Remove CachedResource::passesSameOriginPolicyCheck
[WebKit-https.git] / Source / WebCore / loader / cache / CachedResource.cpp
1 /*
2     Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de)
3     Copyright (C) 2001 Dirk Mueller (mueller@kde.org)
4     Copyright (C) 2002 Waldo Bastian (bastian@kde.org)
5     Copyright (C) 2006 Samuel Weinig (sam.weinig@gmail.com)
6     Copyright (C) 2004-2011, 2014 Apple Inc. All rights reserved.
7
8     This library is free software; you can redistribute it and/or
9     modify it under the terms of the GNU Library General Public
10     License as published by the Free Software Foundation; either
11     version 2 of the License, or (at your option) any later version.
12
13     This library is distributed in the hope that it will be useful,
14     but WITHOUT ANY WARRANTY; without even the implied warranty of
15     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16     Library General Public License for more details.
17
18     You should have received a copy of the GNU Library General Public License
19     along with this library; see the file COPYING.LIB.  If not, write to
20     the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
21     Boston, MA 02110-1301, USA.
22 */
23
24 #include "config.h"
25 #include "CachedResource.h"
26
27 #include "CachedResourceClient.h"
28 #include "CachedResourceClientWalker.h"
29 #include "CachedResourceHandle.h"
30 #include "CachedResourceLoader.h"
31 #include "CrossOriginAccessControl.h"
32 #include "DiagnosticLoggingClient.h"
33 #include "DiagnosticLoggingKeys.h"
34 #include "Document.h"
35 #include "DocumentLoader.h"
36 #include "FrameLoader.h"
37 #include "FrameLoaderClient.h"
38 #include "HTTPHeaderNames.h"
39 #include "InspectorInstrumentation.h"
40 #include "URL.h"
41 #include "LoaderStrategy.h"
42 #include "Logging.h"
43 #include "MainFrame.h"
44 #include "MemoryCache.h"
45 #include "Page.h"
46 #include "PlatformStrategies.h"
47 #include "ResourceHandle.h"
48 #include "SchemeRegistry.h"
49 #include "SecurityOrigin.h"
50 #include "SecurityPolicy.h"
51 #include "SubresourceLoader.h"
52 #include <wtf/CurrentTime.h>
53 #include <wtf/MathExtras.h>
54 #include <wtf/RefCountedLeakCounter.h>
55 #include <wtf/StdLibExtras.h>
56 #include <wtf/text/CString.h>
57 #include <wtf/Vector.h>
58
59 #if USE(QUICK_LOOK)
60 #include "QuickLook.h"
61 #endif
62
63 using namespace WTF;
64
65 #define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(cachedResourceLoader.isAlwaysOnLoggingAllowed(), Network, "%p - CachedResource::" fmt, this, ##__VA_ARGS__)
66
67 namespace WebCore {
68
69 ResourceLoadPriority CachedResource::defaultPriorityForResourceType(Type type)
70 {
71     switch (type) {
72     case CachedResource::MainResource:
73         return ResourceLoadPriority::VeryHigh;
74     case CachedResource::CSSStyleSheet:
75         return ResourceLoadPriority::High;
76     case CachedResource::Script:
77 #if ENABLE(SVG_FONTS)
78     case CachedResource::SVGFontResource:
79 #endif
80     case CachedResource::MediaResource:
81     case CachedResource::FontResource:
82     case CachedResource::RawResource:
83         return ResourceLoadPriority::Medium;
84     case CachedResource::ImageResource:
85         return ResourceLoadPriority::Low;
86 #if ENABLE(XSLT)
87     case CachedResource::XSLStyleSheet:
88         return ResourceLoadPriority::High;
89 #endif
90     case CachedResource::SVGDocumentResource:
91         return ResourceLoadPriority::Low;
92 #if ENABLE(LINK_PREFETCH)
93     case CachedResource::LinkPrefetch:
94         return ResourceLoadPriority::VeryLow;
95     case CachedResource::LinkSubresource:
96         return ResourceLoadPriority::VeryLow;
97 #endif
98 #if ENABLE(VIDEO_TRACK)
99     case CachedResource::TextTrackResource:
100         return ResourceLoadPriority::Low;
101 #endif
102     }
103     ASSERT_NOT_REACHED();
104     return ResourceLoadPriority::Low;
105 }
106
107 static std::chrono::milliseconds deadDecodedDataDeletionIntervalForResourceType(CachedResource::Type type)
108 {
109     if (type == CachedResource::Script)
110         return std::chrono::milliseconds { 0 };
111
112     return MemoryCache::singleton().deadDecodedDataDeletionInterval();
113 }
114
115 DEFINE_DEBUG_ONLY_GLOBAL(RefCountedLeakCounter, cachedResourceLeakCounter, ("CachedResource"));
116
117 CachedResource::CachedResource(CachedResourceRequest&& request, Type type, SessionID sessionID)
118     : m_resourceRequest(request.releaseResourceRequest())
119     , m_options(request.options())
120     , m_decodedDataDeletionTimer(*this, &CachedResource::destroyDecodedData, deadDecodedDataDeletionIntervalForResourceType(type))
121     , m_sessionID(sessionID)
122     , m_loadPriority(defaultPriorityForResourceType(type))
123     , m_responseTimestamp(std::chrono::system_clock::now())
124     , m_fragmentIdentifierForRequest(request.releaseFragmentIdentifier())
125     , m_origin(request.releaseOrigin())
126     , m_type(type)
127 {
128     ASSERT(sessionID.isValid());
129
130     setLoadPriority(request.priority());
131 #ifndef NDEBUG
132     cachedResourceLeakCounter.increment();
133 #endif
134
135     // FIXME: We should have a better way of checking for Navigation loads, maybe FetchMode::Options::Navigate.
