src/third_party/WebKit/Source/core/loader/PingLoader.cpp

   1 /*
   2  * Copyright (C) 2010 Google Inc. All rights reserved.
   3  *
   4  * Redistribution and use in source and binary forms, with or without
   5  * modification, are permitted provided that the following conditions are
   6  * met:
   7  *
   8  *     * Redistributions of source code must retain the above copyright
   9  * notice, this list of conditions and the following disclaimer.
  10  *     * Redistributions in binary form must reproduce the above
  11  * copyright notice, this list of conditions and the following disclaimer
  12  * in the documentation and/or other materials provided with the
  13  * distribution.
  14  *     * Neither the name of Google Inc. nor the names of its
  15  * contributors may be used to endorse or promote products derived from
  16  * this software without specific prior written permission.
  17  *
  18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29  *
  30  */
  31
  32 #include "config.h"
  33 #include "core/loader/PingLoader.h"
  34
  35 #include "FetchInitiatorTypeNames.h"
  36 #include "core/dom/Document.h"
  37 #include "core/fetch/FetchContext.h"
  38 #include "core/frame/LocalFrame.h"
  39 #include "core/inspector/InspectorInstrumentation.h"
  40 #include "core/loader/FrameLoader.h"
  41 #include "core/loader/FrameLoaderClient.h"
  42 #include "core/loader/UniqueIdentifier.h"
  43 #include "core/page/Page.h"
  44 #include "platform/exported/WrappedResourceRequest.h"
  45 #include "platform/network/FormData.h"
  46 #include "platform/network/ResourceError.h"
  47 #include "platform/network/ResourceRequest.h"
  48 #include "platform/network/ResourceResponse.h"
  49 #include "platform/weborigin/SecurityOrigin.h"
  50 #include "platform/weborigin/SecurityPolicy.h"
  51 #include "public/platform/Platform.h"
  52 #include "public/platform/WebURLLoader.h"
  53 #include "public/platform/WebURLResponse.h"
  54 #include "wtf/OwnPtr.h"
  55
  56 namespace WebCore {
  57
  58 void PingLoader::loadImage(LocalFrame* frame, const KURL& url)
  59 {
  60     if (!frame->document()->securityOrigin()->canDisplay(url)) {
  61         FrameLoader::reportLocalLoadFailed(frame, url.string());
  62         return;
  63     }
  64
  65     ResourceRequest request(url);
  66     request.setTargetType(ResourceRequest::TargetIsPing);
  67     request.setHTTPHeaderField("Cache-Control", "max-age=0");
  68     frame->loader().fetchContext().addAdditionalRequestHeaders(frame->document(), request, FetchSubresource);
  69
  70     FetchInitiatorInfo initiatorInfo;
  71     initiatorInfo.name = FetchInitiatorTypeNames::ping;
  72     PingLoader::start(frame, request, initiatorInfo);
  73 }
  74
  75 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
  76 void PingLoader::sendPing(LocalFrame* frame, const KURL& pingURL, const KURL& destinationURL)
  77 {
  78     ResourceRequest request(pingURL);
  79     request.setTargetType(ResourceRequest::TargetIsPing);
  80     request.setHTTPMethod("POST");
  81     request.setHTTPContentType("text/ping");
  82     request.setHTTPBody(FormData::create("PING"));
  83     request.setHTTPHeaderField("Cache-Control", "max-age=0");
  84     frame->loader().fetchContext().addAdditionalRequestHeaders(frame->document(), request, FetchSubresource);
  85
  86     RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL);
  87     // addAdditionalRequestHeaders() will have added a referrer for same origin requests,
  88     // but the spec omits the referrer for same origin.
  89     if (frame->document()->securityOrigin()->isSameSchemeHostPort(pingOrigin.get()))
  90         request.clearHTTPReferrer();
  91
  92     request.setHTTPHeaderField("Ping-To", AtomicString(destinationURL.string()));
  93
  94     // Ping-From follows the same rules as the default referrer beahavior for subresource requests.
  95     // FIXME: Should Ping-From obey ReferrerPolicy?
