1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resource-loading
7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
12 #include "base/bind.h"
13 #include "base/bind_helpers.h"
14 #include "base/command_line.h"
15 #include "base/compiler_specific.h"
16 #include "base/debug/alias.h"
17 #include "base/logging.h"
18 #include "base/memory/scoped_ptr.h"
19 #include "base/memory/shared_memory.h"
20 #include "base/message_loop/message_loop.h"
21 #include "base/metrics/histogram.h"
22 #include "base/metrics/sparse_histogram.h"
23 #include "base/stl_util.h"
24 #include "base/third_party/dynamic_annotations/dynamic_annotations.h"
25 #include "content/browser/appcache/chrome_appcache_service.h"
26 #include "content/browser/cert_store_impl.h"
27 #include "content/browser/child_process_security_policy_impl.h"
28 #include "content/browser/cross_site_request_manager.h"
29 #include "content/browser/download/download_resource_handler.h"
30 #include "content/browser/download/save_file_manager.h"
31 #include "content/browser/download/save_file_resource_handler.h"
32 #include "content/browser/fileapi/chrome_blob_storage_context.h"
33 #include "content/browser/loader/async_resource_handler.h"
34 #include "content/browser/loader/buffered_resource_handler.h"
35 #include "content/browser/loader/cross_site_resource_handler.h"
36 #include "content/browser/loader/power_save_block_resource_throttle.h"
37 #include "content/browser/loader/redirect_to_file_resource_handler.h"
38 #include "content/browser/loader/resource_message_filter.h"
39 #include "content/browser/loader/resource_request_info_impl.h"
40 #include "content/browser/loader/stream_resource_handler.h"
41 #include "content/browser/loader/sync_resource_handler.h"
42 #include "content/browser/loader/throttling_resource_handler.h"
43 #include "content/browser/loader/upload_data_stream_builder.h"
44 #include "content/browser/plugin_service_impl.h"
45 #include "content/browser/renderer_host/render_view_host_delegate.h"
46 #include "content/browser/renderer_host/render_view_host_impl.h"
47 #include "content/browser/resource_context_impl.h"
48 #include "content/browser/streams/stream.h"
49 #include "content/browser/streams/stream_context.h"
50 #include "content/browser/streams/stream_registry.h"
51 #include "content/browser/worker_host/worker_service_impl.h"
52 #include "content/common/resource_messages.h"
53 #include "content/common/ssl_status_serialization.h"
54 #include "content/common/view_messages.h"
55 #include "content/public/browser/browser_thread.h"
56 #include "content/public/browser/content_browser_client.h"
57 #include "content/public/browser/download_manager.h"
58 #include "content/public/browser/download_url_parameters.h"
59 #include "content/public/browser/global_request_id.h"
60 #include "content/public/browser/resource_dispatcher_host_delegate.h"
61 #include "content/public/browser/resource_request_details.h"
62 #include "content/public/browser/resource_throttle.h"
63 #include "content/public/browser/stream_handle.h"
64 #include "content/public/browser/user_metrics.h"
65 #include "content/public/common/content_switches.h"
66 #include "content/public/common/process_type.h"
67 #include "content/public/common/url_constants.h"
68 #include "ipc/ipc_message_macros.h"
69 #include "ipc/ipc_message_start.h"
70 #include "net/base/auth.h"
71 #include "net/base/load_flags.h"
72 #include "net/base/mime_util.h"
73 #include "net/base/net_errors.h"
74 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
75 #include "net/base/request_priority.h"
76 #include "net/base/upload_data_stream.h"
77 #include "net/cert/cert_status_flags.h"
78 #include "net/cookies/cookie_monster.h"
79 #include "net/http/http_response_headers.h"
80 #include "net/http/http_response_info.h"
81 #include "net/ssl/ssl_cert_request_info.h"
82 #include "net/url_request/url_request.h"
83 #include "net/url_request/url_request_context.h"
84 #include "net/url_request/url_request_job_factory.h"
85 #include "webkit/browser/appcache/appcache_interceptor.h"
86 #include "webkit/common/blob/blob_data.h"
87 #include "webkit/browser/blob/blob_data_handle.h"
88 #include "webkit/browser/blob/blob_storage_context.h"
89 #include "webkit/browser/blob/blob_url_request_job_factory.h"
90 #include "webkit/browser/fileapi/file_permission_policy.h"
91 #include "webkit/browser/fileapi/file_system_context.h"
92 #include "webkit/common/appcache/appcache_interfaces.h"
93 #include "webkit/common/blob/shareable_file_reference.h"
94 #include "webkit/common/resource_request_body.h"
97 using base::TimeDelta;
98 using base::TimeTicks;
99 using webkit_blob::ShareableFileReference;
100 using webkit_glue::ResourceRequestBody;
102 // ----------------------------------------------------------------------------
108 static ResourceDispatcherHostImpl* g_resource_dispatcher_host;
110 // The interval for calls to ResourceDispatcherHostImpl::UpdateLoadStates
111 const int kUpdateLoadStatesIntervalMsec = 100;
113 // Maximum byte "cost" of all the outstanding requests for a renderer.
114 // See delcaration of |max_outstanding_requests_cost_per_process_| for details.
115 // This bound is 25MB, which allows for around 6000 outstanding requests.
116 const int kMaxOutstandingRequestsCostPerProcess = 26214400;
118 // The number of milliseconds after noting a user gesture that we will
119 // tag newly-created URLRequest objects with the
120 // net::LOAD_MAYBE_USER_GESTURE load flag. This is a fairly arbitrary
121 // guess at how long to expect direct impact from a user gesture, but
122 // this should be OK as the load flag is a best-effort thing only,
123 // rather than being intended as fully accurate.
124 const int kUserGestureWindowMs = 3500;
126 // Ratio of |max_num_in_flight_requests_| that any one renderer is allowed to
127 // use. Arbitrarily chosen.
128 const double kMaxRequestsPerProcessRatio = 0.45;
130 // Aborts a request before an URLRequest has actually been created.
131 void AbortRequestBeforeItStarts(ResourceMessageFilter* filter,
132 IPC::Message* sync_result,
135 SyncLoadResult result;
136 result.error_code = net::ERR_ABORTED;
137 ResourceHostMsg_SyncLoad::WriteReplyParams(sync_result, result);
138 filter->Send(sync_result);
140 // Tell the renderer that this request was disallowed.
141 filter->Send(new ResourceMsg_RequestComplete(
145 std::string(), // No security info needed, connection not established.
150 void SetReferrerForRequest(net::URLRequest* request, const Referrer& referrer) {
151 if (!referrer.url.is_valid() ||
152 CommandLine::ForCurrentProcess()->HasSwitch(switches::kNoReferrers)) {
153 request->SetReferrer(std::string());
155 request->SetReferrer(referrer.url.spec());
158 net::URLRequest::ReferrerPolicy net_referrer_policy =
159 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE;
160 switch (referrer.policy) {
161 case WebKit::WebReferrerPolicyDefault:
162 net_referrer_policy =
163 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE;
165 case WebKit::WebReferrerPolicyAlways:
166 case WebKit::WebReferrerPolicyNever:
167 case WebKit::WebReferrerPolicyOrigin:
168 net_referrer_policy = net::URLRequest::NEVER_CLEAR_REFERRER;
171 request->set_referrer_policy(net_referrer_policy);
174 // Consults the RendererSecurity policy to determine whether the
175 // ResourceDispatcherHostImpl should service this request. A request might be
176 // disallowed if the renderer is not authorized to retrieve the request URL or
177 // if the renderer is attempting to upload an unauthorized file.
178 bool ShouldServiceRequest(int process_type,
180 const ResourceHostMsg_Request& request_data,
181 fileapi::FileSystemContext* file_system_context) {
182 if (process_type == PROCESS_TYPE_PLUGIN)
185 ChildProcessSecurityPolicyImpl* policy =
186 ChildProcessSecurityPolicyImpl::GetInstance();
188 // Check if the renderer is permitted to request the requested URL.
189 if (!policy->CanRequestURL(child_id, request_data.url)) {
190 VLOG(1) << "Denied unauthorized request for "
191 << request_data.url.possibly_invalid_spec();
195 // Check if the renderer is permitted to upload the requested files.
