2 * Copyright (C) 2010 Google Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include "PingLoader.h"
38 #include "FrameLoaderClient.h"
39 #include "InspectorInstrumentation.h"
41 #include "ProgressTracker.h"
42 #include "ResourceHandle.h"
43 #include "SecurityOrigin.h"
44 #include <wtf/OwnPtr.h>
45 #include <wtf/UnusedParam.h>
46 #include <wtf/text/CString.h>
50 void PingLoader::loadImage(Frame* frame, const KURL& url)
52 if (!frame->document()->securityOrigin()->canDisplay(url)) {
53 FrameLoader::reportLocalLoadFailed(frame, url);
57 ResourceRequest request(url);
58 #if PLATFORM(CHROMIUM)
59 request.setTargetType(ResourceRequest::TargetIsImage);
61 request.setHTTPHeaderField("Cache-Control", "max-age=0");
62 if (!SecurityOrigin::shouldHideReferrer(request.url(), frame->loader()->outgoingReferrer()))
63 request.setHTTPReferrer(frame->loader()->outgoingReferrer());
64 frame->loader()->addExtraFieldsToSubresourceRequest(request);
65 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
67 // Leak the ping loader, since it will kill itself as soon as it receives a response.
68 PingLoader* leakedPingLoader = pingLoader.leakPtr();
69 UNUSED_PARAM(leakedPingLoader);
72 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing
73 void PingLoader::sendPing(Frame* frame, const KURL& pingURL, const KURL& destinationURL)
75 ResourceRequest request(pingURL);
76 #if PLATFORM(CHROMIUM)
77 request.setTargetType(ResourceRequest::TargetIsSubresource);
79 request.setHTTPMethod("POST");
80 request.setHTTPContentType("text/ping");
81 request.setHTTPBody(FormData::create("PING"));
82 request.setHTTPHeaderField("Cache-Control", "max-age=0");
83 frame->loader()->addExtraFieldsToSubresourceRequest(request);
85 SecurityOrigin* sourceOrigin = frame->document()->securityOrigin();
86 RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL);
87 FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString());
88 request.setHTTPHeaderField("Ping-To", destinationURL);
89 if (!SecurityOrigin::shouldHideReferrer(pingURL, frame->loader()->outgoingReferrer())) {
90 request.setHTTPHeaderField("Ping-From", frame->document()->url());
91 if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get()))
92 request.setHTTPReferrer(frame->loader()->outgoingReferrer());
94 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
96 // Leak the ping loader, since it will kill itself as soon as it receives a response.
97 PingLoader* leakedPingLoader = pingLoader.leakPtr();
98 UNUSED_PARAM(leakedPingLoader);
101 void PingLoader::reportContentSecurityPolicyViolation(Frame* frame, const KURL& reportURL, PassRefPtr<FormData> report)
103 ResourceRequest request(reportURL);
104 #if PLATFORM(CHROMIUM)
105 request.setTargetType(ResourceRequest::TargetIsSubresource);
107 request.setHTTPMethod("POST");
108 request.setHTTPContentType("application/x-www-form-urlencoded");
109 request.setHTTPBody(report);
110 frame->loader()->addExtraFieldsToSubresourceRequest(request);
112 if (!SecurityOrigin::shouldHideReferrer(reportURL, frame->loader()->outgoingReferrer()))
113 request.setHTTPReferrer(frame->loader()->outgoingReferrer());
114 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request));
116 // Leak the ping loader, since it will kill itself as soon as it receives a response.
117 PingLoader* leakedPingLoader = pingLoader.leakPtr();
118 UNUSED_PARAM(leakedPingLoader);
121 PingLoader::PingLoader(Frame* frame, ResourceRequest& request)
122 : m_timeout(this, &PingLoader::timeout)
124 unsigned long identifier = frame->page()->progress()->createUniqueIdentifier();
125 // FIXME: Why activeDocumentLoader? I would have expected documentLoader().
126 // Itseems like the PingLoader should be associated with the current
127 // Document in the Frame, but the activeDocumentLoader will be associated
128 // with the provisional DocumentLoader if there is a provisional
130 m_shouldUseCredentialStorage = frame->loader()->client()->shouldUseCredentialStorage(frame->loader()->activeDocumentLoader(), identifier);
131 m_handle = ResourceHandle::create(frame->loader()->networkingContext(), request, this, false, false);
133 InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame->loader()->activeDocumentLoader(), request, ResourceResponse());
135 // If the server never responds, FrameLoader won't be able to cancel this load and
136 // we'll sit here waiting forever. Set a very generous timeout, just in case.
137 m_timeout.startOneShot(60000);
140 PingLoader::~PingLoader()