2 * Copyright (C) 2006, 2007, 2008, 2009, 2010 Apple Inc. All rights reserved.
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmobile.com/)
5 * Copyright (C) 2009 Adam Barth. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
17 * its contributors may be used to endorse or promote products derived
18 * from this software without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
21 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
24 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include "core/loader/NavigationScheduler.h"
35 #include "bindings/core/v8/ScriptController.h"
36 #include "core/events/Event.h"
37 #include "core/fetch/ResourceLoaderOptions.h"
38 #include "core/frame/LocalFrame.h"
39 #include "core/frame/csp/ContentSecurityPolicy.h"
40 #include "core/html/HTMLFormElement.h"
41 #include "core/inspector/InspectorInstrumentation.h"
42 #include "core/loader/DocumentLoader.h"
43 #include "core/loader/FormState.h"
44 #include "core/loader/FormSubmission.h"
45 #include "core/loader/FrameLoadRequest.h"
46 #include "core/loader/FrameLoader.h"
47 #include "core/loader/FrameLoaderClient.h"
48 #include "core/loader/FrameLoaderStateMachine.h"
49 #include "core/page/BackForwardClient.h"
50 #include "core/page/Page.h"
51 #include "platform/SharedBuffer.h"
52 #include "platform/UserGestureIndicator.h"
53 #include "wtf/CurrentTime.h"
57 unsigned NavigationDisablerForBeforeUnload::s_navigationDisableCount = 0;
59 class ScheduledNavigation {
60 WTF_MAKE_NONCOPYABLE(ScheduledNavigation); WTF_MAKE_FAST_ALLOCATED;
62 ScheduledNavigation(double delay, bool lockBackForwardList, bool isLocationChange)
64 , m_lockBackForwardList(lockBackForwardList)
65 , m_isLocationChange(isLocationChange)
66 , m_wasUserGesture(UserGestureIndicator::processingUserGesture())
69 m_userGestureToken = UserGestureIndicator::currentToken();
71 virtual ~ScheduledNavigation() { }
73 virtual void fire(LocalFrame*) = 0;
75 virtual bool shouldStartTimer(LocalFrame*) { return true; }
77 double delay() const { return m_delay; }
78 bool lockBackForwardList() const { return m_lockBackForwardList; }
79 bool isLocationChange() const { return m_isLocationChange; }
80 PassOwnPtr<UserGestureIndicator> createUserGestureIndicator()
82 if (m_wasUserGesture && m_userGestureToken)
83 return adoptPtr(new UserGestureIndicator(m_userGestureToken));
84 return adoptPtr(new UserGestureIndicator(DefinitelyNotProcessingUserGesture));
88 void clearUserGesture() { m_wasUserGesture = false; }
92 bool m_lockBackForwardList;
93 bool m_isLocationChange;
94 bool m_wasUserGesture;
95 RefPtr<UserGestureToken> m_userGestureToken;
98 class ScheduledURLNavigation : public ScheduledNavigation {
100 ScheduledURLNavigation(double delay, Document* originDocument, const String& url, const Referrer& referrer, bool lockBackForwardList, bool isLocationChange)
101 : ScheduledNavigation(delay, lockBackForwardList, isLocationChange)
102 , m_originDocument(originDocument)
104 , m_referrer(referrer)
105 , m_shouldCheckMainWorldContentSecurityPolicy(CheckContentSecurityPolicy)
107 if (ContentSecurityPolicy::shouldBypassMainWorld(originDocument))
108 m_shouldCheckMainWorldContentSecurityPolicy = DoNotCheckContentSecurityPolicy;
111 virtual void fire(LocalFrame* frame) OVERRIDE
113 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
114 FrameLoadRequest request(m_originDocument.get(), ResourceRequest(KURL(ParsedURLString, m_url), m_referrer), "_self", m_shouldCheckMainWorldContentSecurityPolicy);
115 request.setLockBackForwardList(lockBackForwardList());
116 request.setClientRedirect(ClientRedirect);
117 frame->loader().load(request);
120 Document* originDocument() const { return m_originDocument.get(); }
121 String url() const { return m_url; }
122 const Referrer& referrer() const { return m_referrer; }
125 RefPtrWillBePersistent<Document> m_originDocument;
128 ContentSecurityPolicyCheck m_shouldCheckMainWorldContentSecurityPolicy;
131 class ScheduledRedirect FINAL : public ScheduledURLNavigation {
133 ScheduledRedirect(double delay, Document* originDocument, const String& url, bool lockBackForwardList)
134 : ScheduledURLNavigation(delay, originDocument, url, Referrer(), lockBackForwardList, false)
139 virtual bool shouldStartTimer(LocalFrame* frame) OVERRIDE { return frame->loader().allAncestorsAreComplete(); }
141 virtual void fire(LocalFrame* frame) OVERRIDE
143 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
144 FrameLoadRequest request(originDocument(), ResourceRequest(KURL(ParsedURLString, url()), referrer()), "_self");
145 request.setLockBackForwardList(lockBackForwardList());
