Changeset 202811 in webkit


Ignore:
Timestamp:
Jul 4, 2016 11:36:30 AM (8 years ago)
Author:
commit-queue@webkit.org
Message:

Remove RequestOriginPolicy from ResourceLoaderOptions
https://bugs.webkit.org/show_bug.cgi?id=159406

Patch by Youenn Fablet <youenn@apple.com> on 2016-07-04
Reviewed by Sam Weinig.

Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
cors/UseDefaultOriginRestrictionsForType as per fetch specification.

No change of behavior.

  • css/CSSImageSetValue.cpp:

(WebCore::CSSImageSetValue::cachedImageSet):

  • css/CSSImageValue.cpp:

(WebCore::CSSImageValue::cachedImage):

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::startLoadingMainResource):

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResourceLoader::requestResource):

  • loader/NetscapePlugInStreamLoader.cpp:

(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):

  • loader/ResourceLoaderOptions.h:

(WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
(WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
(WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.

  • loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::init):
(WebCore::SubresourceLoader::willSendRequestInternal):

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
(WebCore::CachedResourceLoader::canRequest):
(WebCore::CachedResourceLoader::defaultCachedResourceOptions):

  • loader/cache/CachedResourceRequest.cpp:

(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):

  • loader/icon/IconLoader.cpp:

(WebCore::IconLoader::startLoading):

  • platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:

(WebCore::WebCoreAVCFResourceLoader::startLoading):

  • platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:

(WebCore::WebCoreAVFResourceLoader::startLoading):

  • style/StylePendingResources.cpp:

(WebCore::Style::loadPendingImage):

Location:
trunk/Source/WebCore
Files:
14 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebCore/ChangeLog

    r202810 r202811  
     12016-07-04  Youenn Fablet  <youenn@apple.com>
     2
     3        Remove RequestOriginPolicy from ResourceLoaderOptions
     4        https://bugs.webkit.org/show_bug.cgi?id=159406
     5
     6        Reviewed by Sam Weinig.
     7
     8        Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
     9        The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
     10        UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
     11        cors/UseDefaultOriginRestrictionsForType as per fetch specification.
     12
     13        No change of behavior.
     14
     15        * css/CSSImageSetValue.cpp:
     16        (WebCore::CSSImageSetValue::cachedImageSet):
     17        * css/CSSImageValue.cpp:
     18        (WebCore::CSSImageValue::cachedImage):
     19        * loader/DocumentLoader.cpp:
     20        (WebCore::DocumentLoader::startLoadingMainResource):
     21        * loader/MediaResourceLoader.cpp:
     22        (WebCore::MediaResourceLoader::requestResource):
     23        * loader/NetscapePlugInStreamLoader.cpp:
     24        (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):
     25        * loader/ResourceLoaderOptions.h:
     26        (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
     27        (WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
     28        (WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.
     29        * loader/SubresourceLoader.cpp:
     30        (WebCore::SubresourceLoader::init):
     31        (WebCore::SubresourceLoader::willSendRequestInternal):
     32        * loader/cache/CachedResourceLoader.cpp:
     33        (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
     34        (WebCore::CachedResourceLoader::canRequest):
     35        (WebCore::CachedResourceLoader::defaultCachedResourceOptions):
     36        * loader/cache/CachedResourceRequest.cpp:
     37        (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
     38        * loader/icon/IconLoader.cpp:
     39        (WebCore::IconLoader::startLoading):
     40        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
     41        (WebCore::WebCoreAVCFResourceLoader::startLoading):
     42        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
     43        (WebCore::WebCoreAVFResourceLoader::startLoading):
     44        * style/StylePendingResources.cpp:
     45        (WebCore::Style::loadPendingImage):
     46
    1472016-07-04  Youenn Fablet  <youenn@apple.com>
    248

  • trunk/Source/WebCore/css/CSSImageSetValue.cpp

    r202765 r202811  
    119119        CachedResourceRequest request(ResourceRequest(document->completeURL(image.imageURL)), options);
    120120        request.setInitiator(cachedResourceRequestInitiators().css);
    121         if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
     121        if (options.mode == FetchOptions::Mode::Cors) {
    122122            ASSERT(document->securityOrigin());
    123123            updateRequestForAccessControl(request.mutableResourceRequest(), *document->securityOrigin(), options.allowCredentials());

