != kCFStringEncodingInvalidId) CFArrayAppendValue(encodingFallbacks.get(), reinterpret_cast<const void*>(encoding)); } setContentDispositionEncodingFallbackArray(cfRequest, encodingFallbacks.get()); if (m_cfRequest) { RetainPtr<CFHTTPCookieStorageRef> cookieStorage(AdoptCF, CFURLRequestCopyHTTPCookieStorage(m_cfRequest.get())); if (cookieStorage) CFURLRequestSetHTTPCookieStorage(cfRequest, cookieStorage.get()); CFURLRequestSetHTTPCookieStorageAcceptPolicy(cfRequest, CFURLRequestGetHTTPCookieStorageAcceptPolicy(m_cfRequest.get())); CFURLRequestSetSSLProperties(cfRequest, CFURLRequestGetSSLProperties(m_cfRequest.get())); } m_cfRequest.adoptCF(cfRequest); #if PLATFORM(MAC) updateNSURLRequest(); #endif }
SoupMessage* ResourceRequest::toSoupMessage() const { SoupMessage* soupMessage = soup_message_new(httpMethod().utf8().data(), url().string().utf8().data()); if (!soupMessage) return 0; updateSoupMessageMembers(soupMessage); // Body data is only handled at ResourceHandleSoup::startHttp for // now; this is because this may not be a good place to go // openning and mmapping files. We should maybe revisit this. return soupMessage; }
SoupMessage* ResourceRequest::toSoupMessage() const { SoupMessage* soupMessage = soup_message_new(httpMethod().utf8().data(), url().string().utf8().data()); if (!soupMessage) return 0; HTTPHeaderMap headers = httpHeaderFields(); SoupMessageHeaders* soupHeaders = soupMessage->request_headers; if (!headers.isEmpty()) { HTTPHeaderMap::const_iterator end = headers.end(); for (HTTPHeaderMap::const_iterator it = headers.begin(); it != end; ++it) soup_message_headers_append(soupHeaders, it->first.string().utf8().data(), it->second.utf8().data()); } // Body data is only handled at ResourceHandleSoup::startHttp for // now; this is because this may not be a good place to go // openning and mmapping files. We should maybe revisit this. return soupMessage; }
void ResourceRequest::doUpdatePlatformRequest() { CFMutableURLRequestRef cfRequest; RetainPtr<CFURLRef> url(AdoptCF, ResourceRequest::url().createCFURL()); RetainPtr<CFURLRef> firstPartyForCookies(AdoptCF, ResourceRequest::firstPartyForCookies().createCFURL()); if (m_cfRequest) { cfRequest = CFURLRequestCreateMutableCopy(0, m_cfRequest.get()); CFURLRequestSetURL(cfRequest, url.get()); CFURLRequestSetMainDocumentURL(cfRequest, firstPartyForCookies.get()); CFURLRequestSetCachePolicy(cfRequest, (CFURLRequestCachePolicy)cachePolicy()); CFURLRequestSetTimeoutInterval(cfRequest, timeoutInterval()); } else { cfRequest = CFURLRequestCreateMutable(0, url.get(), (CFURLRequestCachePolicy)cachePolicy(), timeoutInterval(), firstPartyForCookies.get()); } RetainPtr<CFStringRef> requestMethod(AdoptCF, httpMethod().createCFString()); CFURLRequestSetHTTPRequestMethod(cfRequest, requestMethod.get()); addHeadersFromHashMap(cfRequest, httpHeaderFields()); WebCore::setHTTPBody(cfRequest, httpBody()); CFURLRequestSetShouldHandleHTTPCookies(cfRequest, allowHTTPCookies()); unsigned fallbackCount = m_responseContentDispositionEncodingFallbackArray.size(); RetainPtr<CFMutableArrayRef> encodingFallbacks(AdoptCF, CFArrayCreateMutable(kCFAllocatorDefault, fallbackCount, 0)); for (unsigned i = 0; i != fallbackCount; ++i) { RetainPtr<CFStringRef> encodingName(AdoptCF, m_responseContentDispositionEncodingFallbackArray[i].createCFString()); CFStringEncoding encoding = CFStringConvertIANACharSetNameToEncoding(encodingName.get()); if (encoding != kCFStringEncodingInvalidId) CFArrayAppendValue(encodingFallbacks.get(), reinterpret_cast<const void*>(encoding)); } setContentDispositionEncodingFallbackArray(cfRequest, encodingFallbacks.get()); if (m_cfRequest) { RetainPtr<CFHTTPCookieStorageRef> cookieStorage(AdoptCF, CFURLRequestCopyHTTPCookieStorage(m_cfRequest.get())); if (cookieStorage) CFURLRequestSetHTTPCookieStorage(cfRequest, cookieStorage.get()); CFURLRequestSetHTTPCookieStorageAcceptPolicy(cfRequest, CFURLRequestGetHTTPCookieStorageAcceptPolicy(m_cfRequest.get())); CFURLRequestSetSSLProperties(cfRequest, CFURLRequestGetSSLProperties(m_cfRequest.get())); } m_cfRequest.adoptCF(cfRequest); }