196 if (request_data.request_body.get()) {
197 const std::vector<ResourceRequestBody::Element>* uploads =
198 request_data.request_body->elements();
199 std::vector<ResourceRequestBody::Element>::const_iterator iter;
200 for (iter = uploads->begin(); iter != uploads->end(); ++iter) {
201 if (iter->type() == ResourceRequestBody::Element::TYPE_FILE &&
202 !policy->CanReadFile(child_id, iter->path())) {
203 NOTREACHED() << "Denied unauthorized upload of "
204 << iter->path().value();
207 if (iter->type() == ResourceRequestBody::Element::TYPE_FILE_FILESYSTEM) {
208 fileapi::FileSystemURL url =
209 file_system_context->CrackURL(iter->filesystem_url());
210 if (!policy->CanReadFileSystemFile(child_id, url)) {
211 NOTREACHED() << "Denied unauthorized upload of "
212 << iter->filesystem_url().spec();
222 void RemoveDownloadFileFromChildSecurityPolicy(int child_id,
223 const base::FilePath& path) {
224 ChildProcessSecurityPolicyImpl::GetInstance()->RevokeAllPermissionsForFile(
229 #pragma warning(disable: 4748)
230 #pragma optimize("", off)
234 #pragma optimize("", on)
235 #pragma warning(default: 4748)
238 net::Error CallbackAndReturn(
239 const DownloadUrlParameters::OnStartedCallback& started_cb,
240 net::Error net_error) {
241 if (started_cb.is_null())
243 BrowserThread::PostTask(
244 BrowserThread::UI, FROM_HERE,
245 base::Bind(started_cb, static_cast<DownloadItem*>(NULL), net_error));
250 int GetCertID(net::URLRequest* request, int child_id) {
251 if (request->ssl_info().cert.get()) {
252 return CertStore::GetInstance()->StoreCert(request->ssl_info().cert.get(),
258 void NotifyRedirectOnUI(int render_process_id,
260 scoped_ptr<ResourceRedirectDetails> details) {
261 RenderViewHostImpl* host =
262 RenderViewHostImpl::FromID(render_process_id, render_view_id);
266 RenderViewHostDelegate* delegate = host->GetDelegate();
267 delegate->DidGetRedirectForResourceRequest(*details.get());
270 void NotifyResponseOnUI(int render_process_id,
272 scoped_ptr<ResourceRequestDetails> details) {
273 RenderViewHostImpl* host =
274 RenderViewHostImpl::FromID(render_process_id, render_view_id);
278 RenderViewHostDelegate* delegate = host->GetDelegate();
279 delegate->DidGetResourceResponseStart(*details.get());
285 ResourceDispatcherHost* ResourceDispatcherHost::Get() {
286 return g_resource_dispatcher_host;
289 ResourceDispatcherHostImpl::ResourceDispatcherHostImpl()
290 : save_file_manager_(new SaveFileManager()),
293 num_in_flight_requests_(0),
294 max_num_in_flight_requests_(base::SharedMemory::GetHandleLimit()),
295 max_num_in_flight_requests_per_process_(
297 max_num_in_flight_requests_ * kMaxRequestsPerProcessRatio)),
298 max_outstanding_requests_cost_per_process_(
299 kMaxOutstandingRequestsCostPerProcess),
302 allow_cross_origin_auth_prompt_(false) {
303 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
304 DCHECK(!g_resource_dispatcher_host);
305 g_resource_dispatcher_host = this;
307 GetContentClient()->browser()->ResourceDispatcherHostCreated();
309 ANNOTATE_BENIGN_RACE(
310 &last_user_gesture_time_,
311 "We don't care about the precise value, see http://crbug.com/92889");
313 BrowserThread::PostTask(BrowserThread::IO,
315 base::Bind(&ResourceDispatcherHostImpl::OnInit,
316 base::Unretained(this)));
318 update_load_states_timer_.reset(
319 new base::RepeatingTimer<ResourceDispatcherHostImpl>());
322 ResourceDispatcherHostImpl::~ResourceDispatcherHostImpl() {
323 DCHECK(outstanding_requests_stats_map_.empty());
324 DCHECK(g_resource_dispatcher_host);
325 g_resource_dispatcher_host = NULL;
329 ResourceDispatcherHostImpl* ResourceDispatcherHostImpl::Get() {
330 return g_resource_dispatcher_host;
333 void ResourceDispatcherHostImpl::SetDelegate(
334 ResourceDispatcherHostDelegate* delegate) {
335 delegate_ = delegate;
338 void ResourceDispatcherHostImpl::SetAllowCrossOriginAuthPrompt(bool value) {
339 allow_cross_origin_auth_prompt_ = value;
342 void ResourceDispatcherHostImpl::AddResourceContext(ResourceContext* context) {
343 active_resource_contexts_.insert(context);
346 void ResourceDispatcherHostImpl::RemoveResourceContext(
347 ResourceContext* context) {
348 CHECK(ContainsKey(active_resource_contexts_, context));
349 active_resource_contexts_.erase(context);
352 void ResourceDispatcherHostImpl::CancelRequestsForContext(
353 ResourceContext* context) {
354 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
357 CHECK(ContainsKey(active_resource_contexts_, context));
359 // Note that request cancellation has side effects. Therefore, we gather all
360 // the requests to cancel first, and then we start cancelling. We assert at
361 // the end that there are no more to cancel since the context is about to go
363 typedef std::vector<linked_ptr<ResourceLoader> > LoaderList;
364 LoaderList loaders_to_cancel;
366 for (LoaderMap::iterator i = pending_loaders_.begin();
367 i != pending_loaders_.end();) {
368 if (i->second->GetRequestInfo()->GetContext() == context) {
369 loaders_to_cancel.push_back(i->second);
370 IncrementOutstandingRequestsMemory(-1, *i->second->GetRequestInfo());
371 pending_loaders_.erase(i++);
377 for (BlockedLoadersMap::iterator i = blocked_loaders_map_.begin();
378 i != blocked_loaders_map_.end();) {
379 BlockedLoadersList* loaders = i->second;
380 if (loaders->empty()) {
381 // This can happen if BlockRequestsForRoute() has been called for a route,
382 // but we haven't blocked any matching requests yet.
386 ResourceRequestInfoImpl* info = loaders->front()->GetRequestInfo();
387 if (info->GetContext() == context) {
388 blocked_loaders_map_.erase(i++);
389 for (BlockedLoadersList::const_iterator it = loaders->begin();
390 it != loaders->end(); ++it) {
391 linked_ptr<ResourceLoader> loader = *it;
392 info = loader->GetRequestInfo();
393 // We make the assumption that all requests on the list have the same
395 DCHECK_EQ(context, info->GetContext());
396 IncrementOutstandingRequestsMemory(-1, *info);
397 loaders_to_cancel.push_back(loader);
406 for (LoaderList::iterator i = loaders_to_cancel.begin();
407 i != loaders_to_cancel.end(); ++i) {
408 // There is no strict requirement that this be the case, but currently
409 // downloads, streams and transferred requests are the only requests that
410 // aren't cancelled when the associated processes go away. It may be OK for
411 // this invariant to change in the future, but if this assertion fires
412 // without the invariant changing, then it's indicative of a leak.
413 DCHECK((*i)->GetRequestInfo()->is_download() ||
414 (*i)->GetRequestInfo()->is_stream() ||
415 (*i)->is_transferring());
419 loaders_to_cancel.clear();
421 // Validate that no more requests for this context were added.
422 for (LoaderMap::const_iterator i = pending_loaders_.begin();
423 i != pending_loaders_.end(); ++i) {
424 // http://crbug.com/90971
425 CHECK_NE(i->second->GetRequestInfo()->GetContext(), context);
428 for (BlockedLoadersMap::const_iterator i = blocked_loaders_map_.begin();
429 i != blocked_loaders_map_.end(); ++i) {
430 BlockedLoadersList* loaders = i->second;
431 if (!loaders->empty()) {
432 ResourceRequestInfoImpl* info = loaders->front()->GetRequestInfo();
433 // http://crbug.com/90971
434 CHECK_NE(info->GetContext(), context);
439 net::Error ResourceDispatcherHostImpl::BeginDownload(
440 scoped_ptr<net::URLRequest> request,
441 const Referrer& referrer,
442 bool is_content_initiated,
443 ResourceContext* context,
447 scoped_ptr<DownloadSaveInfo> save_info,
449 const DownloadStartedCallback& started_callback) {
451 return CallbackAndReturn(started_callback, net::ERR_INSUFFICIENT_RESOURCES);
453 const GURL& url = request->original_url();
455 // http://crbug.com/90971
457 base::strlcpy(url_buf, url.spec().c_str(), arraysize(url_buf));
458 base::debug::Alias(url_buf);
459 CHECK(ContainsKey(active_resource_contexts_, context));
461 SetReferrerForRequest(request.get(), referrer);
463 int extra_load_flags = net::LOAD_IS_DOWNLOAD;
465 // If there is upload data attached, only retrieve from cache because there
466 // is no current mechanism to prompt the user for their consent for a
467 // re-post. For GETs, try to retrieve data from the cache and skip
468 // validating the entry if present.
469 if (request->get_upload() != NULL)
470 extra_load_flags |= net::LOAD_ONLY_FROM_CACHE;
472 extra_load_flags |= net::LOAD_PREFERRING_CACHE;
474 extra_load_flags |= net::LOAD_DISABLE_CACHE;
476 request->set_load_flags(request->load_flags() | extra_load_flags);
478 // No need to get offline load flags for downloads, but make sure
479 // we have an OfflinePolicy to receive request completions.