  • trunk/Source/WebCore/css/CSSImageValue.cpp

    r202674 r202811  
    8383            request.setInitiator(m_initiatorName);
    8484
    85         if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
     85        if (options.mode == FetchOptions::Mode::Cors) {
    8686            ASSERT(loader.document()->securityOrigin());
    8787            updateRequestForAccessControl(request.mutableResourceRequest(), *loader.document()->securityOrigin(), options.allowCredentials());

  • trunk/Source/WebCore/loader/DocumentLoader.cpp

    r202105 r202811  
    15111511    request.makeUnconditional();
    15121512
    1513     static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
     1513    static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
    15141514    CachedResourceRequest cachedResourceRequest(request, mainResourceLoadOptions);
    15151515    cachedResourceRequest.setInitiator(*this);

  • trunk/Source/WebCore/loader/MediaResourceLoader.cpp

    r202674 r202811  
    6464
    6565    DataBufferingPolicy bufferingPolicy = options & LoadOption::BufferData ? WebCore::BufferData : WebCore::DoNotBufferData;
    66     RequestOriginPolicy corsPolicy = !m_crossOriginMode.isNull() ? PotentiallyCrossOriginEnabled : UseDefaultOriginRestrictionsForType;
     66    FetchOptions::Mode corsPolicy = !m_crossOriginMode.isNull() ? FetchOptions::Mode::Cors : FetchOptions::Mode::NoCors;
    6767    auto cachingPolicy = options & LoadOption::DisallowCaching ? CachingPolicy::DisallowCaching : CachingPolicy::AllowCaching;
    6868    StoredCredentials allowCredentials = m_crossOriginMode.isNull() || equalLettersIgnoringASCIICase(m_crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
     
    7373    // FIXME: Workaround for <rdar://problem/26071607>. We are not able to do CORS checking on 304 responses because they
    7474    // are usually missing the headers we need.
    75     if (corsPolicy == PotentiallyCrossOriginEnabled)
     75    if (corsPolicy == FetchOptions::Mode::Cors)
    7676        updatedRequest.makeUnconditional();
    7777#endif

  • trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp

    r201761 r202811  
    4444// See <https://bugs.webkit.org/show_bug.cgi?id=146663>.
    4545NetscapePlugInStreamLoader::NetscapePlugInStreamLoader(Frame& frame, NetscapePlugInStreamLoaderClient& client)
    46     : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
     46    : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
    4747    , m_client(&client)
    4848{

  • trunk/Source/WebCore/loader/ResourceLoaderOptions.h

    r202741 r202811  
    5656};
    5757
    58 enum RequestOriginPolicy {
    59     UseDefaultOriginRestrictionsForType,
    60     RestrictToSameOrigin,
    61     PotentiallyCrossOriginEnabled // Indicates "potentially CORS-enabled fetch" in HTML standard.
    62 };
    63 
    6458enum CertificateInfoPolicy {
    6559    IncludeCertificateInfo,
     
    9185        , m_credentialRequest(ClientDidNotRequestCredentials)
    9286        , m_securityCheck(DoSecurityCheck)
    93         , m_requestOriginPolicy(UseDefaultOriginRestrictionsForType)
    9487        , m_certificateInfoPolicy(DoNotIncludeCertificateInfo)
    9588    {
    9689    }
    9790
    98     ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, RequestOriginPolicy requestOriginPolicy, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
     91    ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, FetchOptions::Mode mode, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
    9992        : m_sendLoadCallbacks(sendLoadCallbacks)
    10093        , m_sniffContent(sniffContent)
     
    10497        , m_credentialRequest(credentialRequest)
    10598        , m_securityCheck(securityCheck)
    106         , m_requestOriginPolicy(requestOriginPolicy)
    10799        , m_certificateInfoPolicy(certificateInfoPolicy)
    108100        , m_contentSecurityPolicyImposition(contentSecurityPolicyImposition)
     
    110102        , m_cachingPolicy(cachingPolicy)
    111103    {
     104        this->mode = mode;
    112105    }
    113106
     
