void DocumentLoader::willSendRequest(ResourceRequest& newRequest, const ResourceResponse& redirectResponse)
{
// Note that there are no asserts here as there are for the other callbacks. This is due to the
// fact that this "callback" is sent when starting every load, and the state of callback
// deferrals plays less of a part in this function in preventing the bad behavior deferring
// callbacks is meant to prevent.
ASSERT(!newRequest.isNull());
if (!frameLoader()->checkIfFormActionAllowedByCSP(newRequest.url())) {
cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
return;
}
ASSERT(timing()->fetchStart());
if (!redirectResponse.isNull()) {
// If the redirecting url is not allowed to display content from the target origin,
// then block the redirect.
RefPtr<SecurityOrigin> redirectingOrigin = SecurityOrigin::create(redirectResponse.url());
if (!redirectingOrigin->canDisplay(newRequest.url())) {
FrameLoader::reportLocalLoadFailed(m_frame, newRequest.url().string());
cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
return;
}
timing()->addRedirect(redirectResponse.url(), newRequest.url());
}
// Update cookie policy base URL as URL changes, except for subframes, which use the
// URL of the main frame which doesn't change when we redirect.
if (frameLoader()->isLoadingMainFrame())
newRequest.setFirstPartyForCookies(newRequest.url());
// If we're fielding a redirect in response to a POST, force a load from origin, since
// this is a common site technique to return to a page viewing some data that the POST
// just modified.
// Also, POST requests always load from origin, but this does not affect subresources.
if (newRequest.cachePolicy() == UseProtocolCachePolicy && isPostOrRedirectAfterPost(newRequest, redirectResponse))
newRequest.setCachePolicy(ReloadIgnoringCacheData);
Frame* top = m_frame->tree()->top();
if (top) {
if (!top->loader()->mixedContentChecker()->canDisplayInsecureContent(top->document()->securityOrigin(), newRequest.url())) {
cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
return;
}
}
setRequest(newRequest);
if (redirectResponse.isNull())
return;
frameLoader()->client()->dispatchDidReceiveServerRedirectForProvisionalLoad();
if (!shouldContinueForNavigationPolicy(newRequest))
stopLoadingForPolicyChange();
}
void MainResourceLoader::continueAfterNavigationPolicy(const ResourceRequest& request, bool shouldContinue)
{
if (!shouldContinue)
stopLoadingForPolicyChange();
else if (m_substituteData.isValid()) {
// A redirect resulted in loading substitute data.
ASSERT(documentLoader()->timing()->redirectCount());
handle()->cancel();
handleSubstituteDataLoadSoon(request);
}
deref(); // balances ref in willSendRequest
}
void MainResourceLoader::continueAfterNavigationPolicy(const ResourceRequest& request, bool shouldContinue)
{
if (!shouldContinue)
stopLoadingForPolicyChange();
else if (m_substituteData.isValid()) {
// A redirect resulted in loading substitute data.
ASSERT(documentLoader()->timing()->redirectCount());
// We need to remove our reference to the CachedResource in favor of a SubstituteData load.
// This will probably trigger the cancellation of the CachedResource's underlying ResourceLoader, though there is a
// small chance that the resource is being loaded by a different Frame, preventing the ResourceLoader from being cancelled.
// If the ResourceLoader is indeed cancelled, it would normally send resource load callbacks.
// However, from an API perspective, this isn't a cancellation. Therefore, sever our relationship with the network load via clearResource(),
// but prevent the ResourceLoader from sending ResourceLoadNotifier callbacks.
RefPtr<ResourceLoader> resourceLoader = loader();
ASSERT(resourceLoader->shouldSendResourceLoadCallbacks());
resourceLoader->setSendCallbackPolicy(DoNotSendCallbacks);
clearResource();
resourceLoader->setSendCallbackPolicy(SendCallbacks);
handleSubstituteDataLoadSoon(request);
}
deref(); // balances ref in willSendRequest
}
void MainResourceLoader::continueAfterContentPolicy(PolicyAction contentPolicy, const ResourceResponse& r)
{
KURL url = request().url();
const String& mimeType = r.mimeType();
switch (contentPolicy) {
case PolicyUse: {
// Prevent remote web archives from loading because they can claim to be from any domain and thus avoid cross-domain security checks (4120255).