480 GlobalRoutingID id(child_id, route_id);
481 if (!offline_policy_map_[id])
482 offline_policy_map_[id] = new OfflinePolicy();
484 // Check if the renderer is permitted to request the requested URL.
485 if (!ChildProcessSecurityPolicyImpl::GetInstance()->
486 CanRequestURL(child_id, url)) {
487 VLOG(1) << "Denied unauthorized download request for "
488 << url.possibly_invalid_spec();
489 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED);
494 const net::URLRequestContext* request_context = context->GetRequestContext();
495 if (!request_context->job_factory()->IsHandledURL(url)) {
496 VLOG(1) << "Download request for unsupported protocol: "
497 << url.possibly_invalid_spec();
498 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED);
501 ResourceRequestInfoImpl* extra_info =
502 CreateRequestInfo(child_id, route_id, true, context);
503 extra_info->AssociateWithRequest(request.get()); // Request takes ownership.
505 if (request->url().SchemeIs(chrome::kBlobScheme)) {
506 ChromeBlobStorageContext* blob_context =
507 GetChromeBlobStorageContextForResourceContext(context);
508 webkit_blob::BlobProtocolHandler::SetRequestedBlobDataHandle(
510 blob_context->context()->GetBlobDataFromPublicURL(request->url()));
513 // From this point forward, the |DownloadResourceHandler| is responsible for
514 // |started_callback|.
515 scoped_ptr<ResourceHandler> handler(
516 CreateResourceHandlerForDownload(request.get(), is_content_initiated,
517 true, download_id, save_info.Pass(),
520 BeginRequestInternal(request.Pass(), handler.Pass());
525 void ResourceDispatcherHostImpl::ClearLoginDelegateForRequest(
526 net::URLRequest* request) {
527 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
529 ResourceLoader* loader = GetLoader(info->GetGlobalRequestID());
531 loader->ClearLoginDelegate();
535 void ResourceDispatcherHostImpl::Shutdown() {
536 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
537 BrowserThread::PostTask(BrowserThread::IO,
539 base::Bind(&ResourceDispatcherHostImpl::OnShutdown,
540 base::Unretained(this)));
543 scoped_ptr<ResourceHandler>
544 ResourceDispatcherHostImpl::CreateResourceHandlerForDownload(
545 net::URLRequest* request,
546 bool is_content_initiated,
549 scoped_ptr<DownloadSaveInfo> save_info,
550 const DownloadUrlParameters::OnStartedCallback& started_cb) {
551 scoped_ptr<ResourceHandler> handler(
552 new DownloadResourceHandler(id, request, started_cb, save_info.Pass()));
554 const ResourceRequestInfo* request_info(
555 ResourceRequestInfo::ForRequest(request));
557 ScopedVector<ResourceThrottle> throttles;
558 delegate_->DownloadStarting(
559 request, request_info->GetContext(), request_info->GetChildID(),
560 request_info->GetRouteID(), request_info->GetRequestID(),
561 is_content_initiated, must_download, &throttles);
562 if (!throttles.empty()) {
564 new ThrottlingResourceHandler(
565 handler.Pass(), request, throttles.Pass()));
568 return handler.Pass();
571 scoped_ptr<ResourceHandler>
572 ResourceDispatcherHostImpl::MaybeInterceptAsStream(net::URLRequest* request,
573 ResourceResponse* response) {
574 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
575 const std::string& mime_type = response->head.mime_type;
578 std::string target_id;
580 !delegate_->ShouldInterceptResourceAsStream(info->GetContext(),
585 return scoped_ptr<ResourceHandler>();
588 StreamContext* stream_context =
589 GetStreamContextForResourceContext(info->GetContext());
591 scoped_ptr<StreamResourceHandler> handler(
592 new StreamResourceHandler(request,
593 stream_context->registry(),
596 info->set_is_stream(true);
597 delegate_->OnStreamCreated(
602 handler->stream()->CreateHandle(request->url(), mime_type),
603 request->GetExpectedContentSize());
604 return handler.PassAs<ResourceHandler>();
607 void ResourceDispatcherHostImpl::ClearSSLClientAuthHandlerForRequest(
608 net::URLRequest* request) {
609 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
611 ResourceLoader* loader = GetLoader(info->GetGlobalRequestID());
613 loader->ClearSSLClientAuthHandler();
617 ResourceDispatcherHostLoginDelegate*
618 ResourceDispatcherHostImpl::CreateLoginDelegate(
619 ResourceLoader* loader,
620 net::AuthChallengeInfo* auth_info) {
624 return delegate_->CreateLoginDelegate(auth_info, loader->request());
627 bool ResourceDispatcherHostImpl::AcceptAuthRequest(
628 ResourceLoader* loader,
629 net::AuthChallengeInfo* auth_info) {
630 if (delegate_ && !delegate_->AcceptAuthRequest(loader->request(), auth_info))
636 bool ResourceDispatcherHostImpl::AcceptSSLClientCertificateRequest(
637 ResourceLoader* loader,
638 net::SSLCertRequestInfo* cert_info) {
639 if (delegate_ && !delegate_->AcceptSSLClientCertificateRequest(
640 loader->request(), cert_info)) {
647 bool ResourceDispatcherHostImpl::HandleExternalProtocol(ResourceLoader* loader,
652 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
654 if (!ResourceType::IsFrame(info->GetResourceType()))
657 const net::URLRequestJobFactory* job_factory =
658 info->GetContext()->GetRequestContext()->job_factory();
659 if (job_factory->IsHandledURL(url))
662 return delegate_->HandleExternalProtocol(url, info->GetChildID(),
666 void ResourceDispatcherHostImpl::DidStartRequest(ResourceLoader* loader) {
667 // Make sure we have the load state monitor running
668 if (!update_load_states_timer_->IsRunning()) {
669 update_load_states_timer_->Start(FROM_HERE,
670 TimeDelta::FromMilliseconds(kUpdateLoadStatesIntervalMsec),
671 this, &ResourceDispatcherHostImpl::UpdateLoadStates);
675 void ResourceDispatcherHostImpl::DidReceiveRedirect(ResourceLoader* loader,
676 const GURL& new_url) {
677 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
679 int render_process_id, render_view_id;
680 if (!info->GetAssociatedRenderView(&render_process_id, &render_view_id))
683 // Notify the observers on the UI thread.
684 scoped_ptr<ResourceRedirectDetails> detail(new ResourceRedirectDetails(
686 GetCertID(loader->request(), info->GetChildID()),
688 BrowserThread::PostTask(
689 BrowserThread::UI, FROM_HERE,
692 render_process_id, render_view_id, base::Passed(&detail)));
695 void ResourceDispatcherHostImpl::DidReceiveResponse(ResourceLoader* loader) {
696 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
697 // There should be an entry in the map created when we dispatched the
699 OfflineMap::iterator policy_it(
700 offline_policy_map_.find(info->GetGlobalRoutingID()));
701 if (offline_policy_map_.end() != policy_it) {
702 policy_it->second->UpdateStateForSuccessfullyStartedRequest(
703 loader->request()->response_info());
705 // We should always have an entry in offline_policy_map_ from when
706 // this request traversed Begin{Download,SaveFile,Request}.
707 // TODO(rdsmith): This isn't currently true; see http://crbug.com/241176.
711 int render_process_id, render_view_id;
712 if (!info->GetAssociatedRenderView(&render_process_id, &render_view_id))
715 // Notify the observers on the UI thread.
716 scoped_ptr<ResourceRequestDetails> detail(new ResourceRequestDetails(
718 GetCertID(loader->request(), info->GetChildID())));
719 BrowserThread::PostTask(
720 BrowserThread::UI, FROM_HERE,
723 render_process_id, render_view_id, base::Passed(&detail)));
726 void ResourceDispatcherHostImpl::DidFinishLoading(ResourceLoader* loader) {
727 ResourceRequestInfo* info = loader->GetRequestInfo();
729 // Record final result of all resource loads.
730 if (info->GetResourceType() == ResourceType::MAIN_FRAME) {
731 // This enumeration has "3" appended to its name to distinguish it from
733 UMA_HISTOGRAM_SPARSE_SLOWLY(
734 "Net.ErrorCodesForMainFrame3",
735 -loader->request()->status().error());
737 if (loader->request()->url().SchemeIsSecure() &&
738 loader->request()->url().host() == "www.google.com") {
739 UMA_HISTOGRAM_SPARSE_SLOWLY(
740 "Net.ErrorCodesForHTTPSGoogleMainFrame2",
741 -loader->request()->status().error());
744 if (info->GetResourceType() == ResourceType::IMAGE) {
745 UMA_HISTOGRAM_SPARSE_SLOWLY(
746 "Net.ErrorCodesForImages",
747 -loader->request()->status().error());
749 // This enumeration has "2" appended to distinguish it from older versions.
