Changeset 230681 in webkit
- Timestamp:
- Apr 16, 2018 2:50:26 PM (6 years ago)
- Location:
- trunk
- Files:
-
- 6 added
- 29 edited
- 12 copied
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r230668 r230681 1 2018-04-16 Youenn Fablet <youenn@apple.com> 2 3 Use NetworkLoadChecker to handle synchronous HTTP loads 4 https://bugs.webkit.org/show_bug.cgi?id=184240 5 6 Reviewed by Chris Dumez. 7 8 * http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: 9 * http/wpt/beacon/cors/cors-preflight-blob-failure.html: Fix buggy assertion. 10 Test should check for actual request header and not header name in Access-Control-Request-Headers. 11 * http/wpt/beacon/cors/cors-preflight-blob-success.html: Ditto. 12 * platform/mac-wk1/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: Added. 13 * platform/mac-wk1/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: Added. 14 * platform/mac-wk1/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added. 15 * platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt: Added. 16 * platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: Added. 17 * platform/win/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: Added. 18 * platform/win/http/tests/xmlhttprequest/cross-origin-no-authorization-expected.txt: Added. 19 * platform/mac-highsierra-wk2/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt. 20 * platform/mac-highsierra-wk2/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt. 21 * platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt. 22 * platform/mac-wk1/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt. 23 * platform/mac-wk1/imported/w3c/web-platform-tests/cors/request-headers-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/cors/request-headers-expected.txt. 24 * platform/win/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt: 25 * platform/win/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt: 26 * platform/win/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt. 27 * platform/win/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt. 28 * platform/win/imported/w3c/web-platform-tests/cors/request-headers-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/cors/request-headers-expected.txt. 29 1 30 2018-04-16 Per Arne Vollan <pvollan@apple.com> 2 31 -
trunk/LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-expected.txt
r219663 r230681 1 1 CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. 2 2 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. 3 CONSOLE MESSAGE: line 25: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.4 3 CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin. 5 4 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/resources/redirect.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi due to access control checks. -
trunk/LayoutTests/http/tests/xmlhttprequest/access-control-preflight-not-successful-expected.txt
r219663 r230681 1 CONSOLE MESSAGE: line 26: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&access-control-allow-headers=x-webkit&access-control-allow-origin=*&url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.2 1 CONSOLE MESSAGE: line 26: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&access-control-allow-headers=x-webkit&access-control-allow-origin=*&url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi. Preflight response is not successful 3 2 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&access-control-allow-headers=x-webkit&access-control-allow-origin=*&url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi. Preflight response is not successful … … 8 7 Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&access-control-allow-headers=x-webkit&access-control-allow-origin=*&url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi (sync) 9 8 Expecting success: true 10 FAIL: NetworkError: A network error occurred. 9 PASS: PASS: Cross-domain access allowed. 10 11 11 Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&access-control-allow-headers=x-webkit&access-control-allow-origin=*&url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi(async) 12 12 Expecting success: true -
trunk/LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-failure.html
r220497 r230681 40 40 let requested_headers = result['preflight_requested_headers'].toLowerCase() 41 41 assert_true(requested_headers.includes("content-type"), "Content-Type header is requested") 42 assert_ true(requested_headers.includes("referer"), "Referer header is requested")43 assert_ true(requested_headers.includes("origin"), "Origin header is requested")42 assert_false(requested_headers.includes("referer"), "Referer header is requested") 43 assert_false(requested_headers.includes("origin"), "Origin header is requested") 44 44 assert_equals(result['beacon'], 0, "Did not receive beacon") 45 45 }); -
trunk/LayoutTests/http/wpt/beacon/cors/cors-preflight-blob-success.html
