[Fetch] Align Accept header default values with fetch spec
[WebKit-https.git] / Source / WebCore / loader / cache / CachedResource.cpp
1 /*
2     Copyright (C) 1998 Lars Knoll (knoll@mpi-hd.mpg.de)
3     Copyright (C) 2001 Dirk Mueller (mueller@kde.org)
4     Copyright (C) 2002 Waldo Bastian (bastian@kde.org)
5     Copyright (C) 2006 Samuel Weinig (sam.weinig@gmail.com)
6     Copyright (C) 2004-2011, 2014 Apple Inc. All rights reserved.
7
8     This library is free software; you can redistribute it and/or
9     modify it under the terms of the GNU Library General Public
10     License as published by the Free Software Foundation; either
11     version 2 of the License, or (at your option) any later version.
12
13     This library is distributed in the hope that it will be useful,
14     but WITHOUT ANY WARRANTY; without even the implied warranty of
15     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16     Library General Public License for more details.
17
18     You should have received a copy of the GNU Library General Public License
19     along with this library; see the file COPYING.LIB.  If not, write to
20     the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
21     Boston, MA 02110-1301, USA.
22 */
23
24 #include "config.h"
25 #include "CachedResource.h"
26
27 #include "CachedResourceClient.h"
28 #include "CachedResourceClientWalker.h"
29 #include "CachedResourceHandle.h"
30 #include "CachedResourceLoader.h"
31 #include "CrossOriginAccessControl.h"
32 #include "DiagnosticLoggingClient.h"
33 #include "DiagnosticLoggingKeys.h"
34 #include "Document.h"
35 #include "DocumentLoader.h"
36 #include "FrameLoader.h"
37 #include "FrameLoaderClient.h"
38 #include "HTTPHeaderNames.h"
39 #include "InspectorInstrumentation.h"
40 #include "URL.h"
41 #include "LoaderStrategy.h"
42 #include "Logging.h"
43 #include "MainFrame.h"
44 #include "MemoryCache.h"
45 #include "Page.h"
46 #include "PlatformStrategies.h"
47 #include "ResourceHandle.h"
48 #include "SchemeRegistry.h"
49 #include "SecurityOrigin.h"
50 #include "SecurityPolicy.h"
51 #include "SubresourceLoader.h"
52 #include <wtf/CurrentTime.h>
53 #include <wtf/MathExtras.h>
54 #include <wtf/RefCountedLeakCounter.h>
55 #include <wtf/StdLibExtras.h>
56 #include <wtf/text/CString.h>
57 #include <wtf/Vector.h>
58
59 #if USE(QUICK_LOOK)
60 #include "QuickLook.h"
61 #endif
62
63 using namespace WTF;
64
65 #define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(cachedResourceLoader.isAlwaysOnLoggingAllowed(), Network, "%p - CachedResource::" fmt, this, ##__VA_ARGS__)
66
67 namespace WebCore {
68
69 ResourceLoadPriority CachedResource::defaultPriorityForResourceType(Type type)
70 {
71     switch (type) {
72     case CachedResource::MainResource:
73         return ResourceLoadPriority::VeryHigh;
74     case CachedResource::CSSStyleSheet:
75         return ResourceLoadPriority::High;
76     case CachedResource::Script:
77 #if ENABLE(SVG_FONTS)
78     case CachedResource::SVGFontResource:
79 #endif
80     case CachedResource::MediaResource:
81     case CachedResource::FontResource:
82     case CachedResource::RawResource:
83         return ResourceLoadPriority::Medium;
84     case CachedResource::ImageResource:
85         return ResourceLoadPriority::Low;
86 #if ENABLE(XSLT)
87     case CachedResource::XSLStyleSheet:
88         return ResourceLoadPriority::High;
89 #endif
90     case CachedResource::SVGDocumentResource:
91         return ResourceLoadPriority::Low;
92 #if ENABLE(LINK_PREFETCH)
93     case CachedResource::LinkPrefetch:
94         return ResourceLoadPriority::VeryLow;
95     case CachedResource::LinkSubresource:
96         return ResourceLoadPriority::VeryLow;
97 #endif
98 #if ENABLE(VIDEO_TRACK)
99     case CachedResource::TextTrackResource:
100         return ResourceLoadPriority::Low;
101 #endif
102     }
103     ASSERT_NOT_REACHED();
104     return ResourceLoadPriority::Low;
105 }
106
107 static std::chrono::milliseconds deadDecodedDataDeletionIntervalForResourceType(CachedResource::Type type)
108 {
109     if (type == CachedResource::Script)
110         return std::chrono::milliseconds { 0 };
111
112     return MemoryCache::singleton().deadDecodedDataDeletionInterval();
