Merge parseAccessControlExposeHeadersAllowList into parseAccessControlAllowList
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Dec 2018 08:00:27 +0000 (08:00 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Dec 2018 08:00:27 +0000 (08:00 +0000)
https://bugs.webkit.org/show_bug.cgi?id=192288

Patch by Rob Buis <rbuis@igalia.com> on 2018-12-19
Reviewed by Frédéric Wang.

Prefer return value to out parameter for parseAccessControlAllowList.

* loader/CrossOriginPreflightResultCache.cpp:
(WebCore::CrossOriginPreflightResultCacheItem::parse):
* platform/network/HTTPParsers.h:
(WebCore::parseAccessControlAllowList):
* platform/network/ResourceResponseBase.cpp:
(WebCore::ResourceResponseBase::filter):
(WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@239372 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/loader/CrossOriginPreflightResultCache.cpp
Source/WebCore/platform/network/HTTPParsers.h
Source/WebCore/platform/network/ResourceResponseBase.cpp

index 2c809d0..e9e7b80 100644 (file)
@@ -1,3 +1,20 @@
+2018-12-19  Rob Buis  <rbuis@igalia.com>
+
+        Merge parseAccessControlExposeHeadersAllowList into parseAccessControlAllowList
+        https://bugs.webkit.org/show_bug.cgi?id=192288
+
+        Reviewed by Frédéric Wang.
+
+        Prefer return value to out parameter for parseAccessControlAllowList.
+
+        * loader/CrossOriginPreflightResultCache.cpp:
+        (WebCore::CrossOriginPreflightResultCacheItem::parse):
+        * platform/network/HTTPParsers.h:
+        (WebCore::parseAccessControlAllowList):
+        * platform/network/ResourceResponseBase.cpp:
+        (WebCore::ResourceResponseBase::filter):
+        (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
+
 2018-12-18  Zan Dobersek  <zdobersek@igalia.com>
 
         REGRESSION(r235165): [GTK][WPE] Garbled rendering on GitLab
index 9d45b37..5d6e201 100644 (file)
@@ -54,11 +54,8 @@ static bool parseAccessControlMaxAge(const String& string, Seconds& expiryDelta)
 
 bool CrossOriginPreflightResultCacheItem::parse(const ResourceResponse& response)
 {
-    m_methods.clear();
-    parseAccessControlAllowList(response.httpHeaderField(HTTPHeaderName::AccessControlAllowMethods), m_methods);
-
-    m_headers.clear();
-    parseAccessControlAllowList<ASCIICaseInsensitiveHash>(response.httpHeaderField(HTTPHeaderName::AccessControlAllowHeaders), m_headers);
+    m_methods = parseAccessControlAllowList(response.httpHeaderField(HTTPHeaderName::AccessControlAllowMethods));
+    m_headers = parseAccessControlAllowList<ASCIICaseInsensitiveHash>(response.httpHeaderField(HTTPHeaderName::AccessControlAllowHeaders));
 
     Seconds expiryDelta = 0_s;
     if (parseAccessControlMaxAge(response.httpHeaderField(HTTPHeaderName::AccessControlMaxAge), expiryDelta)) {
index 0c9fd97..28fdfda 100644 (file)
@@ -149,8 +149,9 @@ void addToAccessControlAllowList(const String& string, unsigned start, unsigned
 }
 
 template<class HashType = DefaultHash<String>::Hash>
-void parseAccessControlAllowList(const String& string, HashSet<String, HashType>& set)
+HashSet<String, HashType> parseAccessControlAllowList(const String& string)
 {
+    HashSet<String, HashType> set;
     unsigned start = 0;
     size_t end;
     while ((end = string.find(',', start)) != notFound) {
@@ -160,6 +161,7 @@ void parseAccessControlAllowList(const String& string, HashSet<String, HashType>
     }
     if (start != string.length())
         addToAccessControlAllowList(string, start, string.length() - 1, set);
+    return set;
 }
 
 }
index f32de8c..4ee0c01 100644 (file)
@@ -163,8 +163,7 @@ ResourceResponse ResourceResponseBase::filter(const ResourceResponse& response)
     ASSERT(response.tainting() == Tainting::Cors);
     filteredResponse.setType(Type::Cors);
 
-    HTTPHeaderSet accessControlExposeHeaderSet;
-    parseAccessControlAllowList(response.httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders), accessControlExposeHeaderSet);
+    auto accessControlExposeHeaderSet = parseAccessControlAllowList<ASCIICaseInsensitiveHash>(response.httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders));
     filteredResponse.m_httpHeaderFields.uncommonHeaders().removeAllMatching([&](auto& entry) {
         return !isCrossOriginSafeHeader(entry.key, accessControlExposeHeaderSet);
     });
@@ -431,8 +430,7 @@ void ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting()
             if (isSafeCrossOriginResponseHeader(header.key))
                 filteredHeaders.add(header.key, WTFMove(header.value));
         }
-        HTTPHeaderSet corsSafeHeaderSet;
-        parseAccessControlAllowList(httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders), corsSafeHeaderSet);
+        auto corsSafeHeaderSet = parseAccessControlAllowList<ASCIICaseInsensitiveHash>(httpHeaderField(HTTPHeaderName::AccessControlExposeHeaders));
         for (auto& headerName : corsSafeHeaderSet) {
             if (!filteredHeaders.contains(headerName)) {
                 auto value = m_httpHeaderFields.get(headerName);