Source/WebCore/loader/PingLoader.cpp

   1 /*
   2  * Copyright (C) 2010 Google Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions are
   6  * met:
   7  *
   8  *     * Redistributions of source code must retain the above copyright
   9  * notice, this list of conditions and the following disclaimer.
  10  *     * Redistributions in binary form must reproduce the above
  11  * copyright notice, this list of conditions and the following disclaimer
  12  * in the documentation and/or other materials provided with the
  13  * distribution.
  14  *     * Neither the name of Google Inc. nor the names of its
  15  * contributors may be used to endorse or promote products derived from
  16  * this software without specific prior written permission.
  17  *
  18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29  *
  30  */
  31
  32 #include "config.h"
  33 #include "PingLoader.h"
  34
  35 #include "Document.h"
  36 #include "FormData.h"
  37 #include "Frame.h"
  38 #include "FrameLoaderClient.h"
  39 #include "InspectorInstrumentation.h"
  40 #include "Page.h"
  41 #include "ProgressTracker.h"
  42 #include "ResourceHandle.h"
  43 #include "SecurityOrigin.h"
  44 #include "SecurityPolicy.h"
  45 #include <wtf/OwnPtr.h>
  46 #include <wtf/UnusedParam.h>
  47 #include <wtf/text/CString.h>
  48
  49 namespace WebCore {
  50
  51 void PingLoader::loadImage(Frame* frame, const KURL& url)
  52 {
  53     if (!frame->document()->securityOrigin()->canDisplay(url)) {
  54         FrameLoader::reportLocalLoadFailed(frame, url);
  55         return;
  56     }
  57
  58     ResourceRequest request(url);
  59 #if PLATFORM(CHROMIUM)
  60     request.setTargetType(ResourceRequest::TargetIsImage);
  61 #endif
  62     request.setHTTPHeaderField("Cache-Control", "max-age=0");
  63     String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), request.url(), frame->loader()->outgoingReferrer());
  64     if (!referrer.isEmpty())
  65         request.setHTTPReferrer(referrer);
  66     frame->loader()->addExtraFieldsToSubresourceRequest(request);
  67     OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
  68
  69     // Leak the ping loader, since it will kill itself as soon as it receives a response.
  70     PingLoader* leakedPingLoader = pingLoader.leakPtr();
  71     UNUSED_PARAM(leakedPingLoader);
  72 }
  73
  74 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
  75 void PingLoader::sendPing(Frame* frame, const KURL& pingURL, const KURL& destinationURL)
  76 {
  77     ResourceRequest request(pingURL);
  78 #if PLATFORM(CHROMIUM)
  79     request.setTargetType(ResourceRequest::TargetIsSubresource);
  80 #endif
  81     request.setHTTPMethod("POST");
  82     request.setHTTPContentType("text/ping");
  83     request.setHTTPBody(FormData::create("PING"));
  84     request.setHTTPHeaderField("Cache-Control", "max-age=0");
  85     frame->loader()->addExtraFieldsToSubresourceRequest(request);
  86
  87     SecurityOrigin* sourceOrigin = frame->document()->securityOrigin();
  88     RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL);
  89     FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString());
  90     request.setHTTPHeaderField("Ping-To", destinationURL);
  91     if (!SecurityPolicy::shouldHideReferrer(pingURL, frame->loader()->outgoingReferrer())) {
  92       request.setHTTPHeaderField("Ping-From", frame->document()->url());
  93       if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get())) {
  94           String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), pingURL, frame->loader()->outgoingReferrer());
  95           if (!referrer.isEmpty())
  96               request.setHTTPReferrer(referrer);
  97       }
  98     }
  99     OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
 100
 101     // Leak the ping loader, since it will kill itself as soon as it receives a response.
 102     PingLoader* leakedPingLoader = pingLoader.leakPtr();
 103     UNUSED_PARAM(leakedPingLoader);
 104 }
 105
 106 void PingLoader::reportContentSecurityPolicyViolation(Frame* frame, const KURL& reportURL, PassRefPtr<FormData> report)
 107 {
 108     ResourceRequest request(reportURL);
 109 #if PLATFORM(CHROMIUM)
 110     request.setTargetType(ResourceRequest::TargetIsSubresource);
 111 #endif
 112     request.setHTTPMethod("POST");
 113     request.setHTTPContentType("application/x-www-form-urlencoded");
 114     request.setHTTPBody(report);
 115     frame->loader()->addExtraFieldsToSubresourceRequest(request);
 116
 117     String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), reportURL, frame->loader()->outgoingReferrer());
 118     if (!referrer.isEmpty())
 119         request.setHTTPReferrer(referrer);
 120     OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
 121
 122     // Leak the ping loader, since it will kill itself as soon as it receives a response.
 123     PingLoader* leakedPingLoader = pingLoader.leakPtr();
 124     UNUSED_PARAM(leakedPingLoader);
 125 }
 126
 127 PingLoader::PingLoader(Frame* frame, ResourceRequest& request)
 128     : m_timeout(this, &PingLoader::timeout)
 129 {
 130     unsigned long identifier = frame->page()->progress()->createUniqueIdentifier();
 131     // FIXME: Why activeDocumentLoader? I would have expected documentLoader().
 132     // Itseems like the PingLoader should be associated with the current
 133     // Document in the Frame, but the activeDocumentLoader will be associated
 134     // with the provisional DocumentLoader if there is a provisional
 135     // DocumentLoader.
 136     m_shouldUseCredentialStorage = frame->loader()->client()->shouldUseCredentialStorage(frame->loader()->activeDocumentLoader(), identifier);
 137     m_handle = ResourceHandle::create(frame->loader()->networkingContext(), request, this, false, false);
 138
 139     InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame->loader()->activeDocumentLoader(), request, ResourceResponse());
 140
 141     // If the server never responds, FrameLoader won't be able to cancel this load and
 142     // we'll sit here waiting forever. Set a very generous timeout, just in case.
 143     m_timeout.startOneShot(60000);
 144 }
 145
 146 PingLoader::~PingLoader()
 147 {
 148     if (m_handle)
 149         m_handle->cancel();
 150 }
 151
 152 }