750 UMA_HISTOGRAM_SPARSE_SLOWLY(
751 "Net.ErrorCodesForSubresources2",
752 -loader->request()->status().error());
755 // Destroy the ResourceLoader.
756 RemovePendingRequest(info->GetChildID(), info->GetRequestID());
760 bool ResourceDispatcherHostImpl::RenderViewForRequest(
761 const net::URLRequest* request,
762 int* render_process_id,
763 int* render_view_id) {
764 const ResourceRequestInfoImpl* info =
765 ResourceRequestInfoImpl::ForRequest(request);
767 *render_process_id = -1;
768 *render_view_id = -1;
772 return info->GetAssociatedRenderView(render_process_id, render_view_id);
775 void ResourceDispatcherHostImpl::OnInit() {
776 scheduler_.reset(new ResourceScheduler);
777 appcache::AppCacheInterceptor::EnsureRegistered();
780 void ResourceDispatcherHostImpl::OnShutdown() {
781 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
784 pending_loaders_.clear();
786 // Make sure we shutdown the timer now, otherwise by the time our destructor
787 // runs if the timer is still running the Task is deleted twice (once by
788 // the MessageLoop and the second time by RepeatingTimer).
789 update_load_states_timer_.reset();
791 // Clear blocked requests if any left.
792 // Note that we have to do this in 2 passes as we cannot call
793 // CancelBlockedRequestsForRoute while iterating over
794 // blocked_loaders_map_, as it modifies it.
795 std::set<GlobalRoutingID> ids;
796 for (BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.begin();
797 iter != blocked_loaders_map_.end(); ++iter) {
798 std::pair<std::set<GlobalRoutingID>::iterator, bool> result =
799 ids.insert(iter->first);
800 // We should not have duplicates.
801 DCHECK(result.second);
803 for (std::set<GlobalRoutingID>::const_iterator iter = ids.begin();
804 iter != ids.end(); ++iter) {
805 CancelBlockedRequestsForRoute(iter->child_id, iter->route_id);
811 bool ResourceDispatcherHostImpl::OnMessageReceived(
812 const IPC::Message& message,
813 ResourceMessageFilter* filter,
814 bool* message_was_ok) {
817 IPC_BEGIN_MESSAGE_MAP_EX(ResourceDispatcherHostImpl, message, *message_was_ok)
818 IPC_MESSAGE_HANDLER(ResourceHostMsg_RequestResource, OnRequestResource)
819 IPC_MESSAGE_HANDLER_DELAY_REPLY(ResourceHostMsg_SyncLoad, OnSyncLoad)
820 IPC_MESSAGE_HANDLER(ResourceHostMsg_ReleaseDownloadedFile,
821 OnReleaseDownloadedFile)
822 IPC_MESSAGE_HANDLER(ResourceHostMsg_DataDownloaded_ACK, OnDataDownloadedACK)
823 IPC_MESSAGE_HANDLER(ResourceHostMsg_UploadProgress_ACK, OnUploadProgressACK)
824 IPC_MESSAGE_HANDLER(ResourceHostMsg_CancelRequest, OnCancelRequest)
825 IPC_MESSAGE_UNHANDLED(handled = false)
826 IPC_END_MESSAGE_MAP_EX()
828 if (!handled && IPC_MESSAGE_ID_CLASS(message.type()) == ResourceMsgStart) {
829 PickleIterator iter(message);
831 bool ok = iter.ReadInt(&request_id);
833 GlobalRequestID id(filter_->child_id(), request_id);
834 DelegateMap::iterator it = delegate_map_.find(id);
835 if (it != delegate_map_.end()) {
836 ObserverList<ResourceMessageDelegate>::Iterator del_it(*it->second);
837 ResourceMessageDelegate* delegate;
838 while (!handled && (delegate = del_it.GetNext()) != NULL) {
839 handled = delegate->OnMessageReceived(message, message_was_ok);
848 void ResourceDispatcherHostImpl::OnRequestResource(
849 const IPC::Message& message,
851 const ResourceHostMsg_Request& request_data) {
852 BeginRequest(request_id, request_data, NULL, message.routing_id());
855 // Begins a resource request with the given params on behalf of the specified
856 // child process. Responses will be dispatched through the given receiver. The
857 // process ID is used to lookup WebContentsImpl from routing_id's in the case of
858 // a request from a renderer. request_context is the cookie/cache context to be
859 // used for this request.
861 // If sync_result is non-null, then a SyncLoad reply will be generated, else
862 // a normal asynchronous set of response messages will be generated.
863 void ResourceDispatcherHostImpl::OnSyncLoad(
865 const ResourceHostMsg_Request& request_data,
866 IPC::Message* sync_result) {
867 BeginRequest(request_id, request_data, sync_result,
868 sync_result->routing_id());
871 void ResourceDispatcherHostImpl::UpdateRequestForTransfer(
875 const ResourceHostMsg_Request& request_data,
876 const linked_ptr<ResourceLoader>& loader) {
877 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
878 GlobalRoutingID old_routing_id(
879 request_data.transferred_request_child_id, info->GetRouteID());
880 GlobalRequestID old_request_id(request_data.transferred_request_child_id,
881 request_data.transferred_request_request_id);
882 GlobalRoutingID new_routing_id(child_id, route_id);
883 GlobalRequestID new_request_id(child_id, request_id);
885 // Clear out data that depends on |info| before updating it.
886 IncrementOutstandingRequestsMemory(-1, *info);
887 OustandingRequestsStats empty_stats = { 0, 0 };
888 OustandingRequestsStats old_stats = GetOutstandingRequestsStats(*info);
889 UpdateOutstandingRequestsStats(*info, empty_stats);
890 pending_loaders_.erase(old_request_id);
892 // ResourceHandlers should always get state related to the request from the
893 // ResourceRequestInfo rather than caching it locally. This lets us update
894 // the info object when a transfer occurs.
895 info->UpdateForTransfer(child_id, route_id, request_data.origin_pid,
896 request_id, request_data.frame_id,
897 request_data.parent_frame_id, filter_->GetWeakPtr());
899 // Update maps that used the old IDs, if necessary. Some transfers in tests
900 // do not actually use a different ID, so not all maps need to be updated.
901 pending_loaders_[new_request_id] = loader;
902 UpdateOutstandingRequestsStats(*info, old_stats);
903 IncrementOutstandingRequestsMemory(1, *info);
904 if (old_routing_id != new_routing_id) {
905 if (offline_policy_map_.find(old_routing_id) != offline_policy_map_.end()) {
906 if (offline_policy_map_.find(new_routing_id) !=
907 offline_policy_map_.end())
908 delete offline_policy_map_[new_routing_id];
909 offline_policy_map_[new_routing_id] = offline_policy_map_[old_routing_id];
910 offline_policy_map_.erase(old_routing_id);
912 if (blocked_loaders_map_.find(old_routing_id) !=
913 blocked_loaders_map_.end()) {
914 blocked_loaders_map_[new_routing_id] =
915 blocked_loaders_map_[old_routing_id];
916 blocked_loaders_map_.erase(old_routing_id);
919 if (old_request_id != new_request_id) {
920 DelegateMap::iterator it = delegate_map_.find(old_request_id);
921 if (it != delegate_map_.end()) {
922 // Tell each delegate that the request ID has changed.
923 ObserverList<ResourceMessageDelegate>::Iterator del_it(*it->second);
924 ResourceMessageDelegate* delegate;
925 while ((delegate = del_it.GetNext()) != NULL) {
926 delegate->set_request_id(new_request_id);
928 // Now store the observer list under the new request ID.
929 delegate_map_[new_request_id] = delegate_map_[old_request_id];
930 delegate_map_.erase(old_request_id);
934 // Notify the delegate to allow it to update state as well.
936 delegate_->WillTransferRequestToNewProcess(old_routing_id.child_id,
937 old_routing_id.route_id,
938 old_request_id.request_id,
944 // We should have a CrossSiteResourceHandler to finish the transfer.
945 DCHECK(info->cross_site_handler());
948 void ResourceDispatcherHostImpl::BeginRequest(
950 const ResourceHostMsg_Request& request_data,
951 IPC::Message* sync_result, // only valid for sync
953 int process_type = filter_->process_type();
954 int child_id = filter_->child_id();
956 // Reject invalid priority.
957 if (request_data.priority < net::MINIMUM_PRIORITY ||
958 request_data.priority > net::MAXIMUM_PRIORITY) {
959 RecordAction(UserMetricsAction("BadMessageTerminate_RDH"));
960 filter_->BadMessageReceived();
964 // If we crash here, figure out what URL the renderer was requesting.
965 // http://crbug.com/91398
967 base::strlcpy(url_buf, request_data.url.spec().c_str(), arraysize(url_buf));
968 base::debug::Alias(url_buf);
970 // If the request that's coming in is being transferred from another process,
971 // we want to reuse and resume the old loader rather than start a new one.
972 linked_ptr<ResourceLoader> deferred_loader;
974 LoaderMap::iterator it = pending_loaders_.find(
975 GlobalRequestID(request_data.transferred_request_child_id,
976 request_data.transferred_request_request_id));
977 if (it != pending_loaders_.end()) {
978 // If the request is transferring to a new process, we can update our
979 // state and let it resume with its existing ResourceHandlers.
980 if (it->second->is_transferring()) {
981 deferred_loader = it->second;
982 UpdateRequestForTransfer(child_id, route_id, request_id,
983 request_data, deferred_loader);
985 deferred_loader->CompleteTransfer();
987 RecordAction(UserMetricsAction("BadMessageTerminate_RDH"));
988 filter_->BadMessageReceived();
994 ResourceContext* resource_context = NULL;
995 net::URLRequestContext* request_context = NULL;
996 filter_->GetContexts(request_data, &resource_context, &request_context);
997 // http://crbug.com/90971
998 CHECK(ContainsKey(active_resource_contexts_, resource_context));
1001 !ShouldServiceRequest(process_type, child_id, request_data,
1002 filter_->file_system_context())) {
1003 AbortRequestBeforeItStarts(filter_, sync_result, request_id);
1007 const Referrer referrer(request_data.referrer, request_data.referrer_policy);
1009 // Allow the observer to block/handle the request.
1010 if (delegate_ && !delegate_->ShouldBeginRequest(child_id,
1012 request_data.method,
1014 request_data.resource_type,
1015 resource_context)) {
1016 AbortRequestBeforeItStarts(filter_, sync_result, request_id);
1020 bool is_sync_load = sync_result != NULL;
1022 BuildLoadFlagsForRequest(request_data, child_id, is_sync_load);
1024 GlobalRoutingID id(child_id, route_id);
1025 if (!offline_policy_map_[id])
1026 offline_policy_map_[id] = new OfflinePolicy();
1027 load_flags |= offline_policy_map_[id]->GetAdditionalLoadFlags(
1028 load_flags, request_data.resource_type == ResourceType::MAIN_FRAME);
1030 // Construct the request.
1031 scoped_ptr<net::URLRequest> new_request;
1032 net::URLRequest* request;
1033 new_request = request_context->CreateRequest(
1034 request_data.url, request_data.priority, NULL);
1035 request = new_request.get();
1037 request->set_method(request_data.method);
1038 request->set_first_party_for_cookies(request_data.first_party_for_cookies);
1039 SetReferrerForRequest(request, referrer);
1041 net::HttpRequestHeaders headers;
1042 headers.AddHeadersFromString(request_data.headers);
1043 request->SetExtraRequestHeaders(headers);
1045 request->set_load_flags(load_flags);
1047 // Resolve elements from request_body and prepare upload data.
1048 if (request_data.request_body.get()) {
1049 webkit_blob::BlobStorageContext* blob_context = NULL;
1050 if (filter_->blob_storage_context())
1051 blob_context = filter_->blob_storage_context()->context();
1052 request->set_upload(UploadDataStreamBuilder::Build(
1053 request_data.request_body.get(),
1055 filter_->file_system_context(),
1056 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE)
1060 bool allow_download = request_data.allow_download &&
1061 ResourceType::IsFrame(request_data.resource_type);
1063 // Make extra info and read footer (contains request ID).
1064 ResourceRequestInfoImpl* extra_info =
1065 new ResourceRequestInfoImpl(
1069 request_data.origin_pid,
1071 request_data.is_main_frame,
1072 request_data.frame_id,
1073 request_data.parent_is_main_frame,
1074 request_data.parent_frame_id,
1075 request_data.resource_type,
1076 request_data.transition_type,
1077 false, // is download
1080 request_data.has_user_gesture,
1081 request_data.referrer_policy,
1083 filter_->GetWeakPtr(),
1085 extra_info->AssociateWithRequest(request); // Request takes ownership.
1087 if (request->url().SchemeIs(chrome::kBlobScheme)) {
1088 // Hang on to a reference to ensure the blob is not released prior
1089 // to the job being started.
1090 webkit_blob::BlobProtocolHandler::SetRequestedBlobDataHandle(
1092 filter_->blob_storage_context()->context()->
1093 GetBlobDataFromPublicURL(request->url()));
1096 // Have the appcache associate its extra info with the request.
1097 appcache::AppCacheInterceptor::SetExtraRequestInfo(
1098 request, filter_->appcache_service(), child_id,
1099 request_data.appcache_host_id, request_data.resource_type);
1101 // Construct the IPC resource handler.
1102 scoped_ptr<ResourceHandler> handler;
1104 handler.reset(new SyncResourceHandler(request, sync_result, this));
1106 handler.reset(new AsyncResourceHandler(request, this));
1109 // The RedirectToFileResourceHandler depends on being next in the chain.
1110 if (request_data.download_to_file) {
1112 new RedirectToFileResourceHandler(handler.Pass(), request, this));
1115 // Install a CrossSiteResourceHandler for all main frame requests. This will
1116 // let us check whether a transfer is required and pause for the unload
1117 // handler either if so or if a cross-process navigation is already under way.
1118 if (request_data.resource_type == ResourceType::MAIN_FRAME &&
1119 process_type == PROCESS_TYPE_RENDERER) {
1120 handler.reset(new CrossSiteResourceHandler(handler.Pass(), request));
1123 // Insert a buffered event handler before the actual one.
1125 new BufferedResourceHandler(handler.Pass(), this, request));
1127 ScopedVector<ResourceThrottle> throttles;
1129 delegate_->RequestBeginning(request,
1131 filter_->appcache_service(),
1132 request_data.resource_type,
1138 if (request->has_upload()) {
1139 // Block power save while uploading data.
1140 throttles.push_back(new PowerSaveBlockResourceThrottle());
1143 throttles.push_back(
1144 scheduler_->ScheduleRequest(child_id, route_id, request).release());
1147 new ThrottlingResourceHandler(handler.Pass(), request, throttles.Pass()));
1149 BeginRequestInternal(new_request.Pass(), handler.Pass());
1152 void ResourceDispatcherHostImpl::OnReleaseDownloadedFile(int request_id) {
1153 UnregisterDownloadedTempFile(filter_->child_id(), request_id);
1156 void ResourceDispatcherHostImpl::OnDataDownloadedACK(int request_id) {
1157 // TODO(michaeln): maybe throttle DataDownloaded messages
1160 void ResourceDispatcherHostImpl::RegisterDownloadedTempFile(
1161 int child_id, int request_id, ShareableFileReference* reference) {
1162 registered_temp_files_[child_id][request_id] = reference;
1163 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
1164 child_id, reference->path());
1166 // When the temp file is deleted, revoke permissions that the renderer has
1167 // to that file. This covers an edge case where the file is deleted and then
1168 // the same name is re-used for some other purpose, we don't want the old
1169 // renderer to still have access to it.
1171 // We do this when the file is deleted because the renderer can take a blob
1172 // reference to the temp file that outlives the url loaded that it was
1173 // loaded with to keep the file (and permissions) alive.
1174 reference->AddFinalReleaseCallback(
1175 base::Bind(&RemoveDownloadFileFromChildSecurityPolicy,
1179 void ResourceDispatcherHostImpl::UnregisterDownloadedTempFile(
1180 int child_id, int request_id) {
1181 DeletableFilesMap& map = registered_temp_files_[child_id];
1182 DeletableFilesMap::iterator found = map.find(request_id);
1183 if (found == map.end())
1188 // Note that we don't remove the security bits here. This will be done
1189 // when all file refs are deleted (see RegisterDownloadedTempFile).
1192 bool ResourceDispatcherHostImpl::Send(IPC::Message* message) {
1197 void ResourceDispatcherHostImpl::OnUploadProgressACK(int request_id) {
1198 ResourceLoader* loader = GetLoader(filter_->child_id(), request_id);
1200 loader->OnUploadProgressACK();
1203 void ResourceDispatcherHostImpl::OnCancelRequest(int request_id) {
1204 CancelRequest(filter_->child_id(), request_id, true);
1207 ResourceRequestInfoImpl* ResourceDispatcherHostImpl::CreateRequestInfo(
1211 ResourceContext* context) {
1212 return new ResourceRequestInfoImpl(
1213 PROCESS_TYPE_RENDERER,
1218 false, // is_main_frame
1220 false, // parent_is_main_frame
1221 -1, // parent_frame_id
1222 ResourceType::SUB_RESOURCE,
1223 PAGE_TRANSITION_LINK,
1224 download, // is_download
1226 download, // allow_download
1227 false, // has_user_gesture
1228 WebKit::WebReferrerPolicyDefault,
1230 base::WeakPtr<ResourceMessageFilter>(), // filter
1234 void ResourceDispatcherHostImpl::OnRenderViewHostCreated(
1237 scheduler_->OnClientCreated(child_id, route_id);
1240 void ResourceDispatcherHostImpl::OnRenderViewHostDeleted(
1243 scheduler_->OnClientDeleted(child_id, route_id);
1244 CancelRequestsForRoute(child_id, route_id);
1247 // This function is only used for saving feature.
1248 void ResourceDispatcherHostImpl::BeginSaveFile(
1250 const Referrer& referrer,
1253 ResourceContext* context) {
1257 // http://crbug.com/90971
1259 base::strlcpy(url_buf, url.spec().c_str(), arraysize(url_buf));
1260 base::debug::Alias(url_buf);
1261 CHECK(ContainsKey(active_resource_contexts_, context));
1263 scoped_ptr<ResourceHandler> handler(
1264 new SaveFileResourceHandler(child_id,
1267 save_file_manager_.get()));
1270 const net::URLRequestContext* request_context = context->GetRequestContext();
1272 request_context->job_factory()->IsHandledURL(url);
1274 // Since any URLs which have non-standard scheme have been filtered
1275 // by save manager(see GURL::SchemeIsStandard). This situation
1276 // should not happen.
1281 scoped_ptr<net::URLRequest> request(
1282 request_context->CreateRequest(url, net::DEFAULT_PRIORITY, NULL));
1283 request->set_method("GET");
1284 SetReferrerForRequest(request.get(), referrer);
1286 // So far, for saving page, we need fetch content from cache, in the
1287 // future, maybe we can use a configuration to configure this behavior.
1288 request->set_load_flags(net::LOAD_PREFERRING_CACHE);
1290 // No need to get offline load flags for save files, but make sure
1291 // we have an OfflinePolicy to receive request completions.
1292 GlobalRoutingID id(child_id, route_id);
1293 if (!offline_policy_map_[id])
1294 offline_policy_map_[id] = new OfflinePolicy();
1296 // Since we're just saving some resources we need, disallow downloading.
1297 ResourceRequestInfoImpl* extra_info =
1298 CreateRequestInfo(child_id, route_id, false, context);
1299 extra_info->AssociateWithRequest(request.get()); // Request takes ownership.
1301 BeginRequestInternal(request.Pass(), handler.Pass());
1304 void ResourceDispatcherHostImpl::MarkAsTransferredNavigation(
1305 const GlobalRequestID& id, const GURL& target_url) {
1306 GetLoader(id)->MarkAsTransferring(target_url);
1309 void ResourceDispatcherHostImpl::ResumeDeferredNavigation(
1310 const GlobalRequestID& id) {
1311 ResourceLoader* loader = GetLoader(id);
1313 // The response we were meant to resume could have already been canceled.
1314 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
1315 if (info->cross_site_handler())
1316 info->cross_site_handler()->ResumeResponse();
1320 // The object died, so cancel and detach all requests associated with it except
1321 // for downloads, which belong to the browser process even if initiated via a
1323 void ResourceDispatcherHostImpl::CancelRequestsForProcess(int child_id) {
1324 CancelRequestsForRoute(child_id, -1 /* cancel all */);
1325 registered_temp_files_.erase(child_id);
1328 void ResourceDispatcherHostImpl::CancelRequestsForRoute(int child_id,
1330 // Since pending_requests_ is a map, we first build up a list of all of the
1331 // matching requests to be cancelled, and then we cancel them. Since there
1332 // may be more than one request to cancel, we cannot simply hold onto the map
1333 // iterators found in the first loop.
1335 // Find the global ID of all matching elements.
1336 bool any_requests_transferring = false;
1337 std::vector<GlobalRequestID> matching_requests;
1338 for (LoaderMap::const_iterator i = pending_loaders_.begin();
1339 i != pending_loaders_.end(); ++i) {
1340 if (i->first.child_id != child_id)
1343 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1345 GlobalRequestID id(child_id, i->first.request_id);
1346 DCHECK(id == i->first);
1348 // Don't cancel navigations that are transferring to another process,
1349 // since they belong to another process now.
1350 if (IsTransferredNavigation(id))
1351 any_requests_transferring = true;
1352 if (!info->is_download() && !info->is_stream() &&
1353 !IsTransferredNavigation(id) &&
1354 (route_id == -1 || route_id == info->GetRouteID())) {
1355 matching_requests.push_back(id);
1360 for (size_t i = 0; i < matching_requests.size(); ++i) {
1361 LoaderMap::iterator iter = pending_loaders_.find(matching_requests[i]);
1362 // Although every matching request was in pending_requests_ when we built
1363 // matching_requests, it is normal for a matching request to be not found
1364 // in pending_requests_ after we have removed some matching requests from
1365 // pending_requests_. For example, deleting a net::URLRequest that has
1366 // exclusive (write) access to an HTTP cache entry may unblock another
1367 // net::URLRequest that needs exclusive access to the same cache entry, and
1368 // that net::URLRequest may complete and remove itself from
1369 // pending_requests_. So we need to check that iter is not equal to
1370 // pending_requests_.end().
1371 if (iter != pending_loaders_.end())
1372 RemovePendingLoader(iter);
1375 // Don't clear the blocked loaders or offline policy maps if any of the
1376 // requests in route_id are being transferred to a new process, since those
1377 // maps will be updated with the new route_id after the transfer. Otherwise
1378 // we will lose track of this info when the old route goes away, before the
1379 // new one is created.
1380 if (any_requests_transferring)
1383 // Now deal with blocked requests if any.
1384 if (route_id != -1) {
1385 if (blocked_loaders_map_.find(GlobalRoutingID(child_id, route_id)) !=
1386 blocked_loaders_map_.end()) {
1387 CancelBlockedRequestsForRoute(child_id, route_id);
1390 // We have to do all render views for the process |child_id|.
1391 // Note that we have to do this in 2 passes as we cannot call
1392 // CancelBlockedRequestsForRoute while iterating over
1393 // blocked_loaders_map_, as it modifies it.
1394 std::set<int> route_ids;
1395 for (BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.begin();
1396 iter != blocked_loaders_map_.end(); ++iter) {
1397 if (iter->first.child_id == child_id)
1398 route_ids.insert(iter->first.route_id);
1400 for (std::set<int>::const_iterator iter = route_ids.begin();
1401 iter != route_ids.end(); ++iter) {
1402 CancelBlockedRequestsForRoute(child_id, *iter);
1406 // Cleanup the offline state for the route.
1407 if (-1 != route_id) {
1408 OfflineMap::iterator it = offline_policy_map_.find(
1409 GlobalRoutingID(child_id, route_id));
1410 if (offline_policy_map_.end() != it) {
1412 offline_policy_map_.erase(it);
1415 for (OfflineMap::iterator it = offline_policy_map_.begin();
1416 offline_policy_map_.end() != it;) {
1417 // Increment iterator so deletion doesn't invalidate it.
1418 OfflineMap::iterator current_it = it++;
1420 if (child_id == current_it->first.child_id) {
1421 delete current_it->second;
1422 offline_policy_map_.erase(current_it);
1428 // Cancels the request and removes it from the list.
1429 void ResourceDispatcherHostImpl::RemovePendingRequest(int child_id,
1431 LoaderMap::iterator i = pending_loaders_.find(
1432 GlobalRequestID(child_id, request_id));
1433 if (i == pending_loaders_.end()) {
1434 NOTREACHED() << "Trying to remove a request that's not here";
1437 RemovePendingLoader(i);
1440 void ResourceDispatcherHostImpl::RemovePendingLoader(
1441 const LoaderMap::iterator& iter) {
1442 ResourceRequestInfoImpl* info = iter->second->GetRequestInfo();
1444 // Remove the memory credit that we added when pushing the request onto
1445 // the pending list.
1446 IncrementOutstandingRequestsMemory(-1, *info);
1448 pending_loaders_.erase(iter);
1450 // If we have no more pending requests, then stop the load state monitor
1451 if (pending_loaders_.empty() && update_load_states_timer_)
1452 update_load_states_timer_->Stop();
1455 void ResourceDispatcherHostImpl::CancelRequest(int child_id,
1457 bool from_renderer) {
1458 if (from_renderer) {
1459 // When the old renderer dies, it sends a message to us to cancel its
1461 if (IsTransferredNavigation(GlobalRequestID(child_id, request_id)))
1465 ResourceLoader* loader = GetLoader(child_id, request_id);
1467 // We probably want to remove this warning eventually, but I wanted to be
1468 // able to notice when this happens during initial development since it
1469 // should be rare and may indicate a bug.
1470 DVLOG(1) << "Canceling a request that wasn't found";
1474 loader->CancelRequest(from_renderer);
1477 ResourceDispatcherHostImpl::OustandingRequestsStats
1478 ResourceDispatcherHostImpl::GetOutstandingRequestsStats(
1479 const ResourceRequestInfoImpl& info) {
1480 OutstandingRequestsStatsMap::iterator entry =
1481 outstanding_requests_stats_map_.find(info.GetChildID());
1482 OustandingRequestsStats stats = { 0, 0 };
1483 if (entry != outstanding_requests_stats_map_.end())
1484 stats = entry->second;
1488 void ResourceDispatcherHostImpl::UpdateOutstandingRequestsStats(
1489 const ResourceRequestInfoImpl& info,
1490 const OustandingRequestsStats& stats) {
1491 if (stats.memory_cost == 0 && stats.num_requests == 0)
1492 outstanding_requests_stats_map_.erase(info.GetChildID());
1494 outstanding_requests_stats_map_[info.GetChildID()] = stats;
1497 ResourceDispatcherHostImpl::OustandingRequestsStats
1498 ResourceDispatcherHostImpl::IncrementOutstandingRequestsMemory(
1500 const ResourceRequestInfoImpl& info) {
1501 DCHECK_EQ(1, abs(count));
1503 // Retrieve the previous value (defaulting to 0 if not found).
1504 OustandingRequestsStats stats = GetOutstandingRequestsStats(info);
1506 // Insert/update the total; delete entries when their count reaches 0.
1507 stats.memory_cost += count * info.memory_cost();
1508 DCHECK_GE(stats.memory_cost, 0);
1509 UpdateOutstandingRequestsStats(info, stats);
1514 ResourceDispatcherHostImpl::OustandingRequestsStats
1515 ResourceDispatcherHostImpl::IncrementOutstandingRequestsCount(
1517 const ResourceRequestInfoImpl& info) {
1518 DCHECK_EQ(1, abs(count));
1519 num_in_flight_requests_ += count;
1521 OustandingRequestsStats stats = GetOutstandingRequestsStats(info);
1522 stats.num_requests += count;
1523 DCHECK_GE(stats.num_requests, 0);
1524 UpdateOutstandingRequestsStats(info, stats);
1529 bool ResourceDispatcherHostImpl::HasSufficientResourcesForRequest(
1530 const net::URLRequest* request_) {
1531 const ResourceRequestInfoImpl* info =
1532 ResourceRequestInfoImpl::ForRequest(request_);
1533 OustandingRequestsStats stats = IncrementOutstandingRequestsCount(1, *info);
1535 if (stats.num_requests > max_num_in_flight_requests_per_process_)
1537 if (num_in_flight_requests_ > max_num_in_flight_requests_)
1543 void ResourceDispatcherHostImpl::FinishedWithResourcesForRequest(
1544 const net::URLRequest* request_) {
1545 const ResourceRequestInfoImpl* info =
1546 ResourceRequestInfoImpl::ForRequest(request_);
1547 IncrementOutstandingRequestsCount(-1, *info);
1551 int ResourceDispatcherHostImpl::CalculateApproximateMemoryCost(
1552 net::URLRequest* request) {
1553 // The following fields should be a minor size contribution (experimentally
1554 // on the order of 100). However since they are variable length, it could
1555 // in theory be a sizeable contribution.
1556 int strings_cost = request->extra_request_headers().ToString().size() +
1557 request->original_url().spec().size() +
1558 request->referrer().size() +
1559 request->method().size();
1561 // Note that this expression will typically be dominated by:
1562 // |kAvgBytesPerOutstandingRequest|.
1563 return kAvgBytesPerOutstandingRequest + strings_cost;
1566 void ResourceDispatcherHostImpl::BeginRequestInternal(
1567 scoped_ptr<net::URLRequest> request,
1568 scoped_ptr<ResourceHandler> handler) {
1569 DCHECK(!request->is_pending());
1570 ResourceRequestInfoImpl* info =
1571 ResourceRequestInfoImpl::ForRequest(request.get());
1573 if ((TimeTicks::Now() - last_user_gesture_time_) <
1574 TimeDelta::FromMilliseconds(kUserGestureWindowMs)) {
1575 request->set_load_flags(
1576 request->load_flags() | net::LOAD_MAYBE_USER_GESTURE);
1579 // Add the memory estimate that starting this request will consume.
1580 info->set_memory_cost(CalculateApproximateMemoryCost(request.get()));
1582 // If enqueing/starting this request will exceed our per-process memory
1583 // bound, abort it right away.
1584 OustandingRequestsStats stats = IncrementOutstandingRequestsMemory(1, *info);
1585 if (stats.memory_cost > max_outstanding_requests_cost_per_process_) {
1586 // We call "CancelWithError()" as a way of setting the net::URLRequest's
1587 // status -- it has no effect beyond this, since the request hasn't started.
1588 request->CancelWithError(net::ERR_INSUFFICIENT_RESOURCES);
1590 if (!handler->OnResponseCompleted(info->GetRequestID(), request->status(),
1592 // TODO(darin): The handler is not ready for us to kill the request. Oops!
1596 IncrementOutstandingRequestsMemory(-1, *info);
1598 // A ResourceHandler must not outlive its associated URLRequest.
1603 linked_ptr<ResourceLoader> loader(
1604 new ResourceLoader(request.Pass(), handler.Pass(), this));
1606 GlobalRoutingID id(info->GetGlobalRoutingID());
1607 BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.find(id);
1608 if (iter != blocked_loaders_map_.end()) {
1609 // The request should be blocked.
1610 iter->second->push_back(loader);
1614 StartLoading(info, loader);
1617 void ResourceDispatcherHostImpl::StartLoading(
1618 ResourceRequestInfoImpl* info,
1619 const linked_ptr<ResourceLoader>& loader) {
1620 pending_loaders_[info->GetGlobalRequestID()] = loader;
1622 loader->StartRequest();
1625 void ResourceDispatcherHostImpl::OnUserGesture(WebContentsImpl* contents) {
1626 last_user_gesture_time_ = TimeTicks::Now();
1629 net::URLRequest* ResourceDispatcherHostImpl::GetURLRequest(
1630 const GlobalRequestID& id) {
1631 ResourceLoader* loader = GetLoader(id);
1635 return loader->request();
1640 // This function attempts to return the "more interesting" load state of |a|
1641 // and |b|. We don't have temporal information about these load states
1642 // (meaning we don't know when we transitioned into these states), so we just
1643 // rank them according to how "interesting" the states are.
1645 // We take advantage of the fact that the load states are an enumeration listed
1646 // in the order in which they occur during the lifetime of a request, so we can
1647 // regard states with larger numeric values as being further along toward
1648 // completion. We regard those states as more interesting to report since they
1649 // represent progress.
1651 // For example, by this measure "tranferring data" is a more interesting state
1652 // than "resolving host" because when we are transferring data we are actually
1653 // doing something that corresponds to changes that the user might observe,
1654 // whereas waiting for a host name to resolve implies being stuck.
1656 const net::LoadStateWithParam& MoreInterestingLoadState(
1657 const net::LoadStateWithParam& a, const net::LoadStateWithParam& b) {
1658 return (a.state < b.state) ? b : a;
1661 // Carries information about a load state change.
1664 net::LoadStateWithParam load_state;
1665 uint64 upload_position;
1669 // Map from ProcessID+RouteID pair to LoadState
1670 typedef std::map<GlobalRoutingID, LoadInfo> LoadInfoMap;
1672 // Used to marshal calls to LoadStateChanged from the IO to UI threads. We do
1673 // them all as a single callback to avoid spamming the UI thread.
1674 void LoadInfoUpdateCallback(const LoadInfoMap& info_map) {
1675 LoadInfoMap::const_iterator i;
1676 for (i = info_map.begin(); i != info_map.end(); ++i) {
1677 RenderViewHostImpl* view =
1678 RenderViewHostImpl::FromID(i->first.child_id, i->first.route_id);
1679 if (view) // The view could be gone at this point.
1680 view->LoadStateChanged(i->second.url, i->second.load_state,
1681 i->second.upload_position,
1682 i->second.upload_size);
1688 void ResourceDispatcherHostImpl::UpdateLoadStates() {
1689 // Populate this map with load state changes, and then send them on to the UI
1690 // thread where they can be passed along to the respective RVHs.
1691 LoadInfoMap info_map;
1693 LoaderMap::const_iterator i;
1695 // Determine the largest upload size of all requests
1696 // in each View (good chance it's zero).
1697 std::map<GlobalRoutingID, uint64> largest_upload_size;
1698 for (i = pending_loaders_.begin(); i != pending_loaders_.end(); ++i) {
1699 net::URLRequest* request = i->second->request();
1700 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1701 uint64 upload_size = request->GetUploadProgress().size();
1702 if (request->GetLoadState().state != net::LOAD_STATE_SENDING_REQUEST)
1704 GlobalRoutingID id(info->GetGlobalRoutingID());
1705 if (upload_size && largest_upload_size[id] < upload_size)
1706 largest_upload_size[id] = upload_size;
1709 for (i = pending_loaders_.begin(); i != pending_loaders_.end(); ++i) {
1710 net::URLRequest* request = i->second->request();
1711 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1712 net::LoadStateWithParam load_state = request->GetLoadState();
1713 net::UploadProgress progress = request->GetUploadProgress();
1715 // We also poll for upload progress on this timer and send upload
1716 // progress ipc messages to the plugin process.
1717 i->second->ReportUploadProgress();
1719 GlobalRoutingID id(info->GetGlobalRoutingID());
1721 // If a request is uploading data, ignore all other requests so that the
1722 // upload progress takes priority for being shown in the status bar.
1723 if (largest_upload_size.find(id) != largest_upload_size.end() &&
1724 progress.size() < largest_upload_size[id])
1727 net::LoadStateWithParam to_insert = load_state;
1728 LoadInfoMap::iterator existing = info_map.find(id);
1729 if (existing != info_map.end()) {
1731 MoreInterestingLoadState(existing->second.load_state, load_state);
1732 if (to_insert.state == existing->second.load_state.state)
1735 LoadInfo& load_info = info_map[id];
1736 load_info.url = request->url();
1737 load_info.load_state = to_insert;
1738 load_info.upload_size = progress.size();
1739 load_info.upload_position = progress.position();
1742 if (info_map.empty())
1745 BrowserThread::PostTask(
1746 BrowserThread::UI, FROM_HERE,
1747 base::Bind(&LoadInfoUpdateCallback, info_map));
1750 void ResourceDispatcherHostImpl::BlockRequestsForRoute(int child_id,
1752 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1753 GlobalRoutingID key(child_id, route_id);
1754 DCHECK(blocked_loaders_map_.find(key) == blocked_loaders_map_.end()) <<
1755 "BlockRequestsForRoute called multiple time for the same RVH";
1756 blocked_loaders_map_[key] = new BlockedLoadersList();
1759 void ResourceDispatcherHostImpl::ResumeBlockedRequestsForRoute(int child_id,
1761 ProcessBlockedRequestsForRoute(child_id, route_id, false);
1764 void ResourceDispatcherHostImpl::CancelBlockedRequestsForRoute(int child_id,
1766 ProcessBlockedRequestsForRoute(child_id, route_id, true);
1769 void ResourceDispatcherHostImpl::ProcessBlockedRequestsForRoute(
1772 bool cancel_requests) {
1773 BlockedLoadersMap::iterator iter = blocked_loaders_map_.find(
1774 GlobalRoutingID(child_id, route_id));
1775 if (iter == blocked_loaders_map_.end()) {
1776 // It's possible to reach here if the renderer crashed while an interstitial
1777 // page was showing.
1781 BlockedLoadersList* loaders = iter->second;
1783 // Removing the vector from the map unblocks any subsequent requests.
1784 blocked_loaders_map_.erase(iter);
1786 for (BlockedLoadersList::iterator loaders_iter = loaders->begin();
1787 loaders_iter != loaders->end(); ++loaders_iter) {
1788 linked_ptr<ResourceLoader> loader = *loaders_iter;
1789 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
1790 if (cancel_requests) {
1791 IncrementOutstandingRequestsMemory(-1, *info);
1793 StartLoading(info, loader);
1800 ResourceDispatcherHostImpl::HttpAuthRelationType
1801 ResourceDispatcherHostImpl::HttpAuthRelationTypeOf(
1802 const GURL& request_url,
1803 const GURL& first_party) {
1804 if (!first_party.is_valid())
1805 return HTTP_AUTH_RELATION_TOP;
1807 if (net::registry_controlled_domains::SameDomainOrHost(
1808 first_party, request_url,
1809 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES))
1810 return HTTP_AUTH_RELATION_SAME_DOMAIN;
1812 if (allow_cross_origin_auth_prompt())
1813 return HTTP_AUTH_RELATION_ALLOWED_CROSS;
1815 return HTTP_AUTH_RELATION_BLOCKED_CROSS;
1818 bool ResourceDispatcherHostImpl::allow_cross_origin_auth_prompt() {
1819 return allow_cross_origin_auth_prompt_;
1822 bool ResourceDispatcherHostImpl::IsTransferredNavigation(
1823 const GlobalRequestID& id) const {
1824 ResourceLoader* loader = GetLoader(id);
1825 return loader ? loader->is_transferring() : false;
1828 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(
1829 const GlobalRequestID& id) const {
1830 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1832 LoaderMap::const_iterator i = pending_loaders_.find(id);
1833 if (i == pending_loaders_.end())
1836 return i->second.get();
1839 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(int child_id,
1840 int request_id) const {
1841 return GetLoader(GlobalRequestID(child_id, request_id));
1844 void ResourceDispatcherHostImpl::RegisterResourceMessageDelegate(
1845 const GlobalRequestID& id, ResourceMessageDelegate* delegate) {
1846 DelegateMap::iterator it = delegate_map_.find(id);
1847 if (it == delegate_map_.end()) {
1848 it = delegate_map_.insert(
1849 std::make_pair(id, new ObserverList<ResourceMessageDelegate>)).first;
1851 it->second->AddObserver(delegate);
1854 void ResourceDispatcherHostImpl::UnregisterResourceMessageDelegate(
1855 const GlobalRequestID& id, ResourceMessageDelegate* delegate) {
1856 DCHECK(ContainsKey(delegate_map_, id));
1857 DelegateMap::iterator it = delegate_map_.find(id);
1858 DCHECK(it->second->HasObserver(delegate));
1859 it->second->RemoveObserver(delegate);
1860 if (!it->second->might_have_observers()) {
1862 delegate_map_.erase(it);
1866 int ResourceDispatcherHostImpl::BuildLoadFlagsForRequest(
1867 const ResourceHostMsg_Request& request_data,
1869 bool is_sync_load) {
1870 int load_flags = request_data.load_flags;
1872 // Although EV status is irrelevant to sub-frames and sub-resources, we have
1873 // to perform EV certificate verification on all resources because an HTTP
1874 // keep-alive connection created to load a sub-frame or a sub-resource could
1875 // be reused to load a main frame.
1876 load_flags |= net::LOAD_VERIFY_EV_CERT;
1877 if (request_data.resource_type == ResourceType::MAIN_FRAME) {
1878 load_flags |= net::LOAD_MAIN_FRAME;
1879 } else if (request_data.resource_type == ResourceType::SUB_FRAME) {
1880 load_flags |= net::LOAD_SUB_FRAME;
1881 } else if (request_data.resource_type == ResourceType::PREFETCH) {
1882 load_flags |= (net::LOAD_PREFETCH | net::LOAD_DO_NOT_PROMPT_FOR_LOGIN);
1883 } else if (request_data.resource_type == ResourceType::FAVICON) {
1884 load_flags |= net::LOAD_DO_NOT_PROMPT_FOR_LOGIN;
1885 } else if (request_data.resource_type == ResourceType::IMAGE) {
1886 // Prevent third-party image content from prompting for login, as this
1887 // is often a scam to extract credentials for another domain from the user.
1888 // Only block image loads, as the attack applies largely to the "src"
1889 // property of the <img> tag. It is common for web properties to allow
1890 // untrusted values for <img src>; this is considered a fair thing for an
1891 // HTML sanitizer to do. Conversely, any HTML sanitizer that didn't
1892 // filter sources for <script>, <link>, <embed>, <object>, <iframe> tags
1893 // would be considered vulnerable in and of itself.
1894 HttpAuthRelationType relation_type = HttpAuthRelationTypeOf(
1895 request_data.url, request_data.first_party_for_cookies);
1896 if (relation_type == HTTP_AUTH_RELATION_BLOCKED_CROSS) {
1897 load_flags |= (net::LOAD_DO_NOT_USE_EMBEDDED_IDENTITY |
1898 net::LOAD_DO_NOT_PROMPT_FOR_LOGIN);
1903 load_flags |= net::LOAD_IGNORE_LIMITS;
1905 ChildProcessSecurityPolicyImpl* policy =
1906 ChildProcessSecurityPolicyImpl::GetInstance();
1907 if (!policy->CanSendCookiesForOrigin(child_id, request_data.url)) {
1908 load_flags |= (net::LOAD_DO_NOT_SEND_COOKIES |
1909 net::LOAD_DO_NOT_SEND_AUTH_DATA |
1910 net::LOAD_DO_NOT_SAVE_COOKIES);
1913 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only
1914 // allow requesting them if requester has ReadRawCookies permission.
1915 if ((load_flags & net::LOAD_REPORT_RAW_HEADERS)
1916 && !policy->CanReadRawCookies(child_id)) {
1917 VLOG(1) << "Denied unauthorized request for raw headers";
1918 load_flags &= ~net::LOAD_REPORT_RAW_HEADERS;
1924 } // namespace content