113 }
114
115 DEFINE_DEBUG_ONLY_GLOBAL(RefCountedLeakCounter, cachedResourceLeakCounter, ("CachedResource"));
116
117 CachedResource::CachedResource(CachedResourceRequest&& request, Type type, SessionID sessionID)
118     : m_resourceRequest(WTFMove(request.mutableResourceRequest()))
119     , m_options(request.options())
120     , m_decodedDataDeletionTimer(*this, &CachedResource::destroyDecodedData, deadDecodedDataDeletionIntervalForResourceType(type))
121     , m_sessionID(sessionID)
122     , m_loadPriority(defaultPriorityForResourceType(type))
123     , m_responseTimestamp(std::chrono::system_clock::now())
124     , m_lastDecodedAccessTime(0)
125     , m_loadFinishTime(0)
126     , m_encodedSize(0)
127     , m_decodedSize(0)
128     , m_accessCount(0)
129     , m_handleCount(0)
130     , m_preloadCount(0)
131     , m_preloadResult(PreloadNotReferenced)
132     , m_requestedFromNetworkingLayer(false)
133     , m_inCache(false)
134     , m_loading(false)
135     , m_switchingClientsToRevalidatedResource(false)
136     , m_type(type)
137     , m_status(Pending)
138 #ifndef NDEBUG
139     , m_deleted(false)
140     , m_lruIndex(0)
141 #endif
142     , m_owningCachedResourceLoader(nullptr)
143     , m_resourceToRevalidate(nullptr)
144     , m_proxyResource(nullptr)
145 {
146     ASSERT(m_type == unsigned(type)); // m_type is a bitfield, so this tests careless updates of the enum.
147     ASSERT(sessionID.isValid());
148 #ifndef NDEBUG
149     cachedResourceLeakCounter.increment();
150 #endif
151
152     if (!m_resourceRequest.url().hasFragmentIdentifier())
153         return;
154     URL urlForCache = MemoryCache::removeFragmentIdentifierIfNeeded(m_resourceRequest.url());
155     if (urlForCache.hasFragmentIdentifier())
156         return;
157     m_fragmentIdentifierForRequest = m_resourceRequest.url().fragmentIdentifier();
158     m_resourceRequest.setURL(urlForCache);
159 }
160
161 CachedResource::~CachedResource()
162 {
163     ASSERT(!m_resourceToRevalidate); // Should be true because canDelete() checks this.
164     ASSERT(canDelete());
165     ASSERT(!inCache());
166     ASSERT(!m_deleted);
167     ASSERT(url().isNull() || !allowsCaching() || MemoryCache::singleton().resourceForRequest(resourceRequest(), sessionID()) != this);
168
169 #ifndef NDEBUG
170     m_deleted = true;
171     cachedResourceLeakCounter.decrement();
172 #endif
173
174     if (m_owningCachedResourceLoader)
175         m_owningCachedResourceLoader->removeCachedResource(*this);
176 }
177
178 void CachedResource::failBeforeStarting()
179 {
180     // FIXME: What if resources in other frames were waiting for this revalidation?
181     LOG(ResourceLoading, "Cannot start loading '%s'", url().string().latin1().data());
182     if (allowsCaching() && m_resourceToRevalidate)
183         MemoryCache::singleton().revalidationFailed(*this);
184     error(CachedResource::LoadError);
185 }
186
187 static void addAdditionalRequestHeadersToRequest(ResourceRequest& request, const CachedResourceLoader& cachedResourceLoader, CachedResource& resource)
188 {
189     if (resource.type() == CachedResource::MainResource)
190         return;
191     // In some cases we may try to load resources in frameless documents. Such loads always fail.
192     // FIXME: We shouldn't get this far.
193     if (!cachedResourceLoader.frame())
194         return;
195
196     // Note: We skip the Content-Security-Policy check here because we check
197     // the Content-Security-Policy at the CachedResourceLoader layer so we can
198     // handle different resource types differently.
199     FrameLoader& frameLoader = cachedResourceLoader.frame()->loader();
200     String outgoingReferrer;
201     String outgoingOrigin;
202     if (request.httpReferrer().isNull()) {
203         outgoingReferrer = frameLoader.outgoingReferrer();
204         outgoingOrigin = frameLoader.outgoingOrigin();
205     } else {
206         outgoingReferrer = request.httpReferrer();
207         outgoingOrigin = SecurityOrigin::createFromString(outgoingReferrer)->toString();
208     }
209
210     // FIXME: Refactor SecurityPolicy::generateReferrerHeader to align with new terminology used in https://w3c.github.io/webappsec-referrer-policy.
