Make WebLoaderStrategy send to NetworkResourceLoader necessary parameters to handle...
authoryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Apr 2018 03:22:53 +0000 (03:22 +0000)
committeryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 24 Apr 2018 03:22:53 +0000 (03:22 +0000)
https://bugs.webkit.org/show_bug.cgi?id=184763

Reviewed by Chris Dumez.

Source/WebCore:

No change of behavior yet since we do not use these parameters in NetworkProcess yet.

Add PreflightPolicy and CSP response headers as ResourceLoaderOptions.
This allows passing them from DocumentThreadableLoader to WebLoaderStrategy.

Allow getting the original headers from a SubresourceLoader.
This allows passing them from DocumentThreadableLoader down to WebLoaderStrategy.

* Modules/fetch/FetchLoader.cpp:
(WebCore::FetchLoader::startLoadingBlobURL):
(WebCore::FetchLoader::start):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
(WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
(WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
* loader/ResourceLoaderOptions.h:
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::originalHeaders const):
* loader/SubresourceLoader.h:
* loader/ThreadableLoader.cpp:
(WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions):
(WebCore::ThreadableLoaderOptions::isolatedCopy const):
* loader/ThreadableLoader.h:
* page/EventSource.cpp:
(WebCore::EventSource::connect):
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest):

Source/WebKit:

Set all required NetworkResourceLoadParameters for asynchronous loads.
This includes preflight policy, CSP response headers, SecurityOrigin and content blockers identifier.

Update NetworkLoadChecker to handle preflight policy.
This is not needed right now since sync XHR and ping loads are using the default ConsiderPreflight policy.
But this will be needed for XHR/fetch/EventSource loads.

* NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::NetworkLoadChecker::NetworkLoadChecker):
(WebKit::NetworkLoadChecker::checkRedirection):
(WebKit::NetworkLoadChecker::validateResponse):
(WebKit::NetworkLoadChecker::checkCORSRequest):
* NetworkProcess/NetworkLoadChecker.h:
(WebKit::NetworkLoadChecker::create):
* NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):
* NetworkProcess/NetworkResourceLoadParameters.h:
* NetworkProcess/NetworkResourceLoader.cpp:
* NetworkProcess/PingLoad.cpp:
(WebKit::PingLoad::PingLoad):
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@230942 268f45cc-cd09-0410-ab3c-d52691b4dbfc

18 files changed:
Source/WebCore/ChangeLog
Source/WebCore/Modules/fetch/FetchLoader.cpp
Source/WebCore/loader/DocumentThreadableLoader.cpp
Source/WebCore/loader/ResourceLoaderOptions.h
Source/WebCore/loader/SubresourceLoader.cpp
Source/WebCore/loader/SubresourceLoader.h
Source/WebCore/loader/ThreadableLoader.cpp
Source/WebCore/loader/ThreadableLoader.h
Source/WebCore/page/EventSource.cpp
Source/WebCore/xml/XMLHttpRequest.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp
Source/WebKit/NetworkProcess/NetworkLoadChecker.h
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp
Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.h
Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
Source/WebKit/NetworkProcess/PingLoad.cpp
Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp

index 6cfbe7e..408e6b4 100644 (file)
@@ -1,3 +1,38 @@
+2018-04-23  Youenn Fablet  <youenn@apple.com>
+
+        Make WebLoaderStrategy send to NetworkResourceLoader necessary parameters to handle full loads in NetworkProcess
+        https://bugs.webkit.org/show_bug.cgi?id=184763
+
+        Reviewed by Chris Dumez.
+
+        No change of behavior yet since we do not use these parameters in NetworkProcess yet.
+
+        Add PreflightPolicy and CSP response headers as ResourceLoaderOptions.
+        This allows passing them from DocumentThreadableLoader to WebLoaderStrategy.
+
+        Allow getting the original headers from a SubresourceLoader.
+        This allows passing them from DocumentThreadableLoader down to WebLoaderStrategy.
+
+        * Modules/fetch/FetchLoader.cpp:
+        (WebCore::FetchLoader::startLoadingBlobURL):
+        (WebCore::FetchLoader::start):
+        * loader/DocumentThreadableLoader.cpp:
+        (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
+        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
+        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
+        * loader/ResourceLoaderOptions.h:
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::originalHeaders const):
+        * loader/SubresourceLoader.h:
+        * loader/ThreadableLoader.cpp:
+        (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions):
+        (WebCore::ThreadableLoaderOptions::isolatedCopy const):
+        * loader/ThreadableLoader.h:
+        * page/EventSource.cpp:
+        (WebCore::EventSource::connect):
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::XMLHttpRequest::createRequest):
+
 2018-04-23  Michael Catanzaro  <mcatanzaro@igalia.com>
 
