void MainResourceLoader::didReceiveResponse(const ResourceResponse& r)
{
if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForMainResponse(request(), r))
return;
HTTPHeaderMap::const_iterator it = r.httpHeaderFields().find(AtomicString("x-frame-options"));
if (it != r.httpHeaderFields().end()) {
String content = it->value;
if (m_frame->loader()->shouldInterruptLoadForXFrameOptions(content, r.url())) {
InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame.get(), documentLoader(), identifier(), r);
DEFINE_STATIC_LOCAL(String, consoleMessage, (ASCIILiteral("Refused to display document because display forbidden by X-Frame-Options.\n")));
m_frame->document()->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, consoleMessage);
cancel();
return;
}
}
// There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
// See <rdar://problem/6304600> for more details.
#if !USE(CF)
ASSERT(shouldLoadAsEmptyDocument(r.url()) || !defersLoading());
#endif
if (m_loadingMultipartContent) {
m_documentLoader->setupForReplace();
clearResourceData();
}
if (r.isMultipart())
m_loadingMultipartContent = true;
// The additional processing can do anything including possibly removing the last
// reference to this object; one example of this is 3266216.
RefPtr<MainResourceLoader> protect(this);
m_documentLoader->setResponse(r);
m_response = r;
ASSERT(!m_waitingForContentPolicy);
m_waitingForContentPolicy = true;
ref(); // balanced by deref in continueAfterContentPolicy and didCancel
ASSERT(frameLoader()->activeDocumentLoader());
// Always show content with valid substitute data.
if (frameLoader()->activeDocumentLoader()->substituteData().isValid()) {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#if ENABLE(FTPDIR)
// Respect the hidden FTP Directory Listing pref so it can be tested even if the policy delegate might otherwise disallow it
Settings* settings = m_frame->settings();
if (settings && settings->forceFTPDirectoryListings() && m_response.mimeType() == "application/x-ftp-directory") {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#endif
#if PLATFORM(MAC) && !PLATFORM(IOS) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 1080
if (r.url().protocolIs("https") && wkFilterIsManagedSession())
m_filter = wkFilterCreateInstance(r.nsURLResponse());
#endif
frameLoader()->policyChecker()->checkContentPolicy(m_response, callContinueAfterContentPolicy, this);
}
void MainResourceLoader::didReceiveResponse(const ResourceResponse& r)
{
#if ENABLE(OFFLINE_WEB_APPLICATIONS)
if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForMainResponse(request(), r))
return;
#endif
HTTPHeaderMap::const_iterator it = r.httpHeaderFields().find(AtomicString("x-frame-options"));
if (it != r.httpHeaderFields().end()) {
String content = it->second;
if (m_frame->loader()->shouldInterruptLoadForXFrameOptions(content, r.url())) {
cancel();
return;
}
}
// There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
// See <rdar://problem/6304600> for more details.
#if !PLATFORM(CF)
ASSERT(shouldLoadAsEmptyDocument(r.url()) || !defersLoading());
#endif
#if PLATFORM(QT)
if (r.mimeType() == "application/octet-stream")
substituteMIMETypeFromPluginDatabase(r);
#endif
if (m_loadingMultipartContent) {
frameLoader()->setupForReplaceByMIMEType(r.mimeType());
clearResourceData();
}
if (r.isMultipart())
m_loadingMultipartContent = true;
// The additional processing can do anything including possibly removing the last
// reference to this object; one example of this is 3266216.
RefPtr<MainResourceLoader> protect(this);
m_documentLoader->setResponse(r);
m_response = r;
ASSERT(!m_waitingForContentPolicy);
m_waitingForContentPolicy = true;
ref(); // balanced by deref in continueAfterContentPolicy and didCancel
ASSERT(frameLoader()->activeDocumentLoader());
// Always show content with valid substitute data.
if (frameLoader()->activeDocumentLoader()->substituteData().isValid()) {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#if ENABLE(FTPDIR)
// Respect the hidden FTP Directory Listing pref so it can be tested even if the policy delegate might otherwise disallow it
Settings* settings = m_frame->settings();
if (settings && settings->forceFTPDirectoryListings() && m_response.mimeType() == "application/x-ftp-directory") {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#endif
frameLoader()->policyChecker()->checkContentPolicy(m_response.mimeType(), callContinueAfterContentPolicy, this);
}
void MainResourceLoader::responseReceived(CachedResource* resource, const ResourceResponse& r)
{
ASSERT_UNUSED(resource, m_resource == resource);
bool willLoadFallback = documentLoader()->applicationCacheHost()->maybeLoadFallbackForMainResponse(request(), r);
// The memory cache doesn't understand the application cache or its caching rules. So if a main resource is served
// from the application cache, ensure we don't save the result for future use.
bool shouldRemoveResourceFromCache = willLoadFallback;
#if PLATFORM(CHROMIUM)
// chromium's ApplicationCacheHost implementation always returns true for maybeLoadFallbackForMainResponse(). However, all responses loaded
// from appcache will have a non-zero appCacheID().