211     switch (resource.options().referrerPolicy) {
212     case FetchOptions::ReferrerPolicy::EmptyString: {
213         ReferrerPolicy referrerPolicy = cachedResourceLoader.document() ? cachedResourceLoader.document()->referrerPolicy() : ReferrerPolicy::Default;
214         outgoingReferrer = SecurityPolicy::generateReferrerHeader(referrerPolicy, request.url(), outgoingReferrer);
215         break; }
216     case FetchOptions::ReferrerPolicy::NoReferrerWhenDowngrade:
217         outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Default, request.url(), outgoingReferrer);
218         break;
219     case FetchOptions::ReferrerPolicy::NoReferrer:
220         outgoingReferrer = String();
221         break;
222     case FetchOptions::ReferrerPolicy::Origin:
223         outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Origin, request.url(), outgoingReferrer);
224         break;
225     case FetchOptions::ReferrerPolicy::OriginWhenCrossOrigin:
226         if (resource.isCrossOrigin())
227             outgoingReferrer = SecurityPolicy::generateReferrerHeader(ReferrerPolicy::Origin, request.url(), outgoingReferrer);
228         break;
229     case FetchOptions::ReferrerPolicy::UnsafeUrl:
230         break;
231     };
232
233     if (outgoingReferrer.isEmpty())
234         request.clearHTTPReferrer();
235     else
236         request.setHTTPReferrer(outgoingReferrer);
237     FrameLoader::addHTTPOriginIfNeeded(request, outgoingOrigin);
238
239     frameLoader.addExtraFieldsToSubresourceRequest(request);
240 }
241
242 void CachedResource::addAdditionalRequestHeaders(CachedResourceLoader& loader)
243 {
244     addAdditionalRequestHeadersToRequest(m_resourceRequest, loader, *this);
245 }
246
247 void CachedResource::computeOrigin(CachedResourceLoader& loader)
248 {
249     if (type() == MainResource)
250         return;
251
252     ASSERT(loader.document());
253     if (m_resourceRequest.hasHTTPOrigin())
254         m_origin = SecurityOrigin::createFromString(m_resourceRequest.httpOrigin());
255     else
256         m_origin = loader.document()->securityOrigin();
257     ASSERT(m_origin);
258
259     if (!(m_resourceRequest.url().protocolIsData() && m_options.sameOriginDataURLFlag == SameOriginDataURLFlag::Set) && !m_origin->canRequest(m_resourceRequest.url()))
260         setCrossOrigin();
261
262     addAdditionalRequestHeaders(loader);
263 }
264
265 void CachedResource::load(CachedResourceLoader& cachedResourceLoader)
266 {
267     if (!cachedResourceLoader.frame()) {
268         RELEASE_LOG_IF_ALLOWED("load: No associated frame");
269         failBeforeStarting();
270         return;
271     }
272     Frame& frame = *cachedResourceLoader.frame();
273
274     // Prevent new loads if we are in the PageCache or being added to the PageCache.
275     // We query the top document because new frames may be created in pagehide event handlers
276     // and their pageCacheState will not reflect the fact that they are about to enter page
277     // cache.
278     if (auto* topDocument = frame.mainFrame().document()) {
279         if (topDocument->pageCacheState() != Document::NotInPageCache) {
280             RELEASE_LOG_IF_ALLOWED("load: Already in page cache or being added to it (frame = %p)", &frame);
281             failBeforeStarting();
282             return;
283         }
284     }
285
286     FrameLoader& frameLoader = frame.loader();
287     if (m_options.securityCheck == DoSecurityCheck && (frameLoader.state() == FrameStateProvisional || !frameLoader.activeDocumentLoader() || frameLoader.activeDocumentLoader()->isStopping())) {
288         if (frameLoader.state() == FrameStateProvisional)
289             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- state is provisional (frame = %p)", &frame);
290         else if (!frameLoader.activeDocumentLoader())
291             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- not active document (frame = %p)", &frame);
292         else if (frameLoader.activeDocumentLoader()->isStopping())
293             RELEASE_LOG_IF_ALLOWED("load: Failed security check -- active loader is stopping (frame = %p)", &frame);
294         failBeforeStarting();
295         return;
296     }
297
298     m_loading = true;
299
300 #if USE(QUICK_LOOK)
301     if (!m_resourceRequest.isNull() && m_resourceRequest.url().protocolIs(QLPreviewProtocol())) {
302         // When QuickLook is invoked to convert a document, it returns a unique URL in the
303         // NSURLReponse for the main document. To make safeQLURLForDocumentURLAndResourceURL()
304         // work, we need to use the QL URL not the original URL.
305         const URL& documentURL = frameLoader.documentLoader()->response().url();
306         m_resourceRequest.setURL(safeQLURLForDocumentURLAndResourceURL(documentURL, url()));
307     }
308 #endif
309
310     if (isCacheValidator()) {
311         CachedResource* resourceToRevalidate = m_resourceToRevalidate;
312         ASSERT(resourceToRevalidate->canUseCacheValidator());
313         ASSERT(resourceToRevalidate->isLoaded());
314         const String& lastModified = resourceToRevalidate->response().httpHeaderField(HTTPHeaderName::LastModified);
315         const String& eTag = resourceToRevalidate->response().httpHeaderField(HTTPHeaderName::ETag);
316         if (!lastModified.isEmpty() || !eTag.isEmpty()) {
317             ASSERT(cachedResourceLoader.cachePolicy(type()) != CachePolicyReload);
318             if (cachedResourceLoader.cachePolicy(type()) == CachePolicyRevalidate)
319                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0");
320             if (!lastModified.isEmpty())
321                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::IfModifiedSince, lastModified);
322             if (!eTag.isEmpty())
323                 m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::IfNoneMatch, eTag);
324         }
325     }
326
327 #if ENABLE(LINK_PREFETCH)
328     if (type() == CachedResource::LinkPrefetch || type() == CachedResource::LinkSubresource)
329         m_resourceRequest.setHTTPHeaderField(HTTPHeaderName::Purpose, "prefetch");
330 #endif
331     m_resourceRequest.setPriority(loadPriority());
332
333     computeOrigin(cachedResourceLoader);
334
335     // FIXME: It's unfortunate that the cache layer and below get to know anything about fragment identifiers.
336     // We should look into removing the expectation of that knowledge from the platform network stacks.
337     ResourceRequest request(m_resourceRequest);
338     if (!m_fragmentIdentifierForRequest.isNull()) {
339         URL url = request.url();
340         url.setFragmentIdentifier(m_fragmentIdentifierForRequest);
341         request.setURL(url);
342         m_fragmentIdentifierForRequest = String();
343     }
344
345     m_loader = platformStrategies()->loaderStrategy()->loadResource(frame, *this, request, m_options);
346     if (!m_loader) {
347         RELEASE_LOG_IF_ALLOWED("load: Unable to create SubresourceLoader (frame = %p)", &frame);
348         failBeforeStarting();
349         return;
350     }
351
352     m_status = Pending;
353 }
354
355 void CachedResource::loadFrom(const CachedResource& resource, CachedResourceLoader& cachedResourceLoader)
356 {
357     ASSERT(url() == resource.url());
358     ASSERT(type() == resource.type());
359     ASSERT(resource.status() == Status::Cached);
360
361     computeOrigin(cachedResourceLoader);
362
363     if (isCrossOrigin() && m_options.mode == FetchOptions::Mode::Cors) {
364         ASSERT(m_origin);
365         String errorMessage;
366         if (!WebCore::passesAccessControlCheck(resource.response(), m_options.allowCredentials, *m_origin, errorMessage)) {
367             setResourceError(ResourceError(String(), 0, url(), errorMessage, ResourceError::Type::AccessControl));
368             return;
369         }
370     }
371
372     setBodyDataFrom(resource);
373     setStatus(Status::Cached);
374     setLoading(false);
375 }
376
377 void CachedResource::setBodyDataFrom(const CachedResource& resource)
378 {
379     m_data = resource.m_data;
380 }
381
382 void CachedResource::checkNotify()
383 {
384     if (isLoading() || stillNeedsLoad())
385         return;
386
387     CachedResourceClientWalker<CachedResourceClient> walker(m_clients);
388     while (CachedResourceClient* client = walker.next())
389         client->notifyFinished(this);
390 }
391
392 void CachedResource::addDataBuffer(SharedBuffer&)
393 {
394     ASSERT(dataBufferingPolicy() == BufferData);
395 }
396
397 void CachedResource::addData(const char*, unsigned)
398 {
399     ASSERT(dataBufferingPolicy() == DoNotBufferData);
400 }
401
402 void CachedResource::finishLoading(SharedBuffer*)
403 {
404     setLoading(false);
405     checkNotify();
406 }
407
408 void CachedResource::error(CachedResource::Status status)
409 {
410     setStatus(status);
411     ASSERT(errorOccurred());
412     m_data = nullptr;
413
414     setLoading(false);
415     checkNotify();
416 }
417     
418 void CachedResource::cancelLoad()
419 {
420     if (!isLoading() && !stillNeedsLoad())
421         return;
422
423     setStatus(LoadError);
424     setLoading(false);
425     checkNotify();
426 }
427
428 void CachedResource::finish()
429 {
430     if (!errorOccurred())
431         m_status = Cached;
432 }
433
434 bool CachedResource::passesAccessControlCheck(SecurityOrigin& securityOrigin)
435 {
436     String errorDescription;
437     return WebCore::passesAccessControlCheck(response(), resourceRequest().allowCookies() ? AllowStoredCredentials : DoNotAllowStoredCredentials, securityOrigin, errorDescription);
438 }
439
440 bool CachedResource::passesSameOriginPolicyCheck(SecurityOrigin& securityOrigin)
441 {
442     if (securityOrigin.canRequest(responseForSameOriginPolicyChecks().url()))
443         return true;
444     return passesAccessControlCheck(securityOrigin);
445 }
446
447 void CachedResource::setCrossOrigin()
448 {
449     ASSERT(m_options.mode != FetchOptions::Mode::SameOrigin);
450     m_responseTainting = (m_options.mode == FetchOptions::Mode::Cors) ? ResourceResponse::Tainting::Cors : ResourceResponse::Tainting::Opaque;
451 }
452
453 bool CachedResource::isCrossOrigin() const
454 {
455     return m_responseTainting != ResourceResponse::Tainting::Basic;
456 }
457
458 bool CachedResource::isClean() const
459 {
460     // https://html.spec.whatwg.org/multipage/infrastructure.html#cors-same-origin
461     return !loadFailedOrCanceled() && m_responseTainting != ResourceResponse::Tainting::Opaque;
462 }
463
464 bool CachedResource::isExpired() const
465 {
466     if (m_response.isNull())
467         return false;
468
469     return computeCurrentAge(m_response, m_responseTimestamp) > freshnessLifetime(m_response);
470 }
471
472 static inline bool shouldCacheSchemeIndefinitely(const String& scheme)
473 {
474 #if PLATFORM(COCOA)
475     if (equalLettersIgnoringASCIICase(scheme, "applewebdata"))
476         return true;
477 #endif
478 #if USE(SOUP)
479     if (equalLettersIgnoringASCIICase(scheme, "resource"))
480         return true;
481 #endif
482     return equalLettersIgnoringASCIICase(scheme, "data");
483 }
484
485 std::chrono::microseconds CachedResource::freshnessLifetime(const ResourceResponse& response) const
486 {
487     if (!response.url().protocolIsInHTTPFamily()) {
488         String protocol = response.url().protocol();
489         if (!shouldCacheSchemeIndefinitely(protocol)) {
490             // Don't cache non-HTTP main resources since we can't check for freshness.
491             // FIXME: We should not cache subresources either, but when we tried this
492             // it caused performance and flakiness issues in our test infrastructure.
493             if (m_type == MainResource || SchemeRegistry::shouldAlwaysRevalidateURLScheme(protocol))
494                 return 0us;
495         }
496
497         return std::chrono::microseconds::max();
498     }
499
500     return computeFreshnessLifetimeForHTTPFamily(response, m_responseTimestamp);
501 }
502
503 void CachedResource::redirectReceived(ResourceRequest& request, const ResourceResponse& response)
504 {
505     m_requestedFromNetworkingLayer = true;
506     if (response.isNull())
507         return;
508
509     // Redirect to data: URL uses the last HTTP response for SOP.
510     if (response.isHTTP() && request.url().protocolIsData())
511         m_redirectResponseForSameOriginPolicyChecks = response;
512
513     updateRedirectChainStatus(m_redirectChainCacheStatus, response);
514 }
515
516 const ResourceResponse& CachedResource::responseForSameOriginPolicyChecks() const
517 {
518     return m_redirectResponseForSameOriginPolicyChecks.isNull() ? m_response : m_redirectResponseForSameOriginPolicyChecks;
519 }
520
521 void CachedResource::setResponse(const ResourceResponse& response)
522 {
523     ASSERT(m_response.type() == ResourceResponse::Type::Default);
524     m_response = response;
525     m_response.setRedirected(m_redirectChainCacheStatus.status != RedirectChainCacheStatus::NoRedirection);
526
527     m_varyingHeaderValues = collectVaryingRequestHeaders(m_resourceRequest, m_response, m_sessionID);
528 }
529
530 void CachedResource::responseReceived(const ResourceResponse& response)
531 {
532     setResponse(response);
533     m_responseTimestamp = std::chrono::system_clock::now();
534     String encoding = response.textEncodingName();
535     if (!encoding.isNull())
536         setEncoding(encoding);
537 }
538
539 void CachedResource::clearLoader()
540 {
541     ASSERT(m_loader);
542     m_identifierForLoadWithoutResourceLoader = m_loader->identifier();
543     m_loader = nullptr;
544     deleteIfPossible();
545 }
546
547 void CachedResource::addClient(CachedResourceClient* client)
548 {
549     if (addClientToSet(client))
550         didAddClient(client);
551 }
552
553 void CachedResource::didAddClient(CachedResourceClient* client)
554 {
555     if (m_decodedDataDeletionTimer.isActive())
556         m_decodedDataDeletionTimer.stop();
557
558     if (m_clientsAwaitingCallback.remove(client))
559         m_clients.add(client);
560     if (!isLoading() && !stillNeedsLoad())
561         client->notifyFinished(this);
562 }
563
564 bool CachedResource::addClientToSet(CachedResourceClient* client)
565 {
566     if (m_preloadResult == PreloadNotReferenced) {
567         if (isLoaded())
568             m_preloadResult = PreloadReferencedWhileComplete;
569         else if (m_requestedFromNetworkingLayer)
570             m_preloadResult = PreloadReferencedWhileLoading;
571         else
572             m_preloadResult = PreloadReferenced;
573     }
574     if (allowsCaching() && !hasClients() && inCache())
575         MemoryCache::singleton().addToLiveResourcesSize(*this);
576
577     if ((m_type == RawResource || m_type == MainResource) && !m_response.isNull() && !m_proxyResource) {
578         // Certain resources (especially XHRs and main resources) do crazy things if an asynchronous load returns
579         // synchronously (e.g., scripts may not have set all the state they need to handle the load).
580         // Therefore, rather than immediately sending callbacks on a cache hit like other CachedResources,
581         // we schedule the callbacks and ensure we never finish synchronously.
582         ASSERT(!m_clientsAwaitingCallback.contains(client));
583         m_clientsAwaitingCallback.add(client, std::make_unique<Callback>(*this, *client));
584         return false;
585     }
586
587     m_clients.add(client);
588     return true;
589 }
590
591 void CachedResource::removeClient(CachedResourceClient* client)
592 {
593     auto callback = m_clientsAwaitingCallback.take(client);
594     if (callback) {
595         ASSERT(!m_clients.contains(client));
596         callback->cancel();
597         callback = nullptr;
598     } else {
599         ASSERT(m_clients.contains(client));
600         m_clients.remove(client);
601         didRemoveClient(client);
602     }
603
604     if (deleteIfPossible()) {
605         // `this` object is dead here.
606         return;
607     }
608
609     if (hasClients())
610         return;
611
612     auto& memoryCache = MemoryCache::singleton();
613     if (allowsCaching() && inCache()) {
614         memoryCache.removeFromLiveResourcesSize(*this);
615         memoryCache.removeFromLiveDecodedResourcesList(*this);
616     }
617     if (!m_switchingClientsToRevalidatedResource)
618         allClientsRemoved();
619     destroyDecodedDataIfNeeded();
620
621     if (!allowsCaching())
622         return;
623
624     if (response().cacheControlContainsNoStore() && url().protocolIs("https")) {
625         // RFC2616 14.9.2:
626         // "no-store: ... MUST make a best-effort attempt to remove the information from volatile storage as promptly as possible"
627         // "... History buffers MAY store such responses as part of their normal operation."
628         // We allow non-secure content to be reused in history, but we do not allow secure content to be reused.
629         memoryCache.remove(*this);
630     }
631     memoryCache.pruneSoon();
632 }
633
634 void CachedResource::destroyDecodedDataIfNeeded()
635 {
636     if (!m_decodedSize)
637         return;
638     if (!MemoryCache::singleton().deadDecodedDataDeletionInterval().count())
639         return;
640     m_decodedDataDeletionTimer.restart();
641 }
642
643 void CachedResource::decodedDataDeletionTimerFired()
644 {
645     destroyDecodedData();
646 }
647
648 bool CachedResource::deleteIfPossible()
649 {
650     if (canDelete()) {
651         if (!inCache()) {
652             InspectorInstrumentation::willDestroyCachedResource(*this);
653             delete this;
654             return true;
655         }
656         if (m_data)
657             m_data->hintMemoryNotNeededSoon();
658     }
659     return false;
660 }
661
662 void CachedResource::setDecodedSize(unsigned size)
663 {
664     if (size == m_decodedSize)
665         return;
666
667     int delta = size - m_decodedSize;
668
669     // The object must be moved to a different queue, since its size has been changed.
670     // Remove before updating m_decodedSize, so we find the resource in the correct LRU list.
671     if (allowsCaching() && inCache())
672         MemoryCache::singleton().removeFromLRUList(*this);
673     
674     m_decodedSize = size;
675    
676     if (allowsCaching() && inCache()) {
677         auto& memoryCache = MemoryCache::singleton();
678         // Now insert into the new LRU list.
679         memoryCache.insertInLRUList(*this);
680         
681         // Insert into or remove from the live decoded list if necessary.
682         // When inserting into the LiveDecodedResourcesList it is possible
683         // that the m_lastDecodedAccessTime is still zero or smaller than
684         // the m_lastDecodedAccessTime of the current list head. This is a
685         // violation of the invariant that the list is to be kept sorted
686         // by access time. The weakening of the invariant does not pose
687         // a problem. For more details please see: https://bugs.webkit.org/show_bug.cgi?id=30209
688         bool inLiveDecodedResourcesList = memoryCache.inLiveDecodedResourcesList(*this);
689         if (m_decodedSize && !inLiveDecodedResourcesList && hasClients())
690             memoryCache.insertInLiveDecodedResourcesList(*this);
691         else if (!m_decodedSize && inLiveDecodedResourcesList)
692             memoryCache.removeFromLiveDecodedResourcesList(*this);
693
694         // Update the cache's size totals.
695         memoryCache.adjustSize(hasClients(), delta);
696     }
697 }
698
699 void CachedResource::setEncodedSize(unsigned size)
700 {
701     if (size == m_encodedSize)
702         return;
703
704     int delta = size - m_encodedSize;
705
706     // The object must be moved to a different queue, since its size has been changed.
707     // Remove before updating m_encodedSize, so we find the resource in the correct LRU list.
708     if (allowsCaching() && inCache())
709         MemoryCache::singleton().removeFromLRUList(*this);
710
711     m_encodedSize = size;
712
713     if (allowsCaching() && inCache()) {
714         auto& memoryCache = MemoryCache::singleton();
715         memoryCache.insertInLRUList(*this);
716         memoryCache.adjustSize(hasClients(), delta);
717     }
718 }
719
720 void CachedResource::didAccessDecodedData(double timeStamp)
721 {
722     m_lastDecodedAccessTime = timeStamp;
723     
724     if (allowsCaching() && inCache()) {
725         auto& memoryCache = MemoryCache::singleton();
726         if (memoryCache.inLiveDecodedResourcesList(*this)) {
727             memoryCache.removeFromLiveDecodedResourcesList(*this);
728             memoryCache.insertInLiveDecodedResourcesList(*this);
729         }
730         memoryCache.pruneSoon();
731     }
732 }
733     
734 void CachedResource::setResourceToRevalidate(CachedResource* resource) 
735
736     ASSERT(resource);
737     ASSERT(!m_resourceToRevalidate);
738     ASSERT(resource != this);
739     ASSERT(m_handlesToRevalidate.isEmpty());
740     ASSERT(resource->type() == type());
741     ASSERT(!resource->m_proxyResource);
742
743     LOG(ResourceLoading, "CachedResource %p setResourceToRevalidate %p", this, resource);
744
745     resource->m_proxyResource = this;
746     m_resourceToRevalidate = resource;
747 }
748
749 void CachedResource::clearResourceToRevalidate() 
750 {
751     ASSERT(m_resourceToRevalidate);
752     ASSERT(m_resourceToRevalidate->m_proxyResource == this);
753
754     if (m_switchingClientsToRevalidatedResource)
755         return;
756
757     m_resourceToRevalidate->m_proxyResource = nullptr;
758     m_resourceToRevalidate->deleteIfPossible();
759
760     m_handlesToRevalidate.clear();
761     m_resourceToRevalidate = nullptr;
762     deleteIfPossible();
763 }
764     
765 void CachedResource::switchClientsToRevalidatedResource()
766 {
767     ASSERT(m_resourceToRevalidate);
768     ASSERT(m_resourceToRevalidate->inCache());
769     ASSERT(!inCache());
770
771     LOG(ResourceLoading, "CachedResource %p switchClientsToRevalidatedResource %p", this, m_resourceToRevalidate);
772
773     m_switchingClientsToRevalidatedResource = true;
774     for (auto& handle : m_handlesToRevalidate) {
775         handle->m_resource = m_resourceToRevalidate;
776         m_resourceToRevalidate->registerHandle(handle);
777         --m_handleCount;
778     }
779     ASSERT(!m_handleCount);
780     m_handlesToRevalidate.clear();
781
782     Vector<CachedResourceClient*> clientsToMove;
783     for (auto& entry : m_clients) {
784         CachedResourceClient* client = entry.key;
785         unsigned count = entry.value;
786         while (count) {
787             clientsToMove.append(client);
788             --count;
789         }
790     }
791
792     for (auto& client : clientsToMove)
793         removeClient(client);
794     ASSERT(m_clients.isEmpty());
795
796     for (auto& client : clientsToMove)
797         m_resourceToRevalidate->addClientToSet(client);
798     for (auto& client : clientsToMove) {
799         // Calling didAddClient may do anything, including trying to cancel revalidation.
800         // Assert that it didn't succeed.
801         ASSERT(m_resourceToRevalidate);
802         // Calling didAddClient for a client may end up removing another client. In that case it won't be in the set anymore.
803         if (m_resourceToRevalidate->m_clients.contains(client))
804             m_resourceToRevalidate->didAddClient(client);
805     }
806     m_switchingClientsToRevalidatedResource = false;
807 }
808
809 void CachedResource::updateResponseAfterRevalidation(const ResourceResponse& validatingResponse)
810 {
811     m_responseTimestamp = std::chrono::system_clock::now();
812
813     updateResponseHeadersAfterRevalidation(m_response, validatingResponse);
814 }
815
816 void CachedResource::registerHandle(CachedResourceHandleBase* h)
817 {
818     ++m_handleCount;
819     if (m_resourceToRevalidate)
820         m_handlesToRevalidate.add(h);
821 }
822
823 void CachedResource::unregisterHandle(CachedResourceHandleBase* h)
824 {
825     ASSERT(m_handleCount > 0);
826     --m_handleCount;
827
828     if (m_resourceToRevalidate)
829          m_handlesToRevalidate.remove(h);
830
831     if (!m_handleCount)
832         deleteIfPossible();
833 }
834
835 bool CachedResource::canUseCacheValidator() const
836 {
837     if (m_loading || errorOccurred())
838         return false;
839
840     if (m_response.cacheControlContainsNoStore())
841         return false;
842     return m_response.hasCacheValidatorFields();
843 }
844
845 CachedResource::RevalidationDecision CachedResource::makeRevalidationDecision(CachePolicy cachePolicy) const
846 {    
847     switch (cachePolicy) {
848     case CachePolicyHistoryBuffer:
849         return RevalidationDecision::No;
850
851     case CachePolicyReload:
852     case CachePolicyRevalidate:
853         return RevalidationDecision::YesDueToCachePolicy;
854
855     case CachePolicyVerify:
856         if (m_response.cacheControlContainsNoCache())
857             return RevalidationDecision::YesDueToNoCache;
858         // FIXME: Cache-Control:no-store should prevent storing, not reuse.
859         if (m_response.cacheControlContainsNoStore())
860             return RevalidationDecision::YesDueToNoStore;
861
862         if (isExpired())
863             return RevalidationDecision::YesDueToExpired;
864
865         return RevalidationDecision::No;
866     };
867     ASSERT_NOT_REACHED();
868     return RevalidationDecision::No;
869 }
870
871 bool CachedResource::redirectChainAllowsReuse(ReuseExpiredRedirectionOrNot reuseExpiredRedirection) const
872 {
873     return WebCore::redirectChainAllowsReuse(m_redirectChainCacheStatus, reuseExpiredRedirection);
874 }
875
876 bool CachedResource::varyHeaderValuesMatch(const ResourceRequest& request, const CachedResourceLoader& cachedResourceLoader)
877 {
878     if (m_varyingHeaderValues.isEmpty())
879         return true;
880
881     ResourceRequest requestWithFullHeaders(request);
882     addAdditionalRequestHeadersToRequest(requestWithFullHeaders, cachedResourceLoader, *this);
883
884     return verifyVaryingRequestHeaders(m_varyingHeaderValues, requestWithFullHeaders, m_sessionID);
885 }
886
887 unsigned CachedResource::overheadSize() const
888 {
889     static const int kAverageClientsHashMapSize = 384;
890     return sizeof(CachedResource) + m_response.memoryUsage() + kAverageClientsHashMapSize + m_resourceRequest.url().string().length() * 2;
891 }
892
893 bool CachedResource::areAllClientsXMLHttpRequests() const
894 {
895     if (type() != RawResource)
896         return false;
897
898     for (auto& client : m_clients) {
899         if (!client.key->isXMLHttpRequest())
900             return false;
901     }
902     return true;
903 }
904
905 void CachedResource::setLoadPriority(const Optional<ResourceLoadPriority>& loadPriority)
906 {
907     if (loadPriority)
908         m_loadPriority = loadPriority.value();
909     else
910         m_loadPriority = defaultPriorityForResourceType(type());
911 }
912
913 inline CachedResource::Callback::Callback(CachedResource& resource, CachedResourceClient& client)
914     : m_resource(resource)
915     , m_client(client)
916     , m_timer(*this, &Callback::timerFired)
917 {
918     m_timer.startOneShot(0);
919 }
920
921 inline void CachedResource::Callback::cancel()
922 {
923     if (m_timer.isActive())
924         m_timer.stop();
925 }
926
927 void CachedResource::Callback::timerFired()
928 {
929     m_resource.didAddClient(&m_client);
930 }
931
932 #if USE(FOUNDATION) || USE(SOUP)
933
934 void CachedResource::tryReplaceEncodedData(SharedBuffer& newBuffer)
935 {
936     if (!m_data)
937         return;
938     
939     if (!mayTryReplaceEncodedData())
940         return;
941
942     // We have to do the memcmp because we can't tell if the replacement file backed data is for the
943     // same resource or if we made a second request with the same URL which gave us a different
944     // resource. We have seen this happen for cached POST resources.
945     if (m_data->size() != newBuffer.size() || memcmp(m_data->data(), newBuffer.data(), m_data->size()))
946         return;
947
948     if (m_data->tryReplaceContentsWithPlatformBuffer(newBuffer))
949         didReplaceSharedBufferContents();
950 }
951
952 #endif
953
954 }