r220497 r230681 37 37 assert_equals(result['preflight'], 1, "Received preflight") 38 38 assert_equals(result['preflight_referer'], document.URL, "Preflight referer header") 39 assert_equals(result['preflight_origin'], 'http://localhost:8800', "Preflight origin header") 39 40 assert_equals(result['preflight_requested_method'], "POST", "Preflight requested method") 40 41 let requested_headers = result['preflight_requested_headers'].toLowerCase() 41 42 assert_true(requested_headers.includes("content-type"), "Content-Type header is requested") 42 assert_ true(requested_headers.includes("referer"), "Referer header is requested")43 assert_ true(requested_headers.includes("origin"), "Origin header is requested")43 assert_false(requested_headers.includes("referer"), "Referer header is requested") 44 assert_false(requested_headers.includes("origin"), "Origin header is requested") 44 45 assert_equals(result['beacon'], 1, "Received beacon") 45 46 }); -
trunk/LayoutTests/imported/w3c/ChangeLog
r230667 r230681 1 2018-04-16 Youenn Fablet <youenn@apple.com> 2 3 Use NetworkLoadChecker to handle synchronous HTTP loads 4 https://bugs.webkit.org/show_bug.cgi?id=184240 5 6 Reviewed by Chris Dumez. 7 8 * web-platform-tests/cors/request-headers-expected.txt: 9 * web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt: 10 * web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt: 11 * web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt: 12 1 13 2018-04-16 Antoine Quint <graouts@apple.com> 2 14 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/access-control-and-redirects-expected.txt
r222307 r230681 1 CONSOLE MESSAGE: line 15: XMLHttpRequest cannot load http://127.0.0.1:8800/XMLHttpRequest/resources/redirect-cors.py?location=http://127.0.0.1:8800/XMLHttpRequest/resources/access-control-basic-allow.py&allow_origin=true. Cross-origin redirection denied by Cross-Origin Resource Sharing policy.2 1 3 2 FAIL Local sync redirect to remote origin A network error occurred. 4 3 PASS Local async redirect to remote origin 5 FAIL Remote sync redirect to local origin A network error occurred. 4 PASS Remote sync redirect to local origin 6 5 PASS Remote async redirect to local origin 7 FAIL Remote sync redirect to same remote origin A network error occurred. 6 PASS Remote sync redirect to same remote origin 8 7 PASS Remote async redirect to same remote origin 9 8 -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-basic-setrequestheader-expected.txt
r215164 r230681 1 1 Blocked access to external URL http://www1.localhost:8800/XMLHttpRequest/resources/auth2/corsenabled.py 2 CONSOLE MESSAGE: line 26: XMLHttpRequest cannot load http://www1.localhost:8800/XMLHttpRequest/resources/auth2/corsenabled.py due to access control checks.3 2 4 3 FAIL XMLHttpRequest: send() - "Basic" authenticated CORS request using setRequestHeader() (expects to succeed) A network error occurred. -
trunk/LayoutTests/imported/w3c/web-platform-tests/XMLHttpRequest/send-authentication-cors-setrequestheader-no-cred-expected.txt
r204117 r230681 1 1 Blocked access to external URL http://www1.localhost:8800/XMLHttpRequest/resources/auth7/corsenabled.py 2 CONSOLE MESSAGE: line 33: XMLHttpRequest cannot load http://www1.localhost:8800/XMLHttpRequest/resources/auth7/corsenabled.py due to access control checks.3 2 Blocked access to external URL http://www1.localhost:8800/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py 4 CONSOLE MESSAGE: line 33: XMLHttpRequest cannot load http://www1.localhost:8800/XMLHttpRequest/resources/auth8/corsenabled-no-authorize.py due to access control checks.5 3 6 4 FAIL CORS request with setRequestHeader auth to URL accepting Authorization header assert_true: responseText should contain the right user and password expected true got false -
trunk/LayoutTests/imported/w3c/web-platform-tests/cors/request-headers-expected.txt
r220731 r230681 1 1 Blocked access to external URL http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print 2 CONSOLE MESSAGE: line 22: XMLHttpRequest cannot load http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print due to access control checks.3 2 Blocked access to external URL http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print, 4 CONSOLE MESSAGE: line 36: XMLHttpRequest cannot load http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print, due to access control checks.5 3 Blocked access to external URL http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print 6 CONSOLE MESSAGE: line 51: XMLHttpRequest cannot load http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=x-print due to access control checks.7 4 Blocked access to external URL http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=,y-lol,x-PriNT,%20,,,Y-PRINT 8 CONSOLE MESSAGE: line 59: XMLHttpRequest cannot load http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=,y-lol,x-PriNT,%20,,,Y-PRINT due to access control checks.9 5 Blocked access to external URL http://www1.localhost:8800/cors/resources/cors-makeheader.py?headers=,y-lol,x-PriNT,%20,,,Y-PRINT 10 6 Request headers -
trunk/Source/WebCore/ChangeLog