136     ASSERT(m_origin || m_type == CachedResource::MainResource);
137
138     if (m_options.mode != FetchOptions::Mode::SameOrigin && m_origin
139         && !(m_resourceRequest.url().protocolIsData() && m_options.sameOriginDataURLFlag == SameOriginDataURLFlag::Set)
140         && !m_origin->canRequest(m_resourceRequest.url()))
141         setCrossOrigin();
142 }
143
144 // FIXME: For this constructor, we should probably mandate that the URL has no fragment identifier.
145 CachedResource::CachedResource(const URL& url, Type type, SessionID sessionID)
146     : m_resourceRequest(url)
147     , m_decodedDataDeletionTimer(*this, &CachedResource::destroyDecodedData, deadDecodedDataDeletionIntervalForResourceType(type))
148     , m_sessionID(sessionID)
149     , m_responseTimestamp(std::chrono::system_clock::now())
150     , m_fragmentIdentifierForRequest(CachedResourceRequest::splitFragmentIdentifierFromRequestURL(m_resourceRequest))
151     , m_type(type)
152     , m_status(Cached)
153 {
154     ASSERT(sessionID.isValid());
155 #ifndef NDEBUG
156     cachedResourceLeakCounter.increment();
157 #endif
158 }
159
160 CachedResource::~CachedResource()
161 {
162     ASSERT(!m_resourceToRevalidate); // Should be true because canDelete() checks this.
163     ASSERT(canDelete());
164     ASSERT(!inCache());
165     ASSERT(!m_deleted);
166     ASSERT(url().isNull() || !allowsCaching() || MemoryCache::singleton().resourceForRequest(resourceRequest(), sessionID()) != this);
167
168 #ifndef NDEBUG
169     m_deleted = true;
170     cachedResourceLeakCounter.decrement();
171 #endif
172
173     if (m_owningCachedResourceLoader)
174         m_owningCachedResourceLoader->removeCachedResource(*this);
175 }
176
177 void CachedResource::failBeforeStarting()
178 {
179     // FIXME: What if resources in other frames were waiting for this revalidation?
180     LOG(ResourceLoading, "Cannot start loading '%s'", url().string().latin1().data());
181     if (allowsCaching() && m_resourceToRevalidate)
182         MemoryCache::singleton().revalidationFailed(*this);
183     error(CachedResource::LoadError);
184 }
185
186 static void addAdditionalRequestHeadersToRequest(ResourceRequest& request, const CachedResourceLoader& cachedResourceLoader, CachedResource& resource)
187 {
188     if (resource.type() == CachedResource::MainResource)
189         return;
190     // In some cases we may try to load resources in frameless documents. Such loads always fail.
191     // FIXME: We shouldn't get this far.
192     if (!cachedResourceLoader.frame())
193         return;
194
195     // Note: We skip the Content-Security-Policy check here because we check
196     // the Content-Security-Policy at the CachedResourceLoader layer so we can
197     // handle different resource types differently.
198     FrameLoader& frameLoader = cachedResourceLoader.frame()->loader();
199     String outgoingReferrer;
200     String outgoingOrigin;
201     if (request.httpReferrer().isNull()) {
202         outgoingReferrer = frameLoader.outgoingReferrer();
203         outgoingOrigin = frameLoader.outgoingOrigin();
204     } else {
205         outgoingReferrer = request.httpReferrer();
206         outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString();
207     }
208
209     // FIXME: Refactor SecurityPolicy::generateReferrerHeader to align with new terminology used in https://w3c.github.io/webappsec-referrer-policy.
