Refactor CachedResourceLoader::canRequest
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 21 Sep 2016 08:43:23 +0000 (08:43 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 21 Sep 2016 08:43:23 +0000 (08:43 +0000)
commit4d95d8fe451a458dfb0db74fead54db0841f08e3
tree844ff3aded175e9ed9b558842910022b84e0f400
parentefe18929fbb52def4f057098c2db8f642620dd0e
Refactor CachedResourceLoader::canRequest
https://bugs.webkit.org/show_bug.cgi?id=162144

Patch by Youenn Fablet <youenn@apple.com> on 2016-09-21
Reviewed by Darin Adler.

Covered by existing tests.

Simplifying CachedResourceLoader::canRequest by doing:
- CSP checks in another method
- Removing Same-Origin type-specific checks by setting FetchOptions::Mode appropriately in resource loader clients
- Moving script specific check in ScriptElement

Note that the last check may affect the loading behavior in the case scripts are enabled when starting the load
of a script, but gets disabled before receiving a redirection for the script load.

* dom/ProcessingInstruction.cpp:
(WebCore::ProcessingInstruction::checkStyleSheet): Setting XSLT stylesheet fetch mode to SameOrigin.
* dom/ScriptElement.cpp:
(WebCore::ScriptElement::requestScriptWithCache): Returning early if scripts are disabled.
* loader/CrossOriginPreflightChecker.cpp:
(WebCore::CrossOriginPreflightChecker::startPreflight): Bypassing CSP checks.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource): Bypassing CSP checks as CachedResourceLoader was not
checking them for MainResource.
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest): Ditto.
* loader/LinkLoader.cpp:
(WebCore::LinkLoader::preloadIfNeeded): Using new CachedResourceRequest constructor to enable moving the ResourceRequest.
(WebCore::LinkLoader::loadLink): Skipping CSP checks for link prefetch/subresources as CachedResourceLoader was
not checking them for Link Prefetch and Subresource types.
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::allowedByContentSecurityPolicy): Helper routine to check for CSP.
(WebCore::CachedResourceLoader::canRequest): Making use of introduced helper routine.
Simplified same origin check as all requests should have their options set.
* loader/cache/CachedResourceLoader.h:
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::CachedResourceRequest): More efficient constructor.
* loader/cache/CachedResourceRequest.h:
* loader/cache/CachedSVGDocumentReference.cpp:
(WebCore::CachedSVGDocumentReference::load): Setting fetch mode to SameOrigin.
* svg/SVGUseElement.cpp:
(WebCore::SVGUseElement::updateExternalDocument): Ditto.
* xml/XSLImportRule.cpp:
(WebCore::XSLImportRule::loadSheet): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206203 268f45cc-cd09-0410-ab3c-d52691b4dbfc
14 files changed:
Source/WebCore/ChangeLog
Source/WebCore/dom/ProcessingInstruction.cpp
Source/WebCore/dom/ScriptElement.cpp
Source/WebCore/loader/CrossOriginPreflightChecker.cpp
Source/WebCore/loader/DocumentLoader.cpp
Source/WebCore/loader/DocumentThreadableLoader.cpp
Source/WebCore/loader/LinkLoader.cpp
Source/WebCore/loader/cache/CachedResourceLoader.cpp
Source/WebCore/loader/cache/CachedResourceLoader.h
Source/WebCore/loader/cache/CachedResourceRequest.cpp
Source/WebCore/loader/cache/CachedResourceRequest.h
Source/WebCore/loader/cache/CachedSVGDocumentReference.cpp
Source/WebCore/svg/SVGUseElement.cpp
Source/WebCore/xml/XSLImportRule.cpp