1/* 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 * 25 */ 26 27#ifndef CrossOriginPreflightResultCache_h