210     switch (resource.options().referrerPolicy) {
211     case FetchOptions::ReferrerPolicy::EmptyString: {
212         ReferrerPolicy referrerPolicy = cachedResourceLoader.document() ? cachedResourceLoader.document()->referrerPolicy() : ReferrerPolicy::Default;
213         outgoingReferrer = SecurityPolicy::generateReferrerHeader(referrerPolicy, request.url(), outgoingReferrer);
214         break; }
215     case FetchOptions::ReferrerPolicy::NoReferrerWhenDowngrade:
216         outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Default, request.url(), outgoingReferrer);
217         break;
218     case FetchOptions::ReferrerPolicy::NoReferrer:
219         outgoingReferrer = String();
220         break;
221     case FetchOptions::ReferrerPolicy::Origin:
222         outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Origin, request.url(), outgoingReferrer);
223         break;
224     case FetchOptions::ReferrerPolicy::OriginWhenCrossOrigin:
225         if (resource.isCrossOrigin())
226             outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Origin, request.url(), outgoingReferrer);
227         break;
228     case FetchOptions::ReferrerPolicy::UnsafeUrl:
229         break;
230     };
231
232     if (outgoingReferrer.isEmpty())
233         request.clearHTTPReferrer();
234     else
235         request.setHTTPReferrer(outgoingReferrer);
236     FrameLoader::addHTTPOriginIfNeeded(request, outgoingOrigin);
237
238     frameLoader.addExtraFieldsToSubresourceRequest(request);
239 }
240
241 void CachedResource::addAdditionalRequestHeaders(CachedResourceLoader& loader)
242 {
243     addAdditionalRequestHeadersToRequest(m_resourceRequest, loader, *this);
244 }
245
246 void CachedResource::load(CachedResourceLoader& cachedResourceLoader)
247 {
248     if (!cachedResourceLoader.frame()) {
249         RELEASE_LOG_IF_ALLOWED("load: No associated frame");
250         failBeforeStarting();
251         return;
252     }
253     Frame& frame = *cachedResourceLoader.frame();
254
255     // Prevent new loads if we are in the PageCache or being added to the PageCache.
256     // We query the top document because new frames may be created in pagehide event handlers
257     // and their pageCacheState will not reflect the fact that they are about to enter page
258     // cache.
259     if (auto* topDocument = frame.mainFrame().document()) {
260         if (topDocument->pageCacheState() != Document::NotInPageCache) {
261             RELEASE_LOG_IF_ALLOWED("load: Already in page cache or being added to it (frame = %p)", &frame);
262             failBeforeStarting();
263             return;
264         }
265     }
266
267     FrameLoader& frameLoader = frame.loader();
268     if (m_options.securityCheck == DoSecurityCheck && (frameLoader.state() == FrameStateProvisional || !frameLoader.activeDocumentLoader() || frameLoader.activeDocumentLoader()->isStopping())) {
269         if (frameLoader.state() == FrameStateProvisional)
270             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- state is provisional (frame = %p)", &frame);
271         else if (!frameLoader.activeDocumentLoader())
272             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- not active document (frame = %p)", &frame);
273         else if (frameLoader.activeDocumentLoader()->isStopping())
274             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- active loader is stopping (frame = %p)", &frame);
275         failBeforeStarting();
276         return;
277     }
278
279     m_loading = true;
280
281 #if USE(QUICK_LOOK)
282     if (!m_resourceRequest.isNull() && m_resourceRequest.url().protocolIs(QLPreviewProtocol())) {
283         // When QuickLook is invoked to convert a document, it returns a unique URL in the
284         // NSURLReponse for the main document. To make safeQLURLForDocumentURLAndResourceURL()
285         // work, we need to use the QL URL not the original URL.