r230679 r230681 1 2018-04-16 Youenn Fablet <youenn@apple.com> 2 3 Use NetworkLoadChecker to handle synchronous HTTP loads 4 https://bugs.webkit.org/show_bug.cgi?id=184240 5 6 Reviewed by Chris Dumez. 7 8 Update LoaderStrategy::loadResourceSynchronously to pass FetchOptions directly. 9 Update various call sites accordingly. This allows NetworkProcess to do all necessary checks. 10 Add an option to disable security checks if NetworkProcess does it for WebProcess. 11 This option will be also used for regular asynchronous loads in future patches. 12 13 Update DocumentThreadableLoader to bypass preflighting and response validation checks in case they are done in NetworkProcess. 14 15 Covered by existing and rebased tests. 16 17 * loader/CrossOriginPreflightChecker.cpp: 18 (WebCore::CrossOriginPreflightChecker::doPreflight): 19 * loader/DocumentThreadableLoader.cpp: 20 (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): 21 (WebCore::DocumentThreadableLoader::loadRequest): 22 * loader/FrameLoader.cpp: 23 (WebCore::FrameLoader::loadResourceSynchronously): 24 * loader/FrameLoader.h: 25 * loader/LoaderStrategy.h: 26 * xml/XSLTProcessorLibxslt.cpp: 27 (WebCore::docLoaderFunc): 28 * xml/parser/XMLDocumentParserLibxml2.cpp: 29 (WebCore::openFunc): 30 1 31 2018-04-16 Christopher Reid <chris.reid@sony.com> 2 32 -
trunk/Source/WebCore/loader/CrossOriginPreflightChecker.cpp
r228241 r230681 131 131 RefPtr<SharedBuffer> data; 132 132 133 unsigned identifier = loader.document().frame()->loader().loadResourceSynchronously(preflightRequest, StoredCredentialsPolicy::DoNotUse, ClientCredentialPolicy::CannotAskClientForCredentials, error, response, data);133 unsigned identifier = loader.document().frame()->loader().loadResourceSynchronously(preflightRequest, ClientCredentialPolicy::CannotAskClientForCredentials, FetchOptions { }, { }, error, response, data); 134 134 135 135 if (!error.isNull()) { -
trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp
r229907 r230681 45 45 #include "InspectorInstrumentation.h" 46 46 #include "LoadTiming.h" 47 #include "LoaderStrategy.h" 47 48 #include "Performance.h" 48 49 #include "ProgressTracker.h" … … 107 108 ASSERT(m_async || m_referrer.isEmpty()); 108 109 110 // No need to do preflight if the network stack will do it for us. 111 if (!m_async && platformStrategies()->loaderStrategy()->isDoingLoadingSecurityChecks()) 112 m_options.preflightPolicy = PreventPreflight; 113 109 114 // Referrer and Origin headers should be set after the preflight if any. 110 115 ASSERT(!request.hasHTTPReferrer() && !request.hasHTTPOrigin()); … … 117 122 118 123 // Copy headers if we need to replay the request after a redirection. 119 if ( m_async &&m_options.mode == FetchOptions::Mode::Cors)124 if (!m_async || m_options.mode == FetchOptions::Mode::Cors) 120 125 m_originalHeaders = request.httpHeaderFields(); 121 126 … … 510 515 if (!frameLoader.mixedContentChecker().canRunInsecureContent(m_document.securityOrigin(), requestURL)) 511 516 return; 512 identifier = frameLoader.loadResourceSynchronously(request, m_options. storedCredentialsPolicy, m_options.clientCredentialPolicy, error, response, data);517 identifier = frameLoader.loadResourceSynchronously(request, m_options.clientCredentialPolicy, m_options, *m_originalHeaders, error, response, data); 513 518 } 514 519 … … 527 532 } 528 533 529 // FIXME: FrameLoader::loadSynchronously() does not tell us whether a redirect happened or not, so we guess by comparing the 530 // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was 531 // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials. 532 bool didRedirect = requestURL != response.url(); 533 if (didRedirect) { 534 if (!isAllowedByContentSecurityPolicy(response.url(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) { 535 reportContentSecurityPolicyError(requestURL); 536 return; 537 } 538 if (!isAllowedRedirect(response.url())) { 539 reportCrossOriginResourceSharingError(requestURL); 540 return; 541 } 542 } 543 544 if (!m_sameOriginRequest) { 545 if (m_options.mode == FetchOptions::Mode::NoCors) 546 response.setTainting(ResourceResponse::Tainting::Opaque); 547 else { 548 ASSERT(m_options.mode == FetchOptions::Mode::Cors); 549 response.setTainting(ResourceResponse::Tainting::Cors); 550 String accessControlErrorDescription; 551 if (!passesAccessControlCheck(response, m_options.storedCredentialsPolicy, securityOrigin(), accessControlErrorDescription)) { 552 logErrorAndFail(ResourceError(errorDomainWebKitInternal, 0, response.url(), accessControlErrorDescription, ResourceError::Type::AccessControl)); 534 if (!platformStrategies()->loaderStrategy()->isDoingLoadingSecurityChecks()) { 535 // FIXME: FrameLoader::loadSynchronously() does not tell us whether a redirect happened or not, so we guess by comparing the 536 // request and response URLs. This isn't a perfect test though, since a server can serve a redirect to the same URL that was 537 // requested. Also comparing the request and response URLs as strings will fail if the requestURL still has its credentials. 538 bool didRedirect = requestURL != response.url(); 539 if (didRedirect) { 540 if (!isAllowedByContentSecurityPolicy(response.url(), ContentSecurityPolicy::RedirectResponseReceived::Yes)) { 541 reportContentSecurityPolicyError(requestURL); 553 542 return; 543 } 544 if (!isAllowedRedirect(response.url())) { 545 reportCrossOriginResourceSharingError(requestURL); 546 return; 547 } 548 } 549 550 if (!m_sameOriginRequest) { 551 if (m_options.mode == FetchOptions::Mode::NoCors) 552 response.setTainting(ResourceResponse::Tainting::Opaque); 553 else { 554 ASSERT(m_options.mode == FetchOptions::Mode::Cors); 555 response.setTainting(ResourceResponse::Tainting::Cors); 556 String accessControlErrorDescription; 557 if (!passesAccessControlCheck(response, m_options.storedCredentialsPolicy, securityOrigin(), accessControlErrorDescription)) { 558 logErrorAndFail(ResourceError(errorDomainWebKitInternal, 0, response.url(), accessControlErrorDescription, ResourceError::Type::AccessControl)); 559 return; 560 } 554 561 } 555 562 } -