  96     if (!SecurityPolicy::shouldHideReferrer(pingURL, frame->document()->url().string()))
  97         request.setHTTPHeaderField("Ping-From", AtomicString(frame->document()->url().string()));
  98
  99     FetchInitiatorInfo initiatorInfo;
 100     initiatorInfo.name = FetchInitiatorTypeNames::ping;
 101     PingLoader::start(frame, request, initiatorInfo);
 102 }
 103
 104 void PingLoader::sendViolationReport(LocalFrame* frame, const KURL& reportURL, PassRefPtr<FormData> report, ViolationReportType type)
 105 {
 106     ResourceRequest request(reportURL);
 107     request.setTargetType(ResourceRequest::TargetIsSubresource);
 108     request.setHTTPMethod("POST");
 109     request.setHTTPContentType(type == ContentSecurityPolicyViolationReport ? "application/csp-report" : "application/json");
 110     request.setHTTPBody(report);
 111     frame->loader().fetchContext().addAdditionalRequestHeaders(frame->document(), request, FetchSubresource);
 112
 113     FetchInitiatorInfo initiatorInfo;
 114     initiatorInfo.name = FetchInitiatorTypeNames::violationreport;
 115     PingLoader::start(frame, request, initiatorInfo, SecurityOrigin::create(reportURL)->isSameSchemeHostPort(frame->document()->securityOrigin()) ? AllowStoredCredentials : DoNotAllowStoredCredentials);
 116 }
 117
 118 void PingLoader::start(LocalFrame* frame, ResourceRequest& request, const FetchInitiatorInfo& initiatorInfo, StoredCredentials credentialsAllowed)
 119 {
 120     OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request, initiatorInfo, credentialsAllowed));
 121
 122     // Leak the ping loader, since it will kill itself as soon as it receives a response.
 123     PingLoader* ALLOW_UNUSED leakedPingLoader = pingLoader.leakPtr();
 124 }
 125
 126 PingLoader::PingLoader(LocalFrame* frame, ResourceRequest& request, const FetchInitiatorInfo& initiatorInfo, StoredCredentials credentialsAllowed)
 127     : PageLifecycleObserver(frame->page())
 128     , m_timeout(this, &PingLoader::timeout)
 129     , m_url(request.url())
 130     , m_identifier(createUniqueIdentifier())
 131 {
 132     frame->loader().client()->didDispatchPingLoader(request.url());
 133
 134     m_loader = adoptPtr(blink::Platform::current()->createURLLoader());
 135     ASSERT(m_loader);
 136     blink::WrappedResourceRequest wrappedRequest(request);
 137     wrappedRequest.setAllowStoredCredentials(credentialsAllowed == AllowStoredCredentials);
 138     m_loader->loadAsynchronously(wrappedRequest, this);
 139
 140     InspectorInstrumentation::willSendRequest(frame, m_identifier, frame->loader().documentLoader(), request, ResourceResponse(), initiatorInfo);
 141
 142     // If the server never responds, FrameLoader won't be able to cancel this load and
 143     // we'll sit here waiting forever. Set a very generous timeout, just in case.
 144     m_timeout.startOneShot(60000, FROM_HERE);
 145 }
 146
 147 PingLoader::~PingLoader()
 148 {
 149     if (m_loader)
 150         m_loader->cancel();
 151 }
 152
 153 void PingLoader::didReceiveResponse(blink::WebURLLoader*, const blink::WebURLResponse&)
 154 {
 155     if (Page* page = this->page())
 156         InspectorInstrumentation::didFailLoading(page->mainFrame(), m_identifier, ResourceError::cancelledError(m_url));
 157     delete this;
 158 }
 159
 160 void PingLoader::didReceiveData(blink::WebURLLoader*, const char* data, int dataLength, int encodedDataLength)
 161 {
 162     if (Page* page = this->page())
 163         InspectorInstrumentation::didFailLoading(page->mainFrame(), m_identifier, ResourceError::cancelledError(m_url));
 164     delete this;
 165 }
 166
 167 void PingLoader::didFinishLoading(blink::WebURLLoader*, double, int64_t)
 168 {
 169     if (Page* page = this->page())
 170         InspectorInstrumentation::didFailLoading(page->mainFrame(), m_identifier, ResourceError::cancelledError(m_url));
 171     delete this;
 172 }
 173
 174 void PingLoader::didFail(blink::WebURLLoader*, const blink::WebURLError& resourceError)
 175 {
 176     if (Page* page = this->page())
 177         InspectorInstrumentation::didFailLoading(page->mainFrame(), m_identifier, ResourceError(resourceError));
 178     delete this;
 179 }
 180
 181 void PingLoader::timeout(Timer<PingLoader>*)
 182 {
 183     if (Page* page = this->page())
 184         InspectorInstrumentation::didFailLoading(page->mainFrame(), m_identifier, ResourceError::cancelledError(m_url));
 185     delete this;
 186 }
 187
 188 }