286         const URL& documentURL = frameLoader.documentLoader()->response().url();
287         m_resourceRequest.setURL(safeQLURLForDocumentURLAndResourceURL(documentURL, url()));
288     }
289 #endif
290
291     if (isCacheValidator()) {
292         CachedResource* resourceToRevalidate = m_resourceToRevalidate;
293         ASSERT(resourceToRevalidate->canUseCacheValidator());
294         ASSERT(resourceToRevalidate->isLoaded());
295         const String& lastModified = resourceToRevalidate->response().httpHeaderField(HTTPHeaderName::LastModified);
296         const String& eTag = resourceToRevalidate->response().httpHeaderField(HTTPHeaderName::ETag);
297         if (!lastModified.isEmpty() || !eTag.isEmpty()) {
298             ASSERT(cachedResourceLoader.cachePolicy(type()) != CachePolicyReload);
299             if (cachedResourceLoader.cachePolicy(type()) == CachePolicyRevalidate)
300                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
301             if (!lastModified.isEmpty())
302                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::IfModifiedSince, lastModified);
303             if (!eTag.isEmpty())
304                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::IfNoneMatch, eTag);
305         }
306     }
307
308 #if ENABLE(LINK_PREFETCH)
309     if (type() == CachedResource::LinkPrefetch || type() == CachedResource::LinkSubresource)
310         m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::Purpose, "prefetch");
311 #endif
312     m_resourceRequest.setPriority(loadPriority());
313
314     addAdditionalRequestHeaders(cachedResourceLoader);
315
316     // FIXME: It's unfortunate that the cache layer and below get to know anything about fragment identifiers.
317     // We should look into removing the expectation of that knowledge from the platform network stacks.
318     ResourceRequest request(m_resourceRequest);
319     if (!m_fragmentIdentifierForRequest.isNull()) {
320         URL url = request.url();
321         url.setFragmentIdentifier(m_fragmentIdentifierForRequest);
322         request.setURL(url);
323         m_fragmentIdentifierForRequest = String();
324     }
325
326     m_loader = platformStrategies()->loaderStrategy()->loadResource(frame, *this, request, m_options);
327     if (!m_loader) {
328         RELEASE_LOG_IF_ALLOWED("load: Unable to create SubresourceLoader (frame = %p)", &frame);
329         failBeforeStarting();
330         return;
331     }
332
333     m_status = Pending;
334 }
335
336 void CachedResource::loadFrom(const CachedResource& resource)
337 {
338     ASSERT(url() == resource.url());
339     ASSERT(type() == resource.type());
340     ASSERT(resource.status() == Status::Cached);
341
342     if (isCrossOrigin() && m_options.mode == FetchOptions::Mode::Cors) {
343         ASSERT(m_origin);
344         String errorMessage;
345         if (!WebCore::passesAccessControlCheck(resource.response(), m_options.allowCredentials, *m_origin, errorMessage)) {
346             setResourceError(ResourceError(String(), 0, url(), errorMessage, ResourceError::Type::AccessControl));
347             return;
348         }
349     }
350
351     setBodyDataFrom(resource);
352     setStatus(Status::Cached);
353     setLoading(false);
354 }
355
356 void CachedResource::setBodyDataFrom(const CachedResource& resource)
357 {
358     m_data = resource.m_data;
359 }
360
361 void CachedResource::checkNotify()
362 {
363     if (isLoading() || stillNeedsLoad())
364         return;
365
366     CachedResourceClientWalker<CachedResourceClient> walker(m_clients);
367     while (CachedResourceClient* client = walker.next())
368         client->notifyFinished(*this);
369 }
370
371 void CachedResource::addDataBuffer(SharedBuffer&)
372 {
373     ASSERT(dataBufferingPolicy() == BufferData);
374 }
375
376 void CachedResource::addData(const char*, unsigned)
377 {
378     ASSERT(dataBufferingPolicy() == DoNotBufferData);
379 }
380
381 void CachedResource::finishLoading(SharedBuffer*)
382 {
383     setLoading(false);
384     checkNotify();
385 }
386
387 void CachedResource::error(CachedResource::Status status)
388 {
389     setStatus(status);
390     ASSERT(errorOccurred());
391     m_data = nullptr;
392
393     setLoading(false);
394     checkNotify();
395 }
396     
397 void CachedResource::cancelLoad()
398 {
399     if (!isLoading() && !stillNeedsLoad())
400         return;
401
402     setStatus(LoadError);
403     setLoading(false);
404     checkNotify();
405 }
406
407 void CachedResource::finish()
408 {
409     if (!errorOccurred())
410         m_status = Cached;
411 }
412
413 void CachedResource::setCrossOrigin()
414 {
415     ASSERT(m_options.mode != FetchOptions::Mode::SameOrigin);
416     m_responseTainting = (m_options.mode == FetchOptions::Mode::Cors) ? ResourceResponse::Tainting::Cors : ResourceResponse::Tainting::Opaque;