trunk/Source/WebCore/loader/FrameLoader.cpp
r230676 r230681 2836 2836 } 2837 2837 2838 unsigned long FrameLoader::loadResourceSynchronously(const ResourceRequest& request, StoredCredentialsPolicy storedCredentialsPolicy, ClientCredentialPolicy clientCredentialPolicy, ResourceError& error, ResourceResponse& response, RefPtr<SharedBuffer>& data)2838 unsigned long FrameLoader::loadResourceSynchronously(const ResourceRequest& request, ClientCredentialPolicy clientCredentialPolicy, const FetchOptions& options, const HTTPHeaderMap& originalRequestHeaders, ResourceError& error, ResourceResponse& response, RefPtr<SharedBuffer>& data) 2839 2839 { 2840 2840 ASSERT(m_frame.document()); … … 2880 2880 if (!documentLoader()->applicationCacheHost().maybeLoadSynchronously(newRequest, error, response, data)) { 2881 2881 Vector<char> buffer; 2882 platformStrategies()->loaderStrategy()->loadResourceSynchronously(*this, identifier, newRequest, storedCredentialsPolicy, clientCredentialPolicy, error, response, buffer);2882 platformStrategies()->loaderStrategy()->loadResourceSynchronously(*this, identifier, newRequest, clientCredentialPolicy, options, originalRequestHeaders, error, response, buffer); 2883 2883 data = SharedBuffer::create(WTFMove(buffer)); 2884 2884 documentLoader()->applicationCacheHost().maybeLoadFallbackSynchronously(newRequest, error, response, data); -
trunk/Source/WebCore/loader/FrameLoader.h
r230458 r230681 119 119 WEBCORE_EXPORT void loadArchive(Ref<Archive>&&); 120 120 #endif 121 unsigned long loadResourceSynchronously(const ResourceRequest&, StoredCredentialsPolicy, ClientCredentialPolicy, ResourceError&, ResourceResponse&, RefPtr<SharedBuffer>& data);121 unsigned long loadResourceSynchronously(const ResourceRequest&, ClientCredentialPolicy, const FetchOptions&, const HTTPHeaderMap&, ResourceError&, ResourceResponse&, RefPtr<SharedBuffer>& data); 122 122 123 123 void changeLocation(FrameLoadRequest&&); -
trunk/Source/WebCore/loader/LoaderStrategy.h
r230007 r230681 26 26 #pragma once 27 27 28 #include "FetchOptions.h" 28 29 #include "ResourceLoadPriority.h" 29 30 #include "ResourceLoaderOptions.h" … … 56 57 public: 57 58 virtual void loadResource(Frame&, CachedResource&, ResourceRequest&&, const ResourceLoaderOptions&, CompletionHandler<void(RefPtr<SubresourceLoader>&&)>&&) = 0; 58 virtual void loadResourceSynchronously(FrameLoader&, unsigned long identifier, const ResourceRequest&, StoredCredentialsPolicy, ClientCredentialPolicy, ResourceError&, ResourceResponse&, Vector<char>& data) = 0;59 virtual void loadResourceSynchronously(FrameLoader&, unsigned long identifier, const ResourceRequest&, ClientCredentialPolicy, const FetchOptions&, const HTTPHeaderMap&, ResourceError&, ResourceResponse&, Vector<char>& data) = 0; 59 60 60 61 virtual void remove(ResourceLoader*) = 0; … … 79 80 virtual void addOnlineStateChangeListener(WTF::Function<void(bool)>&&) = 0; 80 81 82 virtual bool isDoingLoadingSecurityChecks() const { return false; } 83 81 84 protected: 82 85 virtual ~LoaderStrategy(); -
trunk/Source/WebCore/xml/XSLTProcessorLibxslt.cpp
r223476 r230681 112 112 bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin().canRequest(url); 113 113 if (requestAllowed) { 114 globalCachedResourceLoader->frame()->loader().loadResourceSynchronously(url, StoredCredentialsPolicy::Use, ClientCredentialPolicy::MayAskClientForCredentials, error, response, data); 114 FetchOptions options; 115 options.mode = FetchOptions::Mode::SameOrigin; 116 options.credentials = FetchOptions::Credentials::Include; 117 globalCachedResourceLoader->frame()->loader().loadResourceSynchronously(url, ClientCredentialPolicy::MayAskClientForCredentials, options, { }, error, response, data); 115 118 if (error.isNull()) 116 119 requestAllowed = globalCachedResourceLoader->document()->securityOrigin().canRequest(response.url()); -
trunk/Source/WebCore/xml/parser/XMLDocumentParserLibxml2.cpp
r225731 r230681 449 449 // FIXME: We should restore the original global error handler as well. 450 450 451 if (cachedResourceLoader->frame()) 452 cachedResourceLoader->frame()->loader().loadResourceSynchronously(url, StoredCredentialsPolicy::Use, ClientCredentialPolicy::MayAskClientForCredentials, error, response, data); 451 if (cachedResourceLoader->frame()) { 452 FetchOptions options; 453 options.mode = FetchOptions::Mode::SameOrigin; 454 options.credentials = FetchOptions::Credentials::Include; 455 cachedResourceLoader->frame()->loader().loadResourceSynchronously(url, ClientCredentialPolicy::MayAskClientForCredentials, options, { }, error, response, data); 456 } 453 457 } 454 458 -
trunk/Source/WebKit/ChangeLog