bool isRemoteWebArchive = (equalIgnoringCase("application/x-webarchive", mimeType)
#if PLATFORM(GTK)
|| equalIgnoringCase("message/rfc822", mimeType)
#endif
|| equalIgnoringCase("multipart/related", mimeType))
&& !m_substituteData.isValid() && !SchemeRegistry::shouldTreatURLSchemeAsLocal(url.protocol());
if (!frameLoader()->client()->canShowMIMEType(mimeType) || isRemoteWebArchive) {
frameLoader()->policyChecker()->cannotShowMIMEType(r);
// Check reachedTerminalState since the load may have already been canceled inside of _handleUnimplementablePolicyWithErrorCode::.
if (!reachedTerminalState())
stopLoadingForPolicyChange();
return;
}
break;
}
case PolicyDownload: {
// m_handle can be null, e.g. when loading a substitute resource from application cache.
if (!m_handle) {
receivedError(cannotShowURLError());
return;
}
InspectorInstrumentation::continueWithPolicyDownload(m_frame.get(), documentLoader(), identifier(), r);
// When starting the request, we didn't know that it would result in download and not navigation. Now we know that main document URL didn't change.
// Download may use this knowledge for purposes unrelated to cookies, notably for setting file quarantine data.
ResourceRequest request = this->request();
frameLoader()->setOriginalURLForDownloadRequest(request);
frameLoader()->client()->download(m_handle.get(), request, r);
// It might have gone missing
if (frameLoader())
receivedError(interruptedForPolicyChangeError());
return;
}
case PolicyIgnore:
InspectorInstrumentation::continueWithPolicyIgnore(m_frame.get(), documentLoader(), identifier(), r);
stopLoadingForPolicyChange();
return;
default:
ASSERT_NOT_REACHED();
}
RefPtr<MainResourceLoader> protect(this);
if (r.isHTTP()) {
int status = r.httpStatusCode();
if (status < 200 || status >= 300) {
bool hostedByObject = frameLoader()->isHostedByObjectElement();
frameLoader()->handleFallbackContent();
// object elements are no longer rendered after we fallback, so don't
// keep trying to process data from their load
if (hostedByObject)
cancel();
}
}
// we may have cancelled this load as part of switching to fallback content
if (!reachedTerminalState())
ResourceLoader::didReceiveResponse(r);
if (frameLoader() && !frameLoader()->activeDocumentLoader()->isStopping()) {
if (m_substituteData.isValid()) {
if (m_substituteData.content()->size())
didReceiveData(m_substituteData.content()->data(), m_substituteData.content()->size(), m_substituteData.content()->size(), true);
if (frameLoader() && !frameLoader()->activeDocumentLoader()->isStopping())
didFinishLoading(0);
} else if (shouldLoadAsEmptyDocument(url) || frameLoader()->client()->representationExistsForURLScheme(url.protocol()))
didFinishLoading(0);
}
}
void MainResourceLoader::continueAfterContentPolicy(PolicyAction contentPolicy, const ResourceResponse& r)
{
KURL url = request().url();
const String& mimeType = r.mimeType();
switch (contentPolicy) {
case PolicyUse: {
// Prevent remote web archives from loading because they can claim to be from any domain and thus avoid cross-domain security checks (4120255).
bool isRemoteWebArchive = (equalIgnoringCase("application/x-webarchive", mimeType) || equalIgnoringCase("multipart/related", mimeType))
&& !m_substituteData.isValid() && !url.isLocalFile();
if (!frameLoader()->client()->canShowMIMEType(mimeType) || isRemoteWebArchive) {
frameLoader()->policyChecker()->cannotShowMIMEType(r);
// Check reachedTerminalState since the load may have already been cancelled inside of _handleUnimplementablePolicyWithErrorCode::.
if (!reachedTerminalState())
stopLoadingForPolicyChange();
return;
}
break;
}
case PolicyDownload:
// m_handle can be null, e.g. when loading a substitute resource from application cache.