417 }
418
419 bool CachedResource::isCrossOrigin() const
420 {
421     return m_responseTainting != ResourceResponse::Tainting::Basic;
422 }
423
424 bool CachedResource::isCORSSameOrigin() const
425 {
426     // Following resource types do not use CORS
427     ASSERT(type() != CachedResource::Type::FontResource);
428     ASSERT(type() != CachedResource::Type::SVGFontResource);
429     ASSERT(type() != CachedResource::XSLStyleSheet);
430
431     // https://html.spec.whatwg.org/multipage/infrastructure.html#cors-same-origin
432     return !loadFailedOrCanceled() && m_responseTainting != ResourceResponse::Tainting::Opaque;
433 }
434
435 bool CachedResource::isExpired() const
436 {
437     if (m_response.isNull())
438         return false;
439
440     return computeCurrentAge(m_response, m_responseTimestamp) > freshnessLifetime(m_response);
441 }
442
443 static inline bool shouldCacheSchemeIndefinitely(const String& scheme)
444 {
445 #if PLATFORM(COCOA)
446     if (equalLettersIgnoringASCIICase(scheme, "applewebdata"))
447         return true;
448 #endif
449 #if USE(SOUP)
450     if (equalLettersIgnoringASCIICase(scheme, "resource"))
451         return true;
452 #endif
453     return equalLettersIgnoringASCIICase(scheme, "data");
454 }
455
456 std::chrono::microseconds CachedResource::freshnessLifetime(const ResourceResponse& response) const
457 {
458     if (!response.url().protocolIsInHTTPFamily()) {
459         String protocol = response.url().protocol();
460         if (!shouldCacheSchemeIndefinitely(protocol)) {
461             // Don't cache non-HTTP main resources since we can't check for freshness.
462             // FIXME: We should not cache subresources either, but when we tried this
463             // it caused performance and flakiness issues in our test infrastructure.
464             if (m_type == MainResource || SchemeRegistry::shouldAlwaysRevalidateURLScheme(protocol))
465                 return 0us;
466         }
467
468         return std::chrono::microseconds::max();
469     }
470
471     return computeFreshnessLifetimeForHTTPFamily(response, m_responseTimestamp);
472 }
473
474 void CachedResource::redirectReceived(ResourceRequest&, const ResourceResponse& response)
475 {
476     m_requestedFromNetworkingLayer = true;
477     if (response.isNull())
478         return;
479
480     updateRedirectChainStatus(m_redirectChainCacheStatus, response);
481 }
482
483 void CachedResource::setResponse(const ResourceResponse& response)
484 {
485     ASSERT(m_response.type() == ResourceResponse::Type::Default);
486     m_response = response;
487     m_response.setRedirected(m_redirectChainCacheStatus.status != RedirectChainCacheStatus::NoRedirection);
488
489     m_varyingHeaderValues = collectVaryingRequestHeaders(m_resourceRequest, m_response, m_sessionID);
490 }
491
492 void CachedResource::responseReceived(const ResourceResponse& response)
493 {
494     setResponse(response);
495     m_responseTimestamp = std::chrono::system_clock::now();
496     String encoding = response.textEncodingName();
497     if (!encoding.isNull())
498         setEncoding(encoding);
499 }
500
501 void CachedResource::clearLoader()
502 {
503     ASSERT(m_loader);
504     m_identifierForLoadWithoutResourceLoader = m_loader->identifier();
505     m_loader = nullptr;
506     deleteIfPossible();
507 }
508
509 void CachedResource::addClient(CachedResourceClient& client)
510 {
511     if (addClientToSet(client))
512         didAddClient(client);
513 }
514
515 void CachedResource::didAddClient(CachedResourceClient& client)
516 {
517     if (m_decodedDataDeletionTimer.isActive())
518         m_decodedDataDeletionTimer.stop();
519
520     if (m_clientsAwaitingCallback.remove(&client))
521         m_clients.add(&client);
522     if (!isLoading() && !stillNeedsLoad())
523         client.notifyFinished(*this);
524 }
525
526 bool CachedResource::addClientToSet(CachedResourceClient& client)
527 {
528     if (m_preloadResult == PreloadNotReferenced) {
529         if (isLoaded())
530             m_preloadResult = PreloadReferencedWhileComplete;
531         else if (m_requestedFromNetworkingLayer)
532             m_preloadResult = PreloadReferencedWhileLoading;
533         else
534             m_preloadResult = PreloadReferenced;
535     }
536     if (allowsCaching() && !hasClients() && inCache())
537         MemoryCache::singleton().addToLiveResourcesSize(*this);
538
539     if ((m_type == RawResource || m_type == MainResource) && !m_response.isNull() && !m_proxyResource) {
540         // Certain resources (especially XHRs and main resources) do crazy things if an asynchronous load returns
541         // synchronously (e.g., scripts may not have set all the state they need to handle the load).