r230675 r230681 1 2018-04-16 Youenn Fablet <youenn@apple.com> 2 3 Use NetworkLoadChecker to handle synchronous HTTP loads 4 https://bugs.webkit.org/show_bug.cgi?id=184240 5 6 Reviewed by Chris Dumez. 7 8 For every NetworkResourceLoader synchronous load, we create a NetworkLoadChecker. 9 NetworkLoadChecker handles all security checks in that case. 10 This allows supporting cross-origin loads for synchronous XHR. 11 12 Updated NetworkCORSPreflightChecker to return the result as a ResourceError. 13 This is used to convey any error message from NetworkProcess to the JS console. 14 Ensure NetworkCORSPreflightChecker computes correctly Access-Control-Request-Headers value 15 by providing the headers set by the application plus Referrer/Origin. 16 17 * NetworkProcess/NetworkCORSPreflightChecker.cpp: 18 (WebKit::NetworkCORSPreflightChecker::~NetworkCORSPreflightChecker): 19 (WebKit::NetworkCORSPreflightChecker::willPerformHTTPRedirection): 20 (WebKit::NetworkCORSPreflightChecker::didReceiveChallenge): 21 (WebKit::NetworkCORSPreflightChecker::didCompleteWithError): 22 (WebKit::NetworkCORSPreflightChecker::wasBlocked): 23 (WebKit::NetworkCORSPreflightChecker::cannotShowURL): 24 * NetworkProcess/NetworkLoadChecker.cpp: 25 (WebKit::NetworkLoadChecker::checkCORSRequestWithPreflight): 26 * NetworkProcess/NetworkResourceLoader.cpp: 27 (WebKit::NetworkResourceLoader::NetworkResourceLoader): 28 (WebKit::NetworkResourceLoader::retrieveCacheEntry): 29 (WebKit::NetworkResourceLoader::didReceiveResponse): 30 (WebKit::NetworkResourceLoader::willSendRedirectedRequest): 31 (WebKit::NetworkResourceLoader::continueWillSendRequest): 32 (WebKit::NetworkResourceLoader::didRetrieveCacheEntry): 33 (WebKit::NetworkResourceLoader::validateCacheEntry): 34 * NetworkProcess/NetworkResourceLoader.h: 35 * WebProcess/Network/WebLoaderStrategy.cpp: 36 (WebKit::WebLoaderStrategy::loadResourceSynchronously): 37 * WebProcess/Network/WebLoaderStrategy.h: 38 1 39 2018-04-16 Brian Burg <bburg@apple.com> 2 40 -
trunk/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.cpp
r230014 r230681 54 54 } 55 55 if (m_completionCallback) 56 m_completionCallback(Res ult::Canceled);56 m_completionCallback(ResourceError { ResourceError::Type::Cancellation }); 57 57 } 58 58 … … 63 63 NetworkLoadParameters loadParameters; 64 64 loadParameters.sessionID = m_parameters.sessionID; 65 loadParameters.request = createAccessControlPreflightRequest(m_parameters.originalRequest, m_parameters.sourceOrigin, m_parameters. originalRequest.httpReferrer());65 loadParameters.request = createAccessControlPreflightRequest(m_parameters.originalRequest, m_parameters.sourceOrigin, m_parameters.referrer); 66 66 loadParameters.shouldFollowRedirects = false; 67 67 if (auto* networkSession = SessionTracker::networkSession(loadParameters.sessionID)) { … … 72 72 } 73 73 74 void NetworkCORSPreflightChecker::willPerformHTTPRedirection(WebCore::ResourceResponse&& , WebCore::ResourceRequest&&, RedirectCompletionHandler&& completionHandler)74 void NetworkCORSPreflightChecker::willPerformHTTPRedirection(WebCore::ResourceResponse&& response, WebCore::ResourceRequest&&, RedirectCompletionHandler&& completionHandler) 75 75 { 76 76 RELEASE_LOG_IF_ALLOWED("willPerformHTTPRedirection"); 77 77 completionHandler({ }); 78 m_completionCallback(Res ult::Failure);78 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), ASCIILiteral("Preflight response is not successful"), ResourceError::Type::AccessControl }); 79 79 } 80 80 … … 83 83 RELEASE_LOG_IF_ALLOWED("didReceiveChallenge"); 84 84 completionHandler(AuthenticationChallengeDisposition::Cancel, { }); 85 m_completionCallback(Res ult::Failure);85 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), ASCIILiteral("Preflight response is not successful"), ResourceError::Type::AccessControl }); 86 86 } 87 87 … … 102 102 if (!error.isNull()) { 103 103 RELEASE_LOG_IF_ALLOWED("didCompleteWithError"); 104 m_completionCallback(Res ult::Failure);104 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), ASCIILiteral("Preflight response is not successful"), ResourceError::Type::AccessControl }); 105 105 return; 106 106 } … … 111 111 if (!validatePreflightResponse(m_parameters.originalRequest, m_response, m_parameters.storedCredentialsPolicy, m_parameters.sourceOrigin, errorDescription)) { 112 112 RELEASE_LOG_IF_ALLOWED("didComplete, AccessControl error: %s", errorDescription.utf8().data()); 113 m_completionCallback(Res ult::Failure);113 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), errorDescription, ResourceError::Type::AccessControl }); 114 114 return; 115 115 } 116 m_completionCallback(Res ult::Success);116 m_completionCallback(ResourceError { }); 117 117 } 118 118 … … 124 124 { 125 125 RELEASE_LOG_IF_ALLOWED("wasBlocked"); 126 m_completionCallback(Res ult::Failure);126 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), ASCIILiteral("Preflight request was blocked"), ResourceError::Type::AccessControl }); 127 127 } 128 128 … … 130 130 { 131 131 RELEASE_LOG_IF_ALLOWED("cannotShowURL"); 132 m_completionCallback(Res ult::Failure);132 m_completionCallback(ResourceError { errorDomainWebKitInternal, 0, m_parameters.originalRequest.url(), ASCIILiteral("Preflight response was blocked"), ResourceError::Type::AccessControl }); 133 133 } 134 134 -