146 if (equalIgnoringFragmentIdentifier(frame->document()->url(), request.resourceRequest().url()))
147 request.resourceRequest().setCachePolicy(ReloadIgnoringCacheData);
148 request.setClientRedirect(ClientRedirect);
149 frame->loader().load(request);
153 class ScheduledLocationChange FINAL : public ScheduledURLNavigation {
155 ScheduledLocationChange(Document* originDocument, const String& url, const Referrer& referrer, bool lockBackForwardList)
156 : ScheduledURLNavigation(0.0, originDocument, url, referrer, lockBackForwardList, true) { }
159 class ScheduledReload FINAL : public ScheduledNavigation {
162 : ScheduledNavigation(0.0, true, true)
166 virtual void fire(LocalFrame* frame) OVERRIDE
168 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
169 frame->loader().reload(NormalReload, KURL(), nullAtom, ClientRedirect);
173 class ScheduledPageBlock FINAL : public ScheduledURLNavigation {
175 ScheduledPageBlock(Document* originDocument, const String& url, const Referrer& referrer)
176 : ScheduledURLNavigation(0.0, originDocument, url, referrer, true, true)
180 virtual void fire(LocalFrame* frame) OVERRIDE
182 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
183 SubstituteData substituteData(SharedBuffer::create(), "text/plain", "UTF-8", KURL(), ForceSynchronousLoad);
184 FrameLoadRequest request(originDocument(), ResourceRequest(KURL(ParsedURLString, url()), referrer(), ReloadIgnoringCacheData), substituteData);
185 request.setLockBackForwardList(true);
186 request.setClientRedirect(ClientRedirect);
187 frame->loader().load(request);
191 class ScheduledHistoryNavigation FINAL : public ScheduledNavigation {
193 explicit ScheduledHistoryNavigation(int historySteps)
194 : ScheduledNavigation(0, false, true)
195 , m_historySteps(historySteps)
199 virtual void fire(LocalFrame* frame) OVERRIDE
201 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
202 // go(i!=0) from a frame navigates into the history of the frame only,
203 // in both IE and NS (but not in Mozilla). We can't easily do that.
204 frame->page()->deprecatedLocalMainFrame()->loader().client()->navigateBackForward(m_historySteps);
211 class ScheduledFormSubmission FINAL : public ScheduledNavigation {
213 ScheduledFormSubmission(PassRefPtrWillBeRawPtr<FormSubmission> submission, bool lockBackForwardList)
214 : ScheduledNavigation(0, lockBackForwardList, true)
215 , m_submission(submission)
217 ASSERT(m_submission->state());
220 virtual void fire(LocalFrame* frame) OVERRIDE
222 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator();
223 FrameLoadRequest frameRequest(m_submission->state()->sourceDocument());
224 m_submission->populateFrameLoadRequest(frameRequest);
225 frameRequest.setLockBackForwardList(lockBackForwardList());
226 frameRequest.setTriggeringEvent(m_submission->event());
227 frameRequest.setFormState(m_submission->state());
228 frame->loader().load(frameRequest);
232 RefPtrWillBePersistent<FormSubmission> m_submission;
235 NavigationScheduler::NavigationScheduler(LocalFrame* frame)
237 , m_timer(this, &NavigationScheduler::timerFired)
241 NavigationScheduler::~NavigationScheduler()
245 bool NavigationScheduler::locationChangePending()
247 return m_redirect && m_redirect->isLocationChange();
250 inline bool NavigationScheduler::shouldScheduleNavigation() const
252 return m_frame->page();
255 inline bool NavigationScheduler::shouldScheduleNavigation(const String& url) const
257 return shouldScheduleNavigation() && (protocolIsJavaScript(url) || NavigationDisablerForBeforeUnload::isNavigationAllowed());
260 void NavigationScheduler::scheduleRedirect(double delay, const String& url)
262 if (!shouldScheduleNavigation(url))
264 if (delay < 0 || delay > INT_MAX / 1000)
269 // We want a new back/forward list item if the refresh timeout is > 1 second.
270 if (!m_redirect || delay <= m_redirect->delay())
271 schedule(adoptPtr(new ScheduledRedirect(delay, m_frame->document(), url, delay <= 1)));
274 bool NavigationScheduler::mustLockBackForwardList(LocalFrame* targetFrame)
276 // Non-user navigation before the page has finished firing onload should not create a new back/forward item.
277 // See https://webkit.org/b/42861 for the original motivation for this.
278 if (!UserGestureIndicator::processingUserGesture() && !targetFrame->document()->loadEventFinished())
281 // From the HTML5 spec for location.assign():
282 // "If the browsing context's session history contains only one Document,
283 // and that was the about:blank Document created when the browsing context
284 // was created, then the navigation must be done with replacement enabled."