         [WPE][GTK] Remove WlUniquePtr<wl_display> footgun
index 5412fd2..c01331f 100644 (file)
@@ -73,7 +73,7 @@ void FetchLoader::startLoadingBlobURL(ScriptExecutionContext& context, const URL
     ThreadableLoaderOptions options;
     options.sendLoadCallbacks = SendCallbacks;
     options.dataBufferingPolicy = DoNotBufferData;
-    options.preflightPolicy = ConsiderPreflight;
+    options.preflightPolicy = PreflightPolicy::Consider;
     options.credentials = FetchOptions::Credentials::Include;
     options.mode = FetchOptions::Mode::SameOrigin;
     options.contentSecurityPolicyEnforcement = ContentSecurityPolicyEnforcement::DoNotEnforce;
@@ -84,7 +84,9 @@ void FetchLoader::startLoadingBlobURL(ScriptExecutionContext& context, const URL
 
 void FetchLoader::start(ScriptExecutionContext& context, const FetchRequest& request)
 {
-    ThreadableLoaderOptions options(request.fetchOptions(), ConsiderPreflight,
+    ResourceLoaderOptions resourceLoaderOptions = request.fetchOptions();
+    resourceLoaderOptions.preflightPolicy = PreflightPolicy::Consider;
+    ThreadableLoaderOptions options(resourceLoaderOptions,
         context.shouldBypassMainWorldContentSecurityPolicy() ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective,
         String(cachedResourceRequestInitiators().fetch),
         ResponseFilteringPolicy::Disable);
index 240daa1..4e692e1 100644 (file)
@@ -109,7 +109,7 @@ DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
 
     // No need to do preflight if the network stack will do it for us.
     if (!m_async && platformStrategies()->loaderStrategy()->isDoingLoadingSecurityChecks())
-        m_options.preflightPolicy = PreventPreflight;
+        m_options.preflightPolicy = PreflightPolicy::Prevent;
 
     // Referrer and Origin headers should be set after the preflight if any.
     ASSERT(!request.hasHTTPReferrer() && !request.hasHTTPOrigin());
@@ -134,6 +134,9 @@ DocumentThreadableLoader::DocumentThreadableLoader(Document& document, Threadabl
         m_options.filteringPolicy = ResponseFilteringPolicy::Disable;
     }
 
+    if (m_contentSecurityPolicy || !document.shouldBypassMainWorldContentSecurityPolicy())
+        m_options.cspResponseHeaders = this->contentSecurityPolicy().responseHeaders();
+
     // As per step 11 of https://fetch.spec.whatwg.org/#main-fetch, data scheme (if same-origin data-URL flag is set) and about scheme are considered same-origin.
     if (request.url().protocolIsData())
         m_sameOriginRequest = options.sameOriginDataURLFlag == SameOriginDataURLFlag::Set;
@@ -155,7 +158,7 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(ResourceRequest&& re
 {
     ASSERT(m_options.mode == FetchOptions::Mode::Cors);
 
-    if ((m_options.preflightPolicy == ConsiderPreflight && isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.preflightPolicy == PreventPreflight)
+    if ((m_options.preflightPolicy == PreflightPolicy::Consider && isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields())) || m_options.preflightPolicy == PreflightPolicy::Prevent)
         makeSimpleCrossOriginAccessRequest(WTFMove(request));
     else {
 #if ENABLE(SERVICE_WORKER)
@@ -179,8 +182,8 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(ResourceRequest&& re
 
 void DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest(ResourceRequest&& request)
 {
-    ASSERT(m_options.preflightPolicy != ForcePreflight);
-    ASSERT(m_options.preflightPolicy == PreventPreflight || isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields()));
+    ASSERT(m_options.preflightPolicy != PreflightPolicy::Force);
+    ASSERT(m_options.preflightPolicy == PreflightPolicy::Prevent || isSimpleCrossOriginAccessRequest(request.httpMethod(), request.httpHeaderFields()));
 
     // Cross-origin requests are only allowed for HTTP and registered schemes. We would catch this when checking response headers later, but there is no reason to send a request that's guaranteed to be denied.
     if (!SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(request.url().protocol().toStringWithoutCopying())) {
index 3d9a1a3..e792dde 100644 (file)
@@ -30,6 +30,7 @@
 
 #pragma once
 
+#include "ContentSecurityPolicyResponseHeaders.h"
 #include "FetchOptions.h"
 #include "HTTPHeaderNames.h"
 #include "ServiceWorkerTypes.h"
@@ -111,6 +112,12 @@ enum class ContentEncodingSniffingPolicy {
     DoNotSniff,
 };
 
+enum class PreflightPolicy {
+    Consider,
+    Force,
+    Prevent
+};
+
 struct ResourceLoaderOptions : public FetchOptions {
     ResourceLoaderOptions() { }
 
@@ -158,6 +165,9 @@ struct ResourceLoaderOptions : public FetchOptions {
     unsigned maxRedirectCount { 20 };
 
     Vector<String> derivedCachedDataTypesToRetrieve;
+
+    PreflightPolicy preflightPolicy { PreflightPolicy::Consider };
+    std::optional<ContentSecurityPolicyResponseHeaders> cspResponseHeaders;
 };
 
 } // namespace WebCore
index f7d24f2..2c3a1ee 100644 (file)
@@ -784,4 +784,9 @@ void SubresourceLoader::reportResourceTiming(const NetworkLoadMetrics& networkLo
     m_documentLoader->cachedResourceLoader().resourceTimingInformation().addResourceTiming(*m_resource, *document, WTFMove(resourceTiming));
 }
 
+const HTTPHeaderMap* SubresourceLoader::originalHeaders() const
+{
+    return (m_resource  && m_resource->originalRequest()) ? &m_resource->originalRequest()->httpHeaderFields() : nullptr;
+}
+
 }
index 1959845..c673818 100644 (file)
@@ -50,6 +50,7 @@ public:
     void cancelIfNotFinishing();
     bool isSubresourceLoader() const override;
     CachedResource* cachedResource();
+    WEBCORE_EXPORT const HTTPHeaderMap* originalHeaders() const;
 
     SecurityOrigin* origin() { return m_origin.get(); }
 #if PLATFORM(IOS)
index ef90eab..bc64ebb 100644 (file)
@@ -54,9 +54,8 @@ ThreadableLoaderOptions::ThreadableLoaderOptions(FetchOptions&& baseOptions)
 {
 }
 
-ThreadableLoaderOptions::ThreadableLoaderOptions(const ResourceLoaderOptions& baseOptions, PreflightPolicy preflightPolicy, ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement, String&& initiator, ResponseFilteringPolicy filteringPolicy)
+ThreadableLoaderOptions::ThreadableLoaderOptions(const ResourceLoaderOptions& baseOptions, ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement, String&& initiator, ResponseFilteringPolicy filteringPolicy)
     : ResourceLoaderOptions(baseOptions)
-    , preflightPolicy(preflightPolicy)
     , contentSecurityPolicyEnforcement(contentSecurityPolicyEnforcement)
     , initiator(WTFMove(initiator))
     , filteringPolicy(filteringPolicy)
@@ -93,9 +92,9 @@ ThreadableLoaderOptions ThreadableLoaderOptions::isolatedCopy() const
     copy.derivedCachedDataTypesToRetrieve.reserveInitialCapacity(this->derivedCachedDataTypesToRetrieve.size());
     for (auto& derivedCachedDataType : this->derivedCachedDataTypesToRetrieve)
         copy.derivedCachedDataTypesToRetrieve.uncheckedAppend(derivedCachedDataType.isolatedCopy());
+    copy.preflightPolicy = this->preflightPolicy;
 
     // ThreadableLoaderOptions
-    copy.preflightPolicy = this->preflightPolicy;
     copy.contentSecurityPolicyEnforcement = this->contentSecurityPolicyEnforcement;
     copy.initiator = this->initiator.isolatedCopy();
     copy.filteringPolicy = this->filteringPolicy;
index 421e39c..861748b 100644 (file)
@@ -43,12 +43,6 @@ namespace WebCore {
     class ScriptExecutionContext;
     class ThreadableLoaderClient;
 
-    enum PreflightPolicy {
-        ConsiderPreflight,
-        ForcePreflight,
-        PreventPreflight
-    };
-
     enum class ContentSecurityPolicyEnforcement {
         DoNotEnforce,
         EnforceChildSrcDirective,
@@ -64,12 +58,11 @@ namespace WebCore {
     struct ThreadableLoaderOptions : ResourceLoaderOptions {
         ThreadableLoaderOptions();
         explicit ThreadableLoaderOptions(FetchOptions&&);
-        ThreadableLoaderOptions(const ResourceLoaderOptions&, PreflightPolicy, ContentSecurityPolicyEnforcement, String&& initiator, ResponseFilteringPolicy);
+        ThreadableLoaderOptions(const ResourceLoaderOptions&, ContentSecurityPolicyEnforcement, String&& initiator, ResponseFilteringPolicy);
         ~ThreadableLoaderOptions();
 
         ThreadableLoaderOptions isolatedCopy() const;
 
-        PreflightPolicy preflightPolicy { ConsiderPreflight };
         ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement { ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective };
         String initiator; // This cannot be an AtomicString, as isolatedCopy() wouldn't create an object that's safe for passing to another thread.
         ResponseFilteringPolicy filteringPolicy { ResponseFilteringPolicy::Disable };
index 6636252..f16ce5f 100644 (file)
@@ -100,7 +100,7 @@ void EventSource::connect()
     ThreadableLoaderOptions options;
     options.sendLoadCallbacks = SendCallbacks;
     options.credentials = m_withCredentials ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
-    options.preflightPolicy = PreventPreflight;
+    options.preflightPolicy = PreflightPolicy::Prevent;
     options.mode = FetchOptions::Mode::Cors;
     options.cache = FetchOptions::Cache::NoStore;
     options.dataBufferingPolicy = DoNotBufferData;
index 6c482d2..8cea223 100644 (file)
@@ -583,7 +583,7 @@ ExceptionOr<void> XMLHttpRequest::createRequest()
     options.sendLoadCallbacks = SendCallbacks;
     // The presence of upload event listeners forces us to use preflighting because POSTing to an URL that does not
     // permit cross origin requests should look exactly like POSTing to an URL that does not respond at all.
-    options.preflightPolicy = m_uploadListenerFlag ? ForcePreflight : ConsiderPreflight;
+    options.preflightPolicy = m_uploadListenerFlag ? PreflightPolicy::Force : PreflightPolicy::Consider;
     options.credentials = m_includeCredentials ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
     options.mode = FetchOptions::Mode::Cors;
     options.contentSecurityPolicyEnforcement = scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy() ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective;
index a98d966..447e037 100644 (file)
@@ -1,3 +1,34 @@
+2018-04-23  Youenn Fablet  <youenn@apple.com>
+
+        Make WebLoaderStrategy send to NetworkResourceLoader necessary parameters to handle full loads in NetworkProcess
+        https://bugs.webkit.org/show_bug.cgi?id=184763
+
+        Reviewed by Chris Dumez.
+
+        Set all required NetworkResourceLoadParameters for asynchronous loads.
+        This includes preflight policy, CSP response headers, SecurityOrigin and content blockers identifier.
+
+        Update NetworkLoadChecker to handle preflight policy.
+        This is not needed right now since sync XHR and ping loads are using the default ConsiderPreflight policy.
+        But this will be needed for XHR/fetch/EventSource loads. 
+
+        * NetworkProcess/NetworkLoadChecker.cpp:
+        (WebKit::NetworkLoadChecker::NetworkLoadChecker):
+        (WebKit::NetworkLoadChecker::checkRedirection):
+        (WebKit::NetworkLoadChecker::validateResponse):
+        (WebKit::NetworkLoadChecker::checkCORSRequest):
+        * NetworkProcess/NetworkLoadChecker.h:
+        (WebKit::NetworkLoadChecker::create):
+        * NetworkProcess/NetworkResourceLoadParameters.cpp:
+        (WebKit::NetworkResourceLoadParameters::encode const):
+        (WebKit::NetworkResourceLoadParameters::decode):
+        * NetworkProcess/NetworkResourceLoadParameters.h:
+        * NetworkProcess/NetworkResourceLoader.cpp:
+        * NetworkProcess/PingLoad.cpp:
+        (WebKit::PingLoad::PingLoad):
+        * WebProcess/Network/WebLoaderStrategy.cpp:
+        (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
+
 2018-04-23  Wenson Hsieh  <wenson_hsieh@apple.com>
 
         [Extra zoom mode] REGRESSION(230860) Unable to change time input values using UI
index 62d05de..e6e14da 100644 (file)
@@ -41,12 +41,13 @@ namespace WebKit {
 
 using namespace WebCore;
 
-NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin)
+NetworkLoadChecker::NetworkLoadChecker(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalRequestHeaders, URL&& url, RefPtr<SecurityOrigin>&& sourceOrigin, PreflightPolicy preflightPolicy)
     : m_options(WTFMove(options))
     , m_sessionID(sessionID)
     , m_originalRequestHeaders(WTFMove(originalRequestHeaders))
     , m_url(WTFMove(url))
     , m_origin(WTFMove(sourceOrigin))
+    , m_preflightPolicy(preflightPolicy)
 {
     if (m_options.mode == FetchOptions::Mode::Cors || m_options.mode == FetchOptions::Mode::SameOrigin)
         m_isSameOriginRequest = m_url.protocolIsData() || m_url.protocolIsBlob() || m_origin->canRequest(m_url);
@@ -192,12 +193,21 @@ void NetworkLoadChecker::checkCORSRequest(ResourceRequest&& request, ValidationH
     ASSERT(m_options.mode == FetchOptions::Mode::Cors);
 
     // Except in case where preflight is needed, loading should be able to continue on its own.
-    if (m_isSimpleRequest && isSimpleCrossOriginAccessRequest(request.httpMethod(), m_originalRequestHeaders)) {
+    switch (m_preflightPolicy) {
+    case PreflightPolicy::Force:
+        checkCORSRequestWithPreflight(WTFMove(request), WTFMove(handler));
+        break;
+    case PreflightPolicy::Consider:
+        if (!m_isSimpleRequest || !isSimpleCrossOriginAccessRequest(request.httpMethod(), m_originalRequestHeaders)) {
+            checkCORSRequestWithPreflight(WTFMove(request), WTFMove(handler));
+            return;
+        }
+        FALLTHROUGH;
+    case PreflightPolicy::Prevent:
         updateRequestForAccessControl(request, *m_origin, m_storedCredentialsPolicy);
         handler(WTFMove(request));
-        return;
+        break;
     }
-    checkCORSRequestWithPreflight(WTFMove(request), WTFMove(handler));
 }
 
 void NetworkLoadChecker::checkCORSRedirectedRequest(ResourceRequest&& request, ValidationHandler&& handler)
index 5fac363..f4b907d 100644 (file)
@@ -42,9 +42,9 @@ class NetworkCORSPreflightChecker;
 
 class NetworkLoadChecker : public RefCounted<NetworkLoadChecker> {
 public:
-    static Ref<NetworkLoadChecker> create(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin)
+    static Ref<NetworkLoadChecker> create(WebCore::FetchOptions&& options, PAL::SessionID sessionID, WebCore::HTTPHeaderMap&& originalHeaders, WebCore::URL&& url, RefPtr<WebCore::SecurityOrigin>&& sourceOrigin, WebCore::PreflightPolicy preflightPolicy)
     {
-        return adoptRef(*new NetworkLoadChecker { WTFMove(options), sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin) });
+        return adoptRef(*new NetworkLoadChecker { WTFMove(options), sessionID, WTFMove(originalHeaders), WTFMove(url), WTFMove(sourceOrigin), preflightPolicy });
     }
     ~NetworkLoadChecker();
 
@@ -68,7 +68,7 @@ public:
     WebCore::StoredCredentialsPolicy storedCredentialsPolicy() const { return m_storedCredentialsPolicy; }
 
 private:
-    NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&);
+    NetworkLoadChecker(WebCore::FetchOptions&&, PAL::SessionID, WebCore::HTTPHeaderMap&&, WebCore::URL&&, RefPtr<WebCore::SecurityOrigin>&&, WebCore::PreflightPolicy);
 
     WebCore::ContentSecurityPolicy* contentSecurityPolicy() const;
     bool isChecking() const { return !!m_corsPreflightChecker; }
@@ -108,6 +108,7 @@ private:
     mutable std::unique_ptr<WebCore::ContentSecurityPolicy> m_contentSecurityPolicy;
     size_t m_redirectCount { 0 };
     WebCore::URL m_previousURL;
+    WebCore::PreflightPolicy m_preflightPolicy;
 };
 
 }
index 79c827c..6f57a04 100644 (file)
@@ -92,12 +92,14 @@ void NetworkResourceLoadParameters::encode(IPC::Encoder& encoder) const
     encoder << cspResponseHeaders;
     encoder << originalRequestHeaders;
 
+    encoder << shouldRestrictHTTPResponseAccess;
+
+    encoder.encodeEnum(preflightPolicy);
+
 #if ENABLE(CONTENT_EXTENSIONS)
     encoder << mainDocumentURL;
     encoder << userContentControllerIdentifier;
 #endif
-
-    encoder << shouldRestrictHTTPResponseAccess;
 }
 
 bool NetworkResourceLoadParameters::decode(IPC::Decoder& decoder, NetworkResourceLoadParameters& result)
@@ -187,6 +189,15 @@ bool NetworkResourceLoadParameters::decode(IPC::Decoder& decoder, NetworkResourc
     if (!decoder.decode(result.originalRequestHeaders))
         return false;
 
+    std::optional<bool> shouldRestrictHTTPResponseAccess;
+    decoder >> shouldRestrictHTTPResponseAccess;
+    if (!shouldRestrictHTTPResponseAccess)
+        return false;
+    result.shouldRestrictHTTPResponseAccess = *shouldRestrictHTTPResponseAccess;
+
+    if (!decoder.decodeEnum(result.preflightPolicy))
+        return false;
+
 #if ENABLE(CONTENT_EXTENSIONS)
     if (!decoder.decode(result.mainDocumentURL))
         return false;
@@ -198,12 +209,6 @@ bool NetworkResourceLoadParameters::decode(IPC::Decoder& decoder, NetworkResourc
     result.userContentControllerIdentifier = *userContentControllerIdentifier;
 #endif
 
-    std::optional<bool> shouldRestrictHTTPResponseAccess;
-    decoder >> shouldRestrictHTTPResponseAccess;
-    if (!shouldRestrictHTTPResponseAccess)
-        return false;
-    result.shouldRestrictHTTPResponseAccess = *shouldRestrictHTTPResponseAccess;
-
     return true;
 }
     
index 74290ce..e5e99d5 100644 (file)
@@ -60,6 +60,7 @@ public:
     std::optional<WebCore::ContentSecurityPolicyResponseHeaders> cspResponseHeaders;
     WebCore::HTTPHeaderMap originalRequestHeaders;
     bool shouldRestrictHTTPResponseAccess { false };
+    WebCore::PreflightPolicy preflightPolicy { WebCore::PreflightPolicy::Consider };
 
 #if ENABLE(CONTENT_EXTENSIONS)
     WebCore::URL mainDocumentURL;
index b370036..40d119a 100644 (file)
@@ -127,7 +127,7 @@ NetworkResourceLoader::NetworkResourceLoader(NetworkResourceLoadParameters&& par
     }
 
     if (shouldUseNetworkLoadChecker(!!synchronousReply, m_parameters)) {
-        m_networkLoadChecker = NetworkLoadChecker::create(FetchOptions { m_parameters.options }, m_parameters.sessionID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef());
+        m_networkLoadChecker = NetworkLoadChecker::create(FetchOptions { m_parameters.options }, m_parameters.sessionID, HTTPHeaderMap { m_parameters.originalRequestHeaders }, URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy);
         if (m_parameters.cspResponseHeaders)
             m_networkLoadChecker->setCSPResponseHeaders(ContentSecurityPolicyResponseHeaders { m_parameters.cspResponseHeaders.value() });
 #if ENABLE(CONTENT_EXTENSIONS)
index 3efbadb..d8ca72a 100644 (file)
@@ -42,7 +42,7 @@ PingLoad::PingLoad(NetworkResourceLoadParameters&& parameters, WTF::CompletionHa
     : m_parameters(WTFMove(parameters))
     , m_completionHandler(WTFMove(completionHandler))
     , m_timeoutTimer(*this, &PingLoad::timeoutTimerFired)
-    , m_networkLoadChecker(NetworkLoadChecker::create(FetchOptions { m_parameters.options}, m_parameters.sessionID, WTFMove(m_parameters.originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef()))
+    , m_networkLoadChecker(NetworkLoadChecker::create(FetchOptions { m_parameters.options}, m_parameters.sessionID, WTFMove(m_parameters.originalRequestHeaders), URL { m_parameters.request.url() }, m_parameters.sourceOrigin.copyRef(), m_parameters.preflightPolicy))
 {
 
     if (m_parameters.cspResponseHeaders)
index bbbabc6..0d475b7 100644 (file)
@@ -274,6 +274,32 @@ void WebLoaderStrategy::scheduleLoadFromNetworkProcess(ResourceLoader& resourceL
     loadParameters.maximumBufferingTime = maximumBufferingTime;
     loadParameters.derivedCachedDataTypesToRetrieve = resourceLoader.options().derivedCachedDataTypesToRetrieve;
     loadParameters.options = resourceLoader.options();
+    loadParameters.preflightPolicy = resourceLoader.options().preflightPolicy;
+
+    auto* document = resourceLoader.frame() ? resourceLoader.frame()->document() : nullptr;
+    if (resourceLoader.options().cspResponseHeaders)
+        loadParameters.cspResponseHeaders = resourceLoader.options().cspResponseHeaders;
+    else if (document && !document->shouldBypassMainWorldContentSecurityPolicy()) {
+        if (auto* contentSecurityPolicy = document->contentSecurityPolicy())
+            loadParameters.cspResponseHeaders = contentSecurityPolicy->responseHeaders();
+    }
+
+    if (resourceLoader.isSubresourceLoader()) {
+        if (auto* headers = static_cast<SubresourceLoader&>(resourceLoader).originalHeaders())
+            loadParameters.originalRequestHeaders = *headers;
+    }
+
+#if ENABLE(CONTENT_EXTENSIONS)
+    if (document) {
+        loadParameters.mainDocumentURL = document->topDocument().url();
+        // FIXME: Instead of passing userContentControllerIdentifier, the NetworkProcess should be able to get it using webPageId.
+        auto* webFrameLoaderClient = toWebFrameLoaderClient(resourceLoader.frame()->loader().client());
+        auto* webFrame = webFrameLoaderClient ? webFrameLoaderClient->webFrame() : nullptr;
+        auto* webPage = webFrame ? webFrame->page() : nullptr;
+        if (webPage)
+            loadParameters.userContentControllerIdentifier = webPage->userContentControllerIdentifier();
+    }
+#endif
 
     if (loadParameters.options.mode != FetchOptions::Mode::Navigate) {
         // FIXME: All loaders should provide their origin if navigation mode is cors/no-cors/same-origin.