trunk/Source/WebKit/NetworkProcess/NetworkCORSPreflightChecker.h
r230014 r230681 34 34 35 35 namespace WebCore { 36 class ResourceError; 36 37 class SecurityOrigin; 37 38 } … … 45 46 WebCore::ResourceRequest originalRequest; 46 47 Ref<WebCore::SecurityOrigin> sourceOrigin; 48 String referrer; 47 49 PAL::SessionID sessionID; 48 50 WebCore::StoredCredentialsPolicy storedCredentialsPolicy; 49 51 }; 50 enum class Result { Success, Failure, Canceled }; 51 using CompletionCallback = CompletionHandler<void(Result)>; 52 using CompletionCallback = CompletionHandler<void(WebCore::ResourceError&&)>; 52 53 53 54 NetworkCORSPreflightChecker(Parameters&&, CompletionCallback&&); -
trunk/Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp
r230541 r230681 239 239 } 240 240 241 auto requestForPreflight = request; 242 // We need to set header fields to m_originalRequestHeaders to correctly compute Access-Control-Request-Headers header value. 243 requestForPreflight.setHTTPHeaderFields(m_originalRequestHeaders); 241 244 NetworkCORSPreflightChecker::Parameters parameters = { 242 WTFMove(request ),245 WTFMove(requestForPreflight), 243 246 *m_origin, 247 request.httpReferrer(), 244 248 m_sessionID, 245 249 m_storedCredentialsPolicy 246 250 }; 247 m_corsPreflightChecker = std::make_unique<NetworkCORSPreflightChecker>(WTFMove(parameters), [this, handler = WTFMove(handler)](auto result) { 248 if (result == NetworkCORSPreflightChecker::Result::Canceled) { 249 handler(makeUnexpected(ResourceError { String { }, 0, m_url, String { }, ResourceError::Type::Cancellation })); 251 m_corsPreflightChecker = std::make_unique<NetworkCORSPreflightChecker>(WTFMove(parameters), [this, request = WTFMove(request), handler = WTFMove(handler)](auto&& error) mutable { 252 if (error.isCancellation()) 253 return; 254 255 RELEASE_LOG_IF_ALLOWED("checkCORSRequestWithPreflight - makeCrossOriginAccessRequestWithPreflight preflight complete, success: %d forRedirect? %d", error.isNull(), isRedirected()); 256 257 if (!error.isNull()) { 258 handler(makeUnexpected(WTFMove(error))); 250 259 return; 251 260 } 252 261 253 RELEASE_LOG_IF_ALLOWED("checkCORSRequestWithPreflight - makeCrossOriginAccessRequestWithPreflight preflight complete, success: %d forRedirect? %d", result == NetworkCORSPreflightChecker::Result::Success, isRedirected());254 255 262 auto corsPreflightChecker = WTFMove(m_corsPreflightChecker); 256 if (result == NetworkCORSPreflightChecker::Result::Failure) {257 handler(this->returnError("Load cannot proceed due to preflight failure"));258 return;259 }260 auto request = corsPreflightChecker->originalRequest();261 263 updateRequestForAccessControl(request, *m_origin, m_storedCredentialsPolicy); 262 264 handler(WTFMove(request)); -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
r230541 r230681 33 33 #include "NetworkConnectionToWebProcess.h" 34 34 #include "NetworkLoad.h" 35 #include "NetworkLoadChecker.h" 35 36 #include "NetworkProcess.h" 36 37 #include "NetworkProcessConnectionMessages.h" … … 107 108 } 108 109 109 if (synchronousReply) 110 if (synchronousReply) { 111 m_networkLoadChecker = NetworkLoadChecker::create(FetchOptions { m_parameters.options }, m_parameters.sessionID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef()); 110 112 m_synchronousLoadData = std::make_unique<SynchronousLoadData>(WTFMove(synchronousReply)); 113 } 111 114 } 112 115 … … 162 165 m_wasStarted = true; 163 166 167 if (m_networkLoadChecker) { 168 m_networkLoadChecker->check(ResourceRequest { originalRequest() }, [this] (auto&& result) { 169 if (!result.has_value()) { 170 if (!result.error().isCancellation()) 171 this->didFailLoading(result.error()); 172 return; 173 } 174 if (this->canUseCache(this->originalRequest())) { 175 RELEASE_LOG_IF_ALLOWED("start: Checking cache for resource (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ", isMainResource = %d, isSynchronous = %d)", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier, this->isMainResource(), this->isSynchronous()); 176 this->retrieveCacheEntry(this->originalRequest()); 177 return; 178 } 179 180 this->startNetworkLoad(WTFMove(result.value())); 181 }); 182 return; 183 } 184 // FIXME: Remove that code path once m_networkLoadChecker is used for all network loads. 164 185 if (canUseCache(originalRequest())) { 165 186 RELEASE_LOG_IF_ALLOWED("start: Checking cache for resource (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ", isMainResource = %d, isSynchronous = %d)", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier, isMainResource(), isSynchronous()); … … 223 244 NetworkLoadParameters parameters = m_parameters; 224 245 parameters.defersLoading = m_defersLoading; 246 if (m_networkLoadChecker) 247 parameters.storedCredentialsPolicy = m_networkLoadChecker->storedCredentialsPolicy(); 225 248 226 249 if (request.url().protocolIsBlob()) … … 313 336 { 314 337 RELEASE_LOG_IF_ALLOWED("didReceiveResponse: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ", httpStatusCode = %d, length = %" PRId64 ")", m_parameters.webPageID, m_parameters.webFrameID, m_parameters.identifier, receivedResponse.httpStatusCode(), receivedResponse.expectedContentLength()); 338 339 if (isSynchronous()) { 340 auto error = m_networkLoadChecker->validateResponse(receivedResponse); 341 if (!error.isNull()) { 342 m_synchronousLoadData->error = WTFMove(error); 343 sendReplyToSynchronousRequest(*m_synchronousLoadData, nullptr); 344 cleanup(); 345 return ShouldContinueDidReceiveResponse::No; 346 } 347 } 315 348 316 349 m_response = WTFMove(receivedResponse); … … 446 479 447 480 if (isSynchronous()) { 448 ResourceRequest overridenRequest = redirectRequest; 449 // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests. 450 // This includes at least updating host records, and comparing the current request instead of the original request here. 451 if (!protocolHostAndPortAreEqual(originalRequest().url(), redirectRequest.url())) { 452 ASSERT(m_synchronousLoadData->error.isNull()); 453 m_synchronousLoadData->error = SynchronousLoaderClient::platformBadResponseError(); 454 m_networkLoad->clearCurrentRequest(); 455 overridenRequest = ResourceRequest(); 456 } 457 // We do not support prompting for credentials for synchronous loads. If we ever change this policy then 458 // we need to take care to prompt if and only if request and redirectRequest are not mixed content. 459 continueWillSendRequest(WTFMove(overridenRequest), false); 481 m_networkLoadChecker->checkRedirection(redirectResponse, WTFMove(redirectRequest), [protectedThis = makeRef(*this), this, storedCredentialsPolicy = m_networkLoadChecker->storedCredentialsPolicy()](auto&& result) { 482 if (!result.has_value()) { 483 m_synchronousLoadData->error = SynchronousLoaderClient::platformBadResponseError(); 484 m_networkLoad->clearCurrentRequest(); 485 this->continueWillSendRequest(ResourceRequest { }, false); 486 return; 487 } 488 489 // FIXME: We need to handle SameOrigin credentials properly, for now we bail out. 490 if (storedCredentialsPolicy != m_networkLoadChecker->storedCredentialsPolicy()) { 491 m_synchronousLoadData->error = SynchronousLoaderClient::platformBadResponseError(); 492 m_networkLoad->clearCurrentRequest(); 493 this->continueWillSendRequest(ResourceRequest { }, false); 494 return; 495 } 496 497 // We do not support prompting for credentials for synchronous loads. If we ever change this policy then 498 // we need to take care to prompt if and only if request and redirectRequest are not mixed content. 499 this->continueWillSendRequest(WTFMove(result.value()), false); 500 }); 460 501 return; 461 502 } … … 580 621 void NetworkResourceLoader::didRetrieveCacheEntry(std::unique_ptr<NetworkCache::Entry> entry) 581 622 { 582 auto response = sanitizeResponseIfPossible(ResourceResponse { entry->response() }, ResourceResponse::SanitizationType::CrossOriginSafe);583 623 if (isSynchronous()) { 584 m_synchronousLoadData->response = WTFMove(response); 624 auto response = entry->response(); 625 auto error = m_networkLoadChecker->validateResponse(response); 626 if (!error.isNull()) { 627 m_synchronousLoadData->error = WTFMove(error); 628 m_synchronousLoadData->response = { }; 629 sendReplyToSynchronousRequest(*m_synchronousLoadData, nullptr); 630 cleanup(); 631 return; 632 } 633 634 m_synchronousLoadData->response = sanitizeResponseIfPossible(WTFMove(response), ResourceResponse::SanitizationType::CrossOriginSafe); 585 635 sendReplyToSynchronousRequest(*m_synchronousLoadData, entry->buffer()); 586 636 cleanup(); … … 588 638 } 589 639 640 auto response = sanitizeResponseIfPossible(ResourceResponse { entry->response() }, ResourceResponse::SanitizationType::CrossOriginSafe); 590 641 bool needsContinueDidReceiveResponseMessage = isMainResource(); 591 642 send(Messages::WebResourceLoader::DidReceiveResponse { response, needsContinueDidReceiveResponseMessage }); -
trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.h
r230528 r230681 46 46 class NetworkConnectionToWebProcess; 47 47 class NetworkLoad; 48 class NetworkLoadChecker; 48 49 class SandboxExtension; 49 50 … … 180 181 bool m_isWaitingContinueWillSendRequestForCachedRedirect { false }; 181 182 std::unique_ptr<NetworkCache::Entry> m_cacheEntryWaitingForContinueDidReceiveResponse; 183 RefPtr<NetworkLoadChecker> m_networkLoadChecker; 182 184 }; 183 185 -
trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
r230541 r230681 416 416 } 417 417 418 void WebLoaderStrategy::loadResourceSynchronously(FrameLoader& frameLoader, unsigned long resourceLoadIdentifier, const ResourceRequest& request, StoredCredentialsPolicy storedCredentialsPolicy, ClientCredentialPolicy clientCredentialPolicy, ResourceError& error, ResourceResponse& response, Vector<char>& data) 419 { 418 void WebLoaderStrategy::loadResourceSynchronously(FrameLoader& frameLoader, unsigned long resourceLoadIdentifier, const ResourceRequest& request, ClientCredentialPolicy clientCredentialPolicy, const FetchOptions& options, const HTTPHeaderMap& originalRequestHeaders, ResourceError& error, ResourceResponse& response, Vector<char>& data) 419 { 420 auto* document = frameLoader.frame().document(); 421 if (!document) { 422 error = internalError(request.url()); 423 return; 424 } 425 420 426 WebFrameLoaderClient* webFrameLoaderClient = toWebFrameLoaderClient(frameLoader.client()); 421 427 WebFrame* webFrame = webFrameLoaderClient ? webFrameLoaderClient->webFrame() : nullptr; … … 430 436 loadParameters.contentSniffingPolicy = SniffContent; 431 437 loadParameters.contentEncodingSniffingPolicy = ContentEncodingSniffingPolicy::Sniff; 432 loadParameters.storedCredentialsPolicy = storedCredentialsPolicy;438 loadParameters.storedCredentialsPolicy = options.credentials == FetchOptions::Credentials::Omit ? StoredCredentialsPolicy::DoNotUse : StoredCredentialsPolicy::Use; 433 439 loadParameters.clientCredentialPolicy = clientCredentialPolicy; 434 440 loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = shouldClearReferrerOnHTTPSToHTTPRedirect(webFrame ? webFrame->coreFrame() : nullptr); 435 441 loadParameters.shouldRestrictHTTPResponseAccess = RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess(); 436 // FIXME: Use the proper destination once all fetch options are passed. 437 loadParameters.options.destination = FetchOptions::Destination::EmptyString; 442 443 loadParameters.options = options; 444 loadParameters.sourceOrigin = &document->securityOrigin(); 445 if (!document->shouldBypassMainWorldContentSecurityPolicy()) { 446 if (auto* contentSecurityPolicy = document->contentSecurityPolicy()) 447 loadParameters.cspResponseHeaders = contentSecurityPolicy->responseHeaders(); 448 } 449 loadParameters.originalRequestHeaders = originalRequestHeaders; 438 450 439 451 data.shrink(0); -
trunk/Source/WebKit/WebProcess/Network/WebLoaderStrategy.h
r230007 r230681 49 49 50 50 void loadResource(WebCore::Frame&, WebCore::CachedResource&, WebCore::ResourceRequest&&, const WebCore::ResourceLoaderOptions&, CompletionHandler<void(RefPtr<WebCore::SubresourceLoader>&&)>&&) final; 51 void loadResourceSynchronously(WebCore::FrameLoader&, unsigned long resourceLoadIdentifier, const WebCore::ResourceRequest&, WebCore:: StoredCredentialsPolicy, WebCore::ClientCredentialPolicy, WebCore::ResourceError&, WebCore::ResourceResponse&, Vector<char>& data) final;51 void loadResourceSynchronously(WebCore::FrameLoader&, unsigned long resourceLoadIdentifier, const WebCore::ResourceRequest&, WebCore::ClientCredentialPolicy, const WebCore::FetchOptions&, const WebCore::HTTPHeaderMap&, WebCore::ResourceError&, WebCore::ResourceResponse&, Vector<char>& data) final; 52 52 53 53 void remove(WebCore::ResourceLoader*) final; … … 84 84 void setOnLineState(bool); 85 85 86 bool isDoingLoadingSecurityChecks() const final { return true; } 87 86 88 private: 87 89 void scheduleLoad(WebCore::ResourceLoader&, WebCore::CachedResource*, bool shouldClearReferrerOnHTTPSToHTTPRedirect); -
trunk/Source/WebKitLegacy/ChangeLog
r230279 r230681 1 2018-04-16 Youenn Fablet <youenn@apple.com> 2 3 Use NetworkLoadChecker to handle synchronous HTTP loads 4 https://bugs.webkit.org/show_bug.cgi?id=184240 5 6 Reviewed by Chris Dumez. 7 8 * WebCoreSupport/WebResourceLoadScheduler.cpp: 9 (WebResourceLoadScheduler::loadResourceSynchronously): 10 * WebCoreSupport/WebResourceLoadScheduler.h: 11 1 12 2018-04-04 Alex Christensen <achristensen@webkit.org> 2 13 -
trunk/Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp
r230279 r230681 107 107 } 108 108 109 void WebResourceLoadScheduler::loadResourceSynchronously(FrameLoader& frameLoader, unsigned long, const ResourceRequest& request, StoredCredentialsPolicy storedCredentialsPolicy, ClientCredentialPolicy, ResourceError& error, ResourceResponse& response, Vector<char>& data)110 { 111 ResourceHandle::loadResourceSynchronously(frameLoader.networkingContext(), request, storedCredentialsPolicy, error, response, data);109 void WebResourceLoadScheduler::loadResourceSynchronously(FrameLoader& frameLoader, unsigned long, const ResourceRequest& request, ClientCredentialPolicy, const FetchOptions& options, const HTTPHeaderMap&, ResourceError& error, ResourceResponse& response, Vector<char>& data) 110 { 111 ResourceHandle::loadResourceSynchronously(frameLoader.networkingContext(), request, options.credentials == FetchOptions::Credentials::Omit ? StoredCredentialsPolicy::DoNotUse : StoredCredentialsPolicy::Use, error, response, data); 112 112 } 113 113 -
trunk/Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.h
r230007 r230681 51 51 52 52 void loadResource(WebCore::Frame&, WebCore::CachedResource&, WebCore::ResourceRequest&&, const WebCore::ResourceLoaderOptions&, CompletionHandler<void(RefPtr<WebCore::SubresourceLoader>&&)>&&) final; 53 void loadResourceSynchronously(WebCore::FrameLoader&, unsigned long, const WebCore::ResourceRequest&, WebCore:: StoredCredentialsPolicy, WebCore::ClientCredentialPolicy, WebCore::ResourceError&, WebCore::ResourceResponse&, Vector<char>&) final;53 void loadResourceSynchronously(WebCore::FrameLoader&, unsigned long, const WebCore::ResourceRequest&, WebCore::ClientCredentialPolicy, const WebCore::FetchOptions&, const WebCore::HTTPHeaderMap&, WebCore::ResourceError&, WebCore::ResourceResponse&, Vector<char>&) final; 54 54 void remove(WebCore::ResourceLoader*) final; 55 55 void setDefersLoading(WebCore::ResourceLoader*, bool) final;
Note: See TracChangeset
for help on using the changeset viewer.