542         // Therefore, rather than immediately sending callbacks on a cache hit like other CachedResources,
543         // we schedule the callbacks and ensure we never finish synchronously.
544         ASSERT(!m_clientsAwaitingCallback.contains(&client));
545         m_clientsAwaitingCallback.add(&client, std::make_unique<Callback>(*this, client));
546         return false;
547     }
548
549     m_clients.add(&client);
550     return true;
551 }
552
553 void CachedResource::removeClient(CachedResourceClient& client)
554 {
555     auto callback = m_clientsAwaitingCallback.take(&client);
556     if (callback) {
557         ASSERT(!m_clients.contains(&client));
558         callback->cancel();
559         callback = nullptr;
560     } else {
561         ASSERT(m_clients.contains(&client));
562         m_clients.remove(&client);
563         didRemoveClient(client);
564     }
565
566     if (deleteIfPossible()) {
567         // `this` object is dead here.
568         return;
569     }
570
571     if (hasClients())
572         return;
573
574     auto& memoryCache = MemoryCache::singleton();
575     if (allowsCaching() && inCache()) {
576         memoryCache.removeFromLiveResourcesSize(*this);
577         memoryCache.removeFromLiveDecodedResourcesList(*this);
578     }
579     if (!m_switchingClientsToRevalidatedResource)
580         allClientsRemoved();
581     destroyDecodedDataIfNeeded();
582
583     if (!allowsCaching())
584         return;
585
586     if (response().cacheControlContainsNoStore() && url().protocolIs("https")) {
587         // RFC2616 14.9.2:
588         // "no-store: ... MUST make a best-effort attempt to remove the information from volatile storage as promptly as possible"
589         // "... History buffers MAY store such responses as part of their normal operation."
590         // We allow non-secure content to be reused in history, but we do not allow secure content to be reused.
591         memoryCache.remove(*this);
592     }
593     memoryCache.pruneSoon();
594 }
595
596 void CachedResource::destroyDecodedDataIfNeeded()
597 {
598     if (!m_decodedSize)
599         return;
600     if (!MemoryCache::singleton().deadDecodedDataDeletionInterval().count())
601         return;
602     m_decodedDataDeletionTimer.restart();
603 }
604
605 void CachedResource::decodedDataDeletionTimerFired()
606 {
607     destroyDecodedData();
608 }
609
610 bool CachedResource::deleteIfPossible()
611 {
612     if (canDelete()) {
613         if (!inCache()) {
614             InspectorInstrumentation::willDestroyCachedResource(*this);
615             delete this;
616             return true;
617         }
618         if (m_data)
619             m_data->hintMemoryNotNeededSoon();
620     }
621     return false;
622 }
623
624 void CachedResource::setDecodedSize(unsigned size)
625 {
626     if (size == m_decodedSize)
627         return;
628
629     long long delta = static_cast<long long>(size) - m_decodedSize;
630
631     // The object must be moved to a different queue, since its size has been changed.
632     // Remove before updating m_decodedSize, so we find the resource in the correct LRU list.
633     if (allowsCaching() && inCache())
634         MemoryCache::singleton().removeFromLRUList(*this);
635
636     m_decodedSize = size;
637    
638     if (allowsCaching() && inCache()) {
639         auto& memoryCache = MemoryCache::singleton();
640         // Now insert into the new LRU list.
641         memoryCache.insertInLRUList(*this);
642         
643         // Insert into or remove from the live decoded list if necessary.
644         // When inserting into the LiveDecodedResourcesList it is possible
645         // that the m_lastDecodedAccessTime is still zero or smaller than
646         // the m_lastDecodedAccessTime of the current list head. This is a
647         // violation of the invariant that the list is to be kept sorted
648         // by access time. The weakening of the invariant does not pose
649         // a problem. For more details please see: https://bugs.webkit.org/show_bug.cgi?id=30209
650         bool inLiveDecodedResourcesList = memoryCache.inLiveDecodedResourcesList(*this);
651         if (m_decodedSize && !inLiveDecodedResourcesList && hasClients())
652             memoryCache.insertInLiveDecodedResourcesList(*this);
653         else if (!m_decodedSize && inLiveDecodedResourcesList)
654             memoryCache.removeFromLiveDecodedResourcesList(*this);
655
656         // Update the cache's size totals.
657         memoryCache.adjustSize(hasClients(), delta);
658     }
659 }
660
661 void CachedResource::setEncodedSize(unsigned size)
662 {
663     if (size == m_encodedSize)
664         return;
665
666     long long delta = static_cast<long long>(size) - m_encodedSize;
667
668     // The object must be moved to a different queue, since its size has been changed.