    126119    SecurityCheckPolicy securityCheck() const { return static_cast<SecurityCheckPolicy>(m_securityCheck); }
    127120    void setSecurityCheck(SecurityCheckPolicy check) { m_securityCheck = check; }
    128     RequestOriginPolicy requestOriginPolicy() const { return static_cast<RequestOriginPolicy>(m_requestOriginPolicy); }
    129     void setRequestOriginPolicy(RequestOriginPolicy policy) { m_requestOriginPolicy = policy; }
    130121    CertificateInfoPolicy certificateInfoPolicy() const { return static_cast<CertificateInfoPolicy>(m_certificateInfoPolicy); }
    131122    void setCertificateInfoPolicy(CertificateInfoPolicy policy) { m_certificateInfoPolicy = policy; }
     
    144135    unsigned m_credentialRequest: 1; // Whether the client (e.g. XHR) wanted credentials in the first place.
    145136    unsigned m_securityCheck : 1;
    146     unsigned m_requestOriginPolicy : 2;
    147137    unsigned m_certificateInfoPolicy : 1; // Whether the response should include certificate info.
    148138    ContentSecurityPolicyImposition m_contentSecurityPolicyImposition { ContentSecurityPolicyImposition::DoPolicyCheck };

  • trunk/Source/WebCore/loader/SubresourceLoader.cpp

    r202741 r202811  
    151151    // FIXME: https://bugs.webkit.org/show_bug.cgi?id=155633.
    152152    // SubresourceLoader could use the document origin as a default and set PotentiallyCrossOriginEnabled requests accordingly.
    153     // This would simplify resource loader users as they would only need to set the policy to PotentiallyCrossOriginEnabled.
    154     if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled)
     153    // This would simplify resource loader users as they would only need to set fetch mode to Cors.
     154    if (options().mode == FetchOptions::Mode::Cors)
    155155        m_origin = SecurityOrigin::createFromString(request.httpOrigin());
    156156
     
    203203        }
    204204
    205         if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
     205        if (options().mode == FetchOptions::Mode::Cors && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
    206206            cancel();
    207207            return;

  • trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp

    r201805 r202811  
    242242    // FIXME: loadResource calls setOwningCachedResourceLoader() if the resource couldn't be added to cache. Does this function need to call it, too?
    243243
    244     userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
     244    userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
    245245   
    246246    return userSheet;
     
    412412    case CachedResource::TextTrackResource:
    413413#endif
    414         if (options.requestOriginPolicy() == RestrictToSameOrigin && !m_document->securityOrigin()->canRequest(url)) {
     414        if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url)) {
    415415            printAccessDeniedMessage(url);
    416416            return false;
     
    11911191const ResourceLoaderOptions& CachedResourceLoader::defaultCachedResourceOptions()
    11921192{
    1193     static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
     1193    static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
    11941194    return options;
    11951195}

  • trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp

    r202674 r202811  
    9696void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Document& document)
    9797{
     98    ASSERT(m_options.mode == FetchOptions::Mode::NoCors);
    9899    if (mode.isNull())
    99100        return;
    100     m_options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
     101    m_options.mode = FetchOptions::Mode::Cors;
    101102    m_options.setAllowCredentials(equalLettersIgnoringASCIICase(mode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials);
    102103

  • trunk/Source/WebCore/loader/icon/IconLoader.cpp

    r195770 r202811  
    6060
    6161    // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
    62     CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
     62    CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
    6363
    6464    request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);

  • trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp

    r202590 r202811  
    7272
    7373    // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
    74     CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
     74    CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
    7575
    7676    request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);

  • trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm

    r202590 r202811  
    7070    // FIXME: Skip Content Security Policy check if the element that inititated this request
    7171    // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
    72     CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
     72    CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
    7373    request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
    7474    if (auto* loader = m_parent->player()->cachedResourceLoader())

  • trunk/Source/WebCore/style/StylePendingResources.cpp

    r202656 r202811  
    5353    // FIXME: Why does shape-outside have different policy than other properties?
    5454    if (loadPolicy == LoadPolicy::ShapeOutside) {
    55         options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
     55        options.mode = FetchOptions::Mode::Cors;
    5656        options.setAllowCredentials(DoNotAllowStoredCredentials);
    5757    }
Note: See TracChangeset for help on using the changeset viewer.