if (!m_handle) {
receivedError(cannotShowURLError());
return;
}
frameLoader()->client()->download(m_handle.get(), request(), m_handle.get()->firstRequest(), r);
// It might have gone missing
if (frameLoader())
receivedError(interruptedForPolicyChangeError());
return;
case PolicyIgnore:
stopLoadingForPolicyChange();
return;
default:
ASSERT_NOT_REACHED();
}
RefPtr<MainResourceLoader> protect(this);
if (r.isHTTP()) {
int status = r.httpStatusCode();
if (status < 200 || status >= 300) {
bool hostedByObject = frameLoader()->isHostedByObjectElement();
frameLoader()->handleFallbackContent();
// object elements are no longer rendered after we fallback, so don't
// keep trying to process data from their load
if (hostedByObject)
cancel();
}
}
// we may have cancelled this load as part of switching to fallback content
if (!reachedTerminalState())
ResourceLoader::didReceiveResponse(r);
if (frameLoader() && !frameLoader()->isStopping()) {
if (m_substituteData.isValid()) {
if (m_substituteData.content()->size())
didReceiveData(m_substituteData.content()->data(), m_substituteData.content()->size(), m_substituteData.content()->size(), true);
if (frameLoader() && !frameLoader()->isStopping())
didFinishLoading(0);
} else if (shouldLoadAsEmptyDocument(url) || frameLoader()->client()->representationExistsForURLScheme(url.protocol()))
didFinishLoading(0);
}
}
void MainResourceLoader::continueAfterNavigationPolicy(const ResourceRequest& request, bool shouldContinue)
{
if (!shouldContinue)
stopLoadingForPolicyChange();
deref(); // balances ref in willSendRequest
}
void DocumentLoader::responseReceived(CachedResource* resource, const ResourceResponse& response)
{
ASSERT_UNUSED(resource, m_mainResource == resource);
RefPtr<DocumentLoader> protect(this);
m_applicationCacheHost->didReceiveResponseForMainResource(response);
// The memory cache doesn't understand the application cache or its caching rules. So if a main resource is served
// from the application cache, ensure we don't save the result for future use. All responses loaded
// from appcache will have a non-zero appCacheID().
if (response.appCacheID())
memoryCache()->remove(m_mainResource.get());
DEFINE_STATIC_LOCAL(AtomicString, xFrameOptionHeader, ("x-frame-options", AtomicString::ConstructFromLiteral));
HTTPHeaderMap::const_iterator it = response.httpHeaderFields().find(xFrameOptionHeader);
if (it != response.httpHeaderFields().end()) {
String content = it->value;
ASSERT(m_mainResource);
unsigned long identifier = mainResourceIdentifier();
ASSERT(identifier);
if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, response.url(), identifier)) {
InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame, this, identifier, response);
String message = "Refused to display '" + response.url().elidedString() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'.";
frame()->document()->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, message, identifier);
frame()->document()->enforceSandboxFlags(SandboxOrigin);
if (HTMLFrameOwnerElement* ownerElement = frame()->ownerElement())
ownerElement->dispatchEvent(Event::create(eventNames().loadEvent, false, false));
// The load event might have detached this frame. In that case, the load will already have been cancelled during detach.
if (frameLoader())
cancelMainResourceLoad(frameLoader()->cancelledError(m_request));
return;
}
}
ASSERT(!mainResourceLoader() || !mainResourceLoader()->defersLoading());
m_response = response;
if (isArchiveMIMEType(m_response.mimeType()) && m_mainResource->dataBufferingPolicy() != BufferData)
m_mainResource->setDataBufferingPolicy(BufferData);
if (m_identifierForLoadWithoutResourceLoader)
frameLoader()->notifier()->dispatchDidReceiveResponse(this, m_identifierForLoadWithoutResourceLoader, m_response, 0);
if (!shouldContinueForResponse()) {
InspectorInstrumentation::continueWithPolicyIgnore(m_frame, this, m_mainResource->identifier(), m_response);
stopLoadingForPolicyChange();
return;
}
if (m_response.isHTTP()) {
int status = m_response.httpStatusCode();
if (status < 200 || status >= 300) {
bool hostedByObject = frameLoader()->isHostedByObjectElement();
frameLoader()->handleFallbackContent();
// object elements are no longer rendered after we fallback, so don't
// keep trying to process data from their load
if (hostedByObject)
cancelMainResourceLoad(frameLoader()->cancelledError(m_request));
}
}
if (!isStopping() && m_substituteData.isValid()) {
if (m_substituteData.content()->size())
dataReceived(0, m_substituteData.content()->data(), m_substituteData.content()->size());
if (isLoadingMainResource())
finishedLoading(0);
}
}