669     // Remove before updating m_encodedSize, so we find the resource in the correct LRU list.
670     if (allowsCaching() && inCache())
671         MemoryCache::singleton().removeFromLRUList(*this);
672
673     m_encodedSize = size;
674
675     if (allowsCaching() && inCache()) {
676         auto& memoryCache = MemoryCache::singleton();
677         memoryCache.insertInLRUList(*this);
678         memoryCache.adjustSize(hasClients(), delta);
679     }
680 }
681
682 void CachedResource::didAccessDecodedData(double timeStamp)
683 {
684     m_lastDecodedAccessTime = timeStamp;
685     
686     if (allowsCaching() && inCache()) {
687         auto& memoryCache = MemoryCache::singleton();
688         if (memoryCache.inLiveDecodedResourcesList(*this)) {
689             memoryCache.removeFromLiveDecodedResourcesList(*this);
690             memoryCache.insertInLiveDecodedResourcesList(*this);
691         }
692         memoryCache.pruneSoon();
693     }
694 }
695     
696 void CachedResource::setResourceToRevalidate(CachedResource* resource) 
697
698     ASSERT(resource);
699     ASSERT(!m_resourceToRevalidate);
700     ASSERT(resource != this);
701     ASSERT(m_handlesToRevalidate.isEmpty());
702     ASSERT(resource->type() == type());
703     ASSERT(!resource->m_proxyResource);
704
705     LOG(ResourceLoading, "CachedResource %p setResourceToRevalidate %p", this, resource);
706
707     resource->m_proxyResource = this;
708     m_resourceToRevalidate = resource;
709 }
710
711 void CachedResource::clearResourceToRevalidate() 
712 {
713     ASSERT(m_resourceToRevalidate);
714     ASSERT(m_resourceToRevalidate->m_proxyResource == this);
715
716     if (m_switchingClientsToRevalidatedResource)
717         return;
718
719     m_resourceToRevalidate->m_proxyResource = nullptr;
720     m_resourceToRevalidate->deleteIfPossible();
721
722     m_handlesToRevalidate.clear();
723     m_resourceToRevalidate = nullptr;
724     deleteIfPossible();
725 }
726     
727 void CachedResource::switchClientsToRevalidatedResource()
728 {
729     ASSERT(m_resourceToRevalidate);
730     ASSERT(m_resourceToRevalidate->inCache());
731     ASSERT(!inCache());
732
733     LOG(ResourceLoading, "CachedResource %p switchClientsToRevalidatedResource %p", this, m_resourceToRevalidate);
734
735     m_switchingClientsToRevalidatedResource = true;
736     for (auto& handle : m_handlesToRevalidate) {
737         handle->m_resource = m_resourceToRevalidate;
738         m_resourceToRevalidate->registerHandle(handle);
739         --m_handleCount;
740     }
741     ASSERT(!m_handleCount);
742     m_handlesToRevalidate.clear();
743
744     Vector<CachedResourceClient*> clientsToMove;
745     for (auto& entry : m_clients) {
746         CachedResourceClient* client = entry.key;
747         unsigned count = entry.value;
748         while (count) {
749             clientsToMove.append(client);
750             --count;
751         }
752     }
753
754     for (auto& client : clientsToMove)
755         removeClient(*client);
756     ASSERT(m_clients.isEmpty());
757
758     for (auto& client : clientsToMove)
759         m_resourceToRevalidate->addClientToSet(*client);
760     for (auto& client : clientsToMove) {
761         // Calling didAddClient may do anything, including trying to cancel revalidation.
762         // Assert that it didn't succeed.
763         ASSERT(m_resourceToRevalidate);
764         // Calling didAddClient for a client may end up removing another client. In that case it won't be in the set anymore.
765         if (m_resourceToRevalidate->m_clients.contains(client))
766             m_resourceToRevalidate->didAddClient(*client);
767     }
768     m_switchingClientsToRevalidatedResource = false;
769 }
770
771 void CachedResource::updateResponseAfterRevalidation(const ResourceResponse& validatingResponse)
772 {
773     m_responseTimestamp = std::chrono::system_clock::now();
774
775     updateResponseHeadersAfterRevalidation(m_response, validatingResponse);
776 }
777
778 void CachedResource::registerHandle(CachedResourceHandleBase* h)
779 {
780     ++m_handleCount;
781     if (m_resourceToRevalidate)
782         m_handlesToRevalidate.add(h);
783 }
784
785 void CachedResource::unregisterHandle(CachedResourceHandleBase* h)
786 {
787     ASSERT(m_handleCount > 0);
788     --m_handleCount;
789
790     if (m_resourceToRevalidate)
791          m_handlesToRevalidate.remove(h);
792
793     if (!m_handleCount)
794         deleteIfPossible();
795 }
796
797 bool CachedResource::canUseCacheValidator() const
798 {
799     if (m_loading || errorOccurred())
800         return false;
801
802     if (m_response.cacheControlContainsNoStore())
803         return false;
804     return m_response.hasCacheValidatorFields();
805 }
806
807 CachedResource::RevalidationDecision CachedResource::makeRevalidationDecision(CachePolicy cachePolicy) const
808 {    
809     switch (cachePolicy) {
810     case CachePolicyHistoryBuffer:
811         return RevalidationDecision::No;
812
813     case CachePolicyReload:
814     case CachePolicyRevalidate:
815         return RevalidationDecision::YesDueToCachePolicy;
816
817     case CachePolicyVerify:
818         if (m_response.cacheControlContainsNoCache())
819             return RevalidationDecision::YesDueToNoCache;
820         // FIXME: Cache-Control:no-store should prevent storing, not reuse.
821         if (m_response.cacheControlContainsNoStore())
822             return RevalidationDecision::YesDueToNoStore;
823
824         if (isExpired())
825             return RevalidationDecision::YesDueToExpired;
826
827         return RevalidationDecision::No;
828     };
829     ASSERT_NOT_REACHED();
830     return RevalidationDecision::No;
831 }
832
833 bool CachedResource::redirectChainAllowsReuse(ReuseExpiredRedirectionOrNot reuseExpiredRedirection) const
834 {
835     return WebCore::redirectChainAllowsReuse(m_redirectChainCacheStatus, reuseExpiredRedirection);
836 }
837
838 bool CachedResource::varyHeaderValuesMatch(const ResourceRequest& request, const CachedResourceLoader& cachedResourceLoader)
839 {
840     if (m_varyingHeaderValues.isEmpty())
841         return true;
842
843     ResourceRequest requestWithFullHeaders(request);
844     addAdditionalRequestHeadersToRequest(requestWithFullHeaders, cachedResourceLoader, *this);
845
846     return verifyVaryingRequestHeaders(m_varyingHeaderValues, requestWithFullHeaders, m_sessionID);
847 }
848
849 unsigned CachedResource::overheadSize() const
850 {
851     static const int kAverageClientsHashMapSize = 384;
852     return sizeof(CachedResource) + m_response.memoryUsage() + kAverageClientsHashMapSize + m_resourceRequest.url().string().length() * 2;
853 }
854
855 bool CachedResource::areAllClientsXMLHttpRequests() const
856 {
857     if (type() != RawResource)
858         return false;
859
860     for (auto& client : m_clients) {
861         if (!client.key->isXMLHttpRequest())
862             return false;
863     }
864     return true;
865 }
866
867 void CachedResource::setLoadPriority(const Optional<ResourceLoadPriority>& loadPriority)
868 {
869     if (loadPriority)
870         m_loadPriority = loadPriority.value();
871     else
872         m_loadPriority = defaultPriorityForResourceType(type());
873 }
874
875 inline CachedResource::Callback::Callback(CachedResource& resource, CachedResourceClient& client)
876     : m_resource(resource)
877     , m_client(client)
878     , m_timer(*this, &Callback::timerFired)
879 {
880     m_timer.startOneShot(0);
881 }
882
883 inline void CachedResource::Callback::cancel()
884 {
885     if (m_timer.isActive())
886         m_timer.stop();
887 }
888
889 void CachedResource::Callback::timerFired()
890 {
891     m_resource.didAddClient(m_client);
892 }
893
894 #if USE(FOUNDATION) || USE(SOUP)
895
896 void CachedResource::tryReplaceEncodedData(SharedBuffer& newBuffer)
897 {
898     if (!m_data)
899         return;
900     
901     if (!mayTryReplaceEncodedData())
902         return;
903
904     // We have to do the memcmp because we can't tell if the replacement file backed data is for the
905     // same resource or if we made a second request with the same URL which gave us a different
906     // resource. We have seen this happen for cached POST resources.
907     if (m_data->size() != newBuffer.size() || memcmp(m_data->data(), newBuffer.data(), m_data->size()))
908         return;
909
910     if (m_data->tryReplaceContentsWithPlatformBuffer(newBuffer))
911         didReplaceSharedBufferContents();
912 }
913
914 #endif
915
916 }