Google Git
Sign in
chromium / chromium / src / 22a064d580892d6032977eff027a25abe132cfa8 / . / third_party / WebKit / Source / core / fetch / ResourceLoaderOptions.h
blob: e88cae999679e67a25ccecba6fa5d42e24de14fe [file] [log] [blame]
/*
* Copyright (C) 2011 Google Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following disclaimer
* in the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Google Inc. nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef ResourceLoaderOptions_h
#define ResourceLoaderOptions_h
#include "core/fetch/FetchInitiatorInfo.h"
#include "core/fetch/IntegrityMetadata.h"
#include "platform/CrossThreadCopier.h"
#include "platform/weborigin/SecurityOrigin.h"
#include "wtf/Allocator.h"
namespace blink {
enum DataBufferingPolicy { BufferData, DoNotBufferData };
enum ContentSecurityPolicyDisposition {
CheckContentSecurityPolicy,
DoNotCheckContentSecurityPolicy
};
enum RequestInitiatorContext {
DocumentContext,
WorkerContext,
};
enum StoredCredentials { AllowStoredCredentials, DoNotAllowStoredCredentials };
// APIs like XMLHttpRequest and EventSource let the user decide whether to send
// credentials, but they're always sent for same-origin requests. Additional
// information is needed to handle cross-origin redirects correctly.
enum CredentialRequest {
ClientRequestedCredentials,
ClientDidNotRequestCredentials
};
enum SynchronousPolicy { RequestSynchronously, RequestAsynchronously };
// A resource fetch can be marked as being CORS enabled. The loader must perform
// an access check upon seeing the response.
enum CORSEnabled { NotCORSEnabled, IsCORSEnabled };
struct ResourceLoaderOptions {
USING_FAST_MALLOC(ResourceLoaderOptions);
public:
ResourceLoaderOptions()
: dataBufferingPolicy(BufferData),
allowCredentials(DoNotAllowStoredCredentials),
credentialsRequested(ClientDidNotRequestCredentials),
contentSecurityPolicyOption(CheckContentSecurityPolicy),
requestInitiatorContext(DocumentContext),
synchronousPolicy(RequestAsynchronously),
corsEnabled(NotCORSEnabled) {}
ResourceLoaderOptions(
DataBufferingPolicy dataBufferingPolicy,
StoredCredentials allowCredentials,
CredentialRequest credentialsRequested,
ContentSecurityPolicyDisposition contentSecurityPolicyOption,
RequestInitiatorContext requestInitiatorContext)
: dataBufferingPolicy(dataBufferingPolicy),
allowCredentials(allowCredentials),
credentialsRequested(credentialsRequested),
contentSecurityPolicyOption(contentSecurityPolicyOption),
requestInitiatorContext(requestInitiatorContext),
synchronousPolicy(RequestAsynchronously),
corsEnabled(NotCORSEnabled) {}
// Answers the question "can a separate request with these different options
// be re-used" (e.g. preload request) The safe (but possibly slow) answer is
// always false.
bool canReuseRequest(const ResourceLoaderOptions& other) const {
// dataBufferingPolicy differences are believed to be safe for re-use.
// FIXME: check allowCredentials.
// FIXME: check credentialsRequested.
// FIXME: check contentSecurityPolicyOption.
// initiatorInfo is purely informational and should be benign for re-use.
// requestInitiatorContext is benign (indicates document vs. worker)
// synchronousPolicy (safe to re-use an async XHR response for sync, etc.)
return corsEnabled == other.corsEnabled;
// securityOrigin has more complicated checks which callers are responsible
// for.
}
// When adding members, CrossThreadResourceLoaderOptionsData should be
// updated.
DataBufferingPolicy dataBufferingPolicy;
// Whether HTTP credentials and cookies are sent with the request.
StoredCredentials allowCredentials;
// Whether the client (e.g. XHR) wanted credentials in the first place.
CredentialRequest credentialsRequested;
ContentSecurityPolicyDisposition contentSecurityPolicyOption;
FetchInitiatorInfo initiatorInfo;
RequestInitiatorContext requestInitiatorContext;
SynchronousPolicy synchronousPolicy;
// If the resource is loaded out-of-origin, whether or not to use CORS.
CORSEnabled corsEnabled;
RefPtr<SecurityOrigin> securityOrigin;
String contentSecurityPolicyNonce;
IntegrityMetadataSet integrityMetadata;
};
// Encode AtomicString (in FetchInitiatorInfo) as String to cross threads.
struct CrossThreadResourceLoaderOptionsData {
DISALLOW_NEW();
explicit CrossThreadResourceLoaderOptionsData(
const ResourceLoaderOptions& options)
: dataBufferingPolicy(options.dataBufferingPolicy),
allowCredentials(options.allowCredentials),
credentialsRequested(options.credentialsRequested),
contentSecurityPolicyOption(options.contentSecurityPolicyOption),
initiatorInfo(options.initiatorInfo),
requestInitiatorContext(options.requestInitiatorContext),
synchronousPolicy(options.synchronousPolicy),
corsEnabled(options.corsEnabled),
securityOrigin(options.securityOrigin
? options.securityOrigin->isolatedCopy()
: nullptr),
contentSecurityPolicyNonce(options.contentSecurityPolicyNonce),
integrityMetadata(options.integrityMetadata) {}
operator ResourceLoaderOptions() const {
ResourceLoaderOptions options;
options.dataBufferingPolicy = dataBufferingPolicy;
options.allowCredentials = allowCredentials;
options.credentialsRequested = credentialsRequested;
options.contentSecurityPolicyOption = contentSecurityPolicyOption;
options.initiatorInfo = initiatorInfo;
options.requestInitiatorContext = requestInitiatorContext;
options.synchronousPolicy = synchronousPolicy;
options.corsEnabled = corsEnabled;
options.securityOrigin = securityOrigin;
options.contentSecurityPolicyNonce = contentSecurityPolicyNonce;
options.integrityMetadata = integrityMetadata;
return options;
}
DataBufferingPolicy dataBufferingPolicy;
StoredCredentials allowCredentials;
CredentialRequest credentialsRequested;
ContentSecurityPolicyDisposition contentSecurityPolicyOption;
CrossThreadFetchInitiatorInfoData initiatorInfo;
RequestInitiatorContext requestInitiatorContext;
SynchronousPolicy synchronousPolicy;
CORSEnabled corsEnabled;
RefPtr<SecurityOrigin> securityOrigin;
String contentSecurityPolicyNonce;
IntegrityMetadataSet integrityMetadata;
};
template <>
struct CrossThreadCopier<ResourceLoaderOptions> {
using Type = CrossThreadResourceLoaderOptionsData;
static Type copy(const ResourceLoaderOptions& options) {
return CrossThreadResourceLoaderOptionsData(options);
}
};
} // namespace blink
#endif // ResourceLoaderOptions_h