if (r.appCacheID())
shouldRemoveResourceFromCache = true;
#endif
if (shouldRemoveResourceFromCache)
memoryCache()->remove(m_resource.get());
if (willLoadFallback)
return;
DEFINE_STATIC_LOCAL(AtomicString, xFrameOptionHeader, ("x-frame-options", AtomicString::ConstructFromLiteral));
HTTPHeaderMap::const_iterator it = r.httpHeaderFields().find(xFrameOptionHeader);
if (it != r.httpHeaderFields().end()) {
String content = it->value;
if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, r.url(), identifier())) {
InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_documentLoader->frame(), documentLoader(), identifier(), r);
String message = "Refused to display '" + r.url().string() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'.";
m_documentLoader->frame()->document()->addConsoleMessage(JSMessageSource, ErrorMessageLevel, message, identifier());
cancel();
return;
}
}
// There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
// See <rdar://problem/6304600> for more details.
#if !USE(CF)
ASSERT(!defersLoading());
#endif
if (m_loadingMultipartContent) {
m_documentLoader->setupForReplace();
m_resource->clear();
}
if (r.isMultipart())
m_loadingMultipartContent = true;
// The additional processing can do anything including possibly removing the last
// reference to this object; one example of this is 3266216.
RefPtr<MainResourceLoader> protect(this);
m_documentLoader->setResponse(r);
m_response = r;
if (!loader())
frameLoader()->notifier()->dispatchDidReceiveResponse(documentLoader(), identifier(), m_response, 0);
ASSERT(!m_waitingForContentPolicy);
m_waitingForContentPolicy = true;
ref(); // balanced by deref in continueAfterContentPolicy and cancel
// Always show content with valid substitute data.
if (m_documentLoader->substituteData().isValid()) {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#if ENABLE(FTPDIR)
// Respect the hidden FTP Directory Listing pref so it can be tested even if the policy delegate might otherwise disallow it
Settings* settings = m_documentLoader->frame()->settings();
if (settings && settings->forceFTPDirectoryListings() && m_response.mimeType() == "application/x-ftp-directory") {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#endif
#if USE(CONTENT_FILTERING)
if (r.url().protocolIs("https") && ContentFilter::isEnabled())
m_contentFilter = ContentFilter::create(r);
#endif
frameLoader()->policyChecker()->checkContentPolicy(m_response, callContinueAfterContentPolicy, this);
}
void MainResourceLoader::didReceiveResponse(const ResourceResponse& r)
{
#if ENABLE(OFFLINE_WEB_APPLICATIONS)
if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForMainResponse(request(), r))
return;
#endif
HTTPHeaderMap::const_iterator it = r.httpHeaderFields().find(AtomicString("x-frame-options"));
if (it != r.httpHeaderFields().end()) {
String content = it->second;
if (m_frame->loader()->shouldInterruptLoadForXFrameOptions(content, r.url())) {
InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame.get(), documentLoader(), identifier(), r);
DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to display document because display forbidden by X-Frame-Options.\n"));
m_frame->domWindow()->console()->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, consoleMessage, 1, String());
cancel();
return;
}
}
// There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
// See <rdar://problem/6304600> for more details.
#if !USE(CF)
ASSERT(shouldLoadAsEmptyDocument(r.url()) || !defersLoading());
#endif
#if PLATFORM(QT)
if (r.mimeType() == "application/octet-stream")
substituteMIMETypeFromPluginDatabase(r);
#endif
if (m_loadingMultipartContent) {
frameLoader()->setupForReplaceByMIMEType(r.mimeType());
clearResourceData();
}
if (r.isMultipart())
m_loadingMultipartContent = true;
// The additional processing can do anything including possibly removing the last
// reference to this object; one example of this is 3266216.
RefPtr<MainResourceLoader> protect(this);
// There are so many Web-Servers that don't follow xhtml standard (parse error on xhtml). But ChinaTelecom requests NOT to display parse error screen.
// For both mimetype ( "application/xhtml+xml" and "application/vnd.wap.xhtml+xml mime" ), parse document as "text/html"
m_documentLoader->setResponse(r);
m_response = r;
ASSERT(!m_waitingForContentPolicy);
m_waitingForContentPolicy = true;
ref(); // balanced by deref in continueAfterContentPolicy and didCancel
ASSERT(frameLoader()->activeDocumentLoader());
// Always show content with valid substitute data.
if (frameLoader()->activeDocumentLoader()->substituteData().isValid()) {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#if ENABLE(FTPDIR)
// Respect the hidden FTP Directory Listing pref so it can be tested even if the policy delegate might otherwise disallow it
Settings* settings = m_frame->settings();
if (settings && settings->forceFTPDirectoryListings() && m_response.mimeType() == "application/x-ftp-directory") {
callContinueAfterContentPolicy(this, PolicyUse);
return;
}
#endif
frameLoader()->policyChecker()->checkContentPolicy(m_response, callContinueAfterContentPolicy, this);
}