void ResourceRequest::updateSoupMessage(SoupMessage* soupMessage) const { g_object_set(soupMessage, SOUP_MESSAGE_METHOD, httpMethod().utf8().data(), NULL); const HTTPHeaderMap& headers = httpHeaderFields(); SoupMessageHeaders* soupHeaders = soupMessage->request_headers; if (!headers.isEmpty()) { HTTPHeaderMap::const_iterator end = headers.end(); for (HTTPHeaderMap::const_iterator it = headers.begin(); it != end; ++it) soup_message_headers_append(soupHeaders, it->first.string().utf8().data(), it->second.utf8().data()); } String firstPartyString = firstPartyForCookies().string(); if (!firstPartyString.isEmpty()) { GOwnPtr<SoupURI> firstParty(soup_uri_new(firstPartyString.utf8().data())); soup_message_set_first_party(soupMessage, firstParty.get()); } soup_message_set_flags(soupMessage, m_soupFlags); }
PassOwnPtr<CrossThreadResourceRequestData> ResourceRequestBase::copyData() const { OwnPtr<CrossThreadResourceRequestData> data(new CrossThreadResourceRequestData()); data->m_url = url().copy(); data->m_cachePolicy = cachePolicy(); data->m_timeoutInterval = timeoutInterval(); data->m_firstPartyForCookies = firstPartyForCookies().copy(); data->m_httpMethod = httpMethod().crossThreadString(); data->m_httpHeaders = httpHeaderFields().copyData(); data->m_responseContentDispositionEncodingFallbackArray.reserveInitialCapacity(m_responseContentDispositionEncodingFallbackArray.size()); size_t encodingArraySize = m_responseContentDispositionEncodingFallbackArray.size(); for (size_t index = 0; index < encodingArraySize; ++index) { data->m_responseContentDispositionEncodingFallbackArray.append(m_responseContentDispositionEncodingFallbackArray[index].crossThreadString()); } if (m_httpBody) data->m_httpBody = m_httpBody->deepCopy(); data->m_allowCookies = m_allowCookies; return data.release(); }
auto_ptr<CrossThreadResourceRequestData> ResourceRequestBase::copyData() const { auto_ptr<CrossThreadResourceRequestData> data(new CrossThreadResourceRequestData()); data->m_url = url().copy(); data->m_cachePolicy = cachePolicy(); data->m_timeoutInterval = timeoutInterval(); data->m_mainDocumentURL = mainDocumentURL().copy(); data->m_httpMethod = httpMethod().copy(); data->m_httpHeaders.adopt(httpHeaderFields().copyData()); data->m_responseContentDispositionEncodingFallbackArray.reserveInitialCapacity(m_responseContentDispositionEncodingFallbackArray.size()); size_t encodingArraySize = m_responseContentDispositionEncodingFallbackArray.size(); for (size_t index = 0; index < encodingArraySize; ++index) { data->m_responseContentDispositionEncodingFallbackArray.append(m_responseContentDispositionEncodingFallbackArray[index].copy()); } if (m_httpBody) data->m_httpBody = m_httpBody->deepCopy(); data->m_allowHTTPCookies = m_allowHTTPCookies; return data; }
/** * @brief Create an AWS V3 Signature canonical request. * * Note, this function implments both `AWS3` and `AWS3-HTTPS` variants of the * AWS Signature version 3 - which are quite different. * * @param[in] operation The HTTP method being used for the request. * @param[in] request The network request to generate a canonical request for. * @param[in] payload Optional data being submitted in the request (eg for `PUT` and `POST` operations). * @param[out] signedHeaders A semi-colon separated list of the names of all headers * included in the result. * * @return An AWS V3 Signature canonical request. * * @see http://docs.aws.amazon.com/amazonswf/latest/developerguide/HMACAuth-swf.html (AWS3) * @see http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/RESTAuthentication.html (AWS3-HTTPS) */ QByteArray AwsSignatureV3Private::canonicalRequest(const QNetworkAccessManager::Operation operation, const QNetworkRequest &request, const QByteArray &payload, QByteArray * const signedHeaders) const { // AWS3-HTTPS if (isHttps(request)) { Q_ASSERT((request.hasRawHeader("x-amz-date")) || (request.hasRawHeader("Date"))); QByteArray canonicalRequest = request.rawHeader(request.hasRawHeader("x-amz-date") ? "x-amz-date" : "Date"); if (request.hasRawHeader("x-amz-nonce")) { canonicalRequest += request.rawHeader("x-amz-nonce"); } return canonicalRequest; } // AWS3 return httpMethod(operation).toUtf8() + '\n' + canonicalPath(request.url()).toUtf8() + '\n' + canonicalQuery(QUrlQuery(request.url())) + '\n' + canonicalHeaders(request, signedHeaders) + '\n' + payload; }
PassOwnPtr<CrossThreadResourceRequestData> ResourceRequest::copyData() const { OwnPtr<CrossThreadResourceRequestData> data = adoptPtr(new CrossThreadResourceRequestData()); data->m_url = url().copy(); data->m_cachePolicy = getCachePolicy(); data->m_timeoutInterval = timeoutInterval(); data->m_firstPartyForCookies = firstPartyForCookies().copy(); data->m_requestorOrigin = requestorOrigin() ? requestorOrigin()->isolatedCopy() : nullptr; data->m_httpMethod = httpMethod().getString().isolatedCopy(); data->m_httpHeaders = httpHeaderFields().copyData(); data->m_priority = priority(); data->m_intraPriorityValue = m_intraPriorityValue; if (m_httpBody) data->m_httpBody = m_httpBody->deepCopy(); data->m_allowStoredCredentials = m_allowStoredCredentials; data->m_reportUploadProgress = m_reportUploadProgress; data->m_hasUserGesture = m_hasUserGesture; data->m_downloadToFile = m_downloadToFile; data->m_useStreamOnResponse = m_useStreamOnResponse; data->m_skipServiceWorker = m_skipServiceWorker; data->m_shouldResetAppCache = m_shouldResetAppCache; data->m_requestorID = m_requestorID; data->m_requestorProcessID = m_requestorProcessID; data->m_appCacheHostID = m_appCacheHostID; data->m_requestContext = m_requestContext; data->m_frameType = m_frameType; data->m_fetchRequestMode = m_fetchRequestMode; data->m_fetchCredentialsMode = m_fetchCredentialsMode; data->m_fetchRedirectMode = m_fetchRedirectMode; data->m_loFiState = m_loFiState; data->m_referrerPolicy = m_referrerPolicy; data->m_didSetHTTPReferrer = m_didSetHTTPReferrer; data->m_checkForBrowserSideNavigation = m_checkForBrowserSideNavigation; data->m_uiStartTime = m_uiStartTime; data->m_isExternalRequest = m_isExternalRequest; data->m_inputPerfMetricReportPolicy = m_inputPerfMetricReportPolicy; data->m_followedRedirect = m_followedRedirect; return data.release(); }
void ResourceRequest::initializePlatformRequest(NetworkRequest& platformRequest, bool cookiesEnabled, bool isInitial, bool isRedirect) const { // If this is the initial load, skip the request body and headers. if (isInitial) platformRequest.setRequestInitial(timeoutInterval()); else { platformRequest.setRequestUrl(url().string(), httpMethod(), platformCachePolicyForRequest(*this), platformTargetTypeForRequest(*this), timeoutInterval()); platformRequest.setConditional(isConditional()); platformRequest.setSuggestedSaveName(suggestedSaveName()); if (httpBody() && !httpBody()->isEmpty()) { RefPtr<FormData> formData = httpBody(); #if ENABLE(BLOB) formData = formData->resolveBlobReferences(); #endif const Vector<FormDataElement>& elements = formData->elements(); // Use setData for simple forms because it is slightly more efficient. if (elements.size() == 1 && elements[0].m_type == FormDataElement::data) platformRequest.setData(elements[0].m_data.data(), elements[0].m_data.size()); else { for (unsigned i = 0; i < elements.size(); ++i) { const FormDataElement& element = elements[i]; if (element.m_type == FormDataElement::data) platformRequest.addMultipartData(element.m_data.data(), element.m_data.size()); else if (element.m_type == FormDataElement::encodedFile) platformRequest.addMultipartFilename(element.m_filename.characters(), element.m_filename.length()); else ASSERT_NOT_REACHED(); // Blobs should be resolved at this point. } } } // When ResourceRequest is reused by CacheResourceLoader, page refreshing or redirection, its cookies may be dirtied. We won't use these cookies any more. bool cookieHeaderMayBeDirty = isRedirect || cachePolicy() == WebCore::ReloadIgnoringCacheData || cachePolicy() == WebCore::ReturnCacheDataElseLoad; for (HTTPHeaderMap::const_iterator it = httpHeaderFields().begin(); it != httpHeaderFields().end(); ++it) { String key = it->key; String value = it->value; if (!key.isEmpty()) { if (equalIgnoringCase(key, "Cookie")) { // We won't use the old cookies of resourceRequest for new location because these cookies may be changed by redirection. if (cookieHeaderMayBeDirty) continue; // We need to check the encoding and encode the cookie's value using latin1 or utf8 to support unicode data. if (!value.containsOnlyLatin1()) { platformRequest.addHeader("Cookie", value.utf8().data()); continue; } } platformRequest.addHeader(key, value); } } // If request's cookies may be dirty, they must be set again. // If there aren't cookies in the header list, we need trying to add cookies. if (cookiesEnabled && (cookieHeaderMayBeDirty || !httpHeaderFields().contains("Cookie")) && !url().isNull()) { // Prepare a cookie header if there are cookies related to this url. String cookiePairs = cookieManager().getCookie(url(), WithHttpOnlyCookies); if (!cookiePairs.isEmpty()) platformRequest.addHeader("Cookie", cookiePairs.containsOnlyLatin1() ? cookiePairs.latin1().data() : cookiePairs.utf8().data()); } if (!httpHeaderFields().contains("Accept-Language")) platformRequest.addAcceptLanguageHeader(); } }
void ResourceRequest::initializePlatformRequest(NetworkRequest& platformRequest, bool cookiesEnabled, bool isInitial, bool isRedirect) const { // If this is the initial load, skip the request body and headers. if (isInitial) platformRequest.setRequestInitial(timeoutInterval()); else { ReadOnlyLatin1String latin1URL(url().string()); ReadOnlyLatin1String latin1HttpMethod(httpMethod()); platformRequest.setRequestUrl(latin1URL.data(), latin1URL.length(), latin1HttpMethod.data(), latin1HttpMethod.length(), platformCachePolicyForRequest(*this), platformTargetTypeForRequest(*this), timeoutInterval()); platformRequest.setConditional(isConditional()); platformRequest.setSuggestedSaveName(suggestedSaveName().utf8().data()); if (httpBody() && !httpBody()->isEmpty()) { const Vector<FormDataElement>& elements = httpBody()->elements(); // Use setData for simple forms because it is slightly more efficient. if (elements.size() == 1 && elements[0].m_type == FormDataElement::data) platformRequest.setData(elements[0].m_data.data(), elements[0].m_data.size()); else { for (unsigned i = 0; i < elements.size(); ++i) { const FormDataElement& element = elements[i]; if (element.m_type == FormDataElement::data) platformRequest.addMultipartData(element.m_data.data(), element.m_data.size()); else if (element.m_type == FormDataElement::encodedFile) platformRequest.addMultipartFilename(element.m_filename.characters(), element.m_filename.length()); #if ENABLE(BLOB) else if (element.m_type == FormDataElement::encodedBlob) { RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(KURL(ParsedURLString, element.m_url)); if (blobData) { for (size_t j = 0; j < blobData->items().size(); ++j) { const BlobDataItem& blobItem = blobData->items()[j]; if (blobItem.type == BlobDataItem::Data) platformRequest.addMultipartData(blobItem.data->data() + static_cast<int>(blobItem.offset), static_cast<int>(blobItem.length)); else { ASSERT(blobItem.type == BlobDataItem::File); platformRequest.addMultipartFilename(blobItem.path.characters(), blobItem.path.length(), blobItem.offset, blobItem.length, blobItem.expectedModificationTime); } } } } #endif else ASSERT_NOT_REACHED(); // unknown type } } } // When ResourceRequest is reused by CacheResourceLoader, page refreshing or redirection, its cookies may be dirtied. We won't use these cookies any more. bool cookieHeaderMayBeDirty = isRedirect || cachePolicy() == WebCore::ReloadIgnoringCacheData || cachePolicy() == WebCore::ReturnCacheDataElseLoad; for (HTTPHeaderMap::const_iterator it = httpHeaderFields().begin(); it != httpHeaderFields().end(); ++it) { String key = it->first; String value = it->second; if (!key.isEmpty()) { if (equalIgnoringCase(key, "Cookie")) { // We won't use the old cookies of resourceRequest for new location because these cookies may be changed by redirection. if (cookieHeaderMayBeDirty) continue; // We need to check the encoding and encode the cookie's value using latin1 or utf8 to support unicode data. if (!value.containsOnlyLatin1()) { platformRequest.addHeader("Cookie", value.utf8().data()); continue; } } ReadOnlyLatin1String latin1Key(key); ReadOnlyLatin1String latin1Value(value); platformRequest.addHeader(latin1Key.data(), latin1Key.length(), latin1Value.data(), latin1Value.length()); } } // If request's cookies may be dirty, they must be set again. // If there aren't cookies in the header list, we need trying to add cookies. if (cookiesEnabled && (cookieHeaderMayBeDirty || !httpHeaderFields().contains("Cookie")) && !url().isNull()) { // Prepare a cookie header if there are cookies related to this url. String cookiePairs = cookieManager().getCookie(url(), WithHttpOnlyCookies); if (!cookiePairs.isEmpty()) platformRequest.addHeader("Cookie", cookiePairs.containsOnlyLatin1() ? cookiePairs.latin1().data() : cookiePairs.utf8().data()); } if (!httpHeaderFields().contains("Accept-Language")) platformRequest.addAcceptLanguageHeader(); } }
void DocumentThreadableLoader::makeCrossOriginAccessRequest(const ResourceRequest& request) { ASSERT(m_options.crossOriginRequestPolicy == UseAccessControl); auto crossOriginRequest = std::make_unique<ResourceRequest>(request); updateRequestForAccessControl(*crossOriginRequest, securityOrigin(), m_options.allowCredentials()); if ((m_options.preflightPolicy == ConsiderPreflight && isSimpleCrossOriginAccessRequest(crossOriginRequest->httpMethod(), crossOriginRequest->httpHeaderFields())) || m_options.preflightPolicy == PreventPreflight) makeSimpleCrossOriginAccessRequest(*crossOriginRequest); else { m_simpleRequest = false; m_actualRequest = WTFMove(crossOriginRequest); if (CrossOriginPreflightResultCache::singleton().canSkipPreflight(securityOrigin()->toString(), m_actualRequest->url(), m_options.allowCredentials(), m_actualRequest->httpMethod(), m_actualRequest->httpHeaderFields())) preflightSuccess(); else makeCrossOriginAccessRequestWithPreflight(*m_actualRequest); } }
void ResourceRequest::initializePlatformRequest(NetworkRequest& platformRequest, bool cookiesEnabled, bool isInitial, bool isRedirect) const { // If this is the initial load, skip the request body and headers. if (isInitial) platformRequest.setRequestInitial(timeoutInterval()); else { platformRequest.setRequestUrl(url().string().utf8().data(), httpMethod().latin1().data(), platformCachePolicyForRequest(*this), platformTargetTypeForRequest(*this), timeoutInterval()); platformRequest.setConditional(isConditional()); if (httpBody() && !httpBody()->isEmpty()) { const Vector<FormDataElement>& elements = httpBody()->elements(); // Use setData for simple forms because it is slightly more efficient. if (elements.size() == 1 && elements[0].m_type == FormDataElement::data) platformRequest.setData(elements[0].m_data.data(), elements[0].m_data.size()); else { for (unsigned i = 0; i < elements.size(); ++i) { const FormDataElement& element = elements[i]; if (element.m_type == FormDataElement::data) platformRequest.addMultipartData(element.m_data.data(), element.m_data.size()); else if (element.m_type == FormDataElement::encodedFile) platformRequest.addMultipartFilename(element.m_filename.characters(), element.m_filename.length()); #if ENABLE(BLOB) else if (element.m_type == FormDataElement::encodedBlob) { RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(KURL(ParsedURLString, element.m_blobURL)); if (blobData) { for (size_t j = 0; j < blobData->items().size(); ++j) { const BlobDataItem& blobItem = blobData->items()[j]; if (blobItem.type == BlobDataItem::Data) platformRequest.addMultipartData(blobItem.data->data() + static_cast<int>(blobItem.offset), static_cast<int>(blobItem.length)); else { ASSERT(blobItem.type == BlobDataItem::File); platformRequest.addMultipartFilename(blobItem.path.characters(), blobItem.path.length(), blobItem.offset, blobItem.length, blobItem.expectedModificationTime); } } } } #endif else ASSERT_NOT_REACHED(); // unknown type } } } for (HTTPHeaderMap::const_iterator it = httpHeaderFields().begin(); it != httpHeaderFields().end(); ++it) { String key = it->first; String value = it->second; if (!key.isEmpty() && !value.isEmpty()) { // We need to check the encoding and encode the cookie's value using latin1 or utf8 to support unicode characters. if (equalIgnoringCase(key, "Cookie")) platformRequest.addHeader(key.latin1().data(), value.containsOnlyLatin1() ? value.latin1().data() : value.utf8().data()); else platformRequest.addHeader(key.latin1().data(), value.latin1().data()); } } // Redirection's response may contain new cookies, so add cookies again. // If there aren't cookies in the header list, we need trying to add cookies. if (cookiesEnabled && (isRedirect || !httpHeaderFields().contains("Cookie")) && !url().isNull()) { // Prepare a cookie header if there are cookies related to this url. String cookiePairs = cookieManager().getCookie(url(), WithHttpOnlyCookies); if (!cookiePairs.isEmpty()) platformRequest.addHeader("Cookie", cookiePairs.containsOnlyLatin1() ? cookiePairs.latin1().data() : cookiePairs.utf8().data()); } // Locale has the form "en-US". Construct accept language like "en-US, en;q=0.8". std::string locale = BlackBerry::Platform::Client::get()->getLocale(); // POSIX locale has '_' instead of '-'. // Replace to conform to HTTP spec. size_t underscore = locale.find('_'); if (underscore != std::string::npos) locale.replace(underscore, 1, "-"); std::string acceptLanguage = locale + ", " + locale.substr(0, 2) + ";q=0.8"; platformRequest.addHeader("Accept-Language", acceptLanguage.c_str()); } }