285 if (!targetFrame->loader().stateMachine()->committedMultipleRealLoads()
286 && equalIgnoringCase(targetFrame->document()->url(), blankURL()))
289 // Navigation of a subframe during loading of an ancestor frame does not create a new back/forward item.
290 // The definition of "during load" is any time before all handlers for the load event have been run.
291 // See https://bugs.webkit.org/show_bug.cgi?id=14957 for the original motivation for this.
292 Frame* parentFrame = targetFrame->tree().parent();
293 return parentFrame && parentFrame->isLocalFrame() && !toLocalFrame(parentFrame)->loader().allAncestorsAreComplete();
296 void NavigationScheduler::scheduleLocationChange(Document* originDocument, const String& url, const Referrer& referrer, bool lockBackForwardList)
298 if (!shouldScheduleNavigation(url))
303 lockBackForwardList = lockBackForwardList || mustLockBackForwardList(m_frame);
305 // If the URL we're going to navigate to is the same as the current one, except for the
306 // fragment part, we don't need to schedule the location change. We'll skip this
307 // optimization for cross-origin navigations to minimize the navigator's ability to
308 // execute timing attacks.
309 if (originDocument->securityOrigin()->canAccess(m_frame->document()->securityOrigin())) {
310 KURL parsedURL(ParsedURLString, url);
311 if (parsedURL.hasFragmentIdentifier() && equalIgnoringFragmentIdentifier(m_frame->document()->url(), parsedURL)) {
312 FrameLoadRequest request(originDocument, ResourceRequest(m_frame->document()->completeURL(url), referrer), "_self");
313 request.setLockBackForwardList(lockBackForwardList);
314 if (lockBackForwardList)
315 request.setClientRedirect(ClientRedirect);
316 m_frame->loader().load(request);
321 schedule(adoptPtr(new ScheduledLocationChange(originDocument, url, referrer, lockBackForwardList)));
324 void NavigationScheduler::schedulePageBlock(Document* originDocument, const Referrer& referrer)
326 ASSERT(m_frame->page());
327 const KURL& url = m_frame->document()->url();
328 schedule(adoptPtr(new ScheduledPageBlock(originDocument, url, referrer)));
331 void NavigationScheduler::scheduleFormSubmission(PassRefPtrWillBeRawPtr<FormSubmission> submission)
333 ASSERT(m_frame->page());
334 schedule(adoptPtr(new ScheduledFormSubmission(submission, mustLockBackForwardList(m_frame))));
337 void NavigationScheduler::scheduleReload()
339 if (!shouldScheduleNavigation())
341 if (m_frame->document()->url().isEmpty())
343 schedule(adoptPtr(new ScheduledReload));
346 void NavigationScheduler::scheduleHistoryNavigation(int steps)
348 if (!shouldScheduleNavigation())
351 // Invalid history navigations (such as history.forward() during a new load) have the side effect of cancelling any scheduled
352 // redirects. We also avoid the possibility of cancelling the current load by avoiding the scheduled redirection altogether.
353 BackForwardClient& backForward = m_frame->page()->backForward();
354 if (steps > backForward.forwardListCount() || -steps > backForward.backListCount()) {
359 // In all other cases, schedule the history traversal to occur asynchronously.
361 schedule(adoptPtr(new ScheduledHistoryNavigation(steps)));
363 schedule(adoptPtr(new ScheduledReload));
366 void NavigationScheduler::timerFired(Timer<NavigationScheduler>*)
368 if (!m_frame->page())
370 if (m_frame->page()->defersLoading()) {
371 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame);
375 RefPtr<LocalFrame> protect(m_frame);
377 OwnPtr<ScheduledNavigation> redirect(m_redirect.release());
378 redirect->fire(m_frame);
379 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame);
382 void NavigationScheduler::schedule(PassOwnPtr<ScheduledNavigation> redirect)
384 ASSERT(m_frame->page());
386 // In a back/forward navigation, we sometimes restore history state to iframes, even though the state was generated
387 // dynamically and JS will try to put something different in the iframe. In this case, we will load stale things
388 // and/or confuse the JS when it shortly thereafter tries to schedule a location change. Let the JS have its way.
389 // FIXME: This check seems out of place.
390 if (!m_frame->loader().stateMachine()->committedFirstRealDocumentLoad() && m_frame->loader().provisionalDocumentLoader()) {
391 RefPtr<Frame> protect(m_frame);
392 m_frame->loader().provisionalDocumentLoader()->stopLoading();
393 if (!m_frame->host())
398 m_redirect = redirect;
402 void NavigationScheduler::startTimer()
407 ASSERT(m_frame->page());
408 if (m_timer.isActive())
410 if (!m_redirect->shouldStartTimer(m_frame))
413 m_timer.startOneShot(m_redirect->delay(), FROM_HERE);
414 InspectorInstrumentation::frameScheduledNavigation(m_frame, m_redirect->delay());
417 void NavigationScheduler::cancel()
419 if (m_timer.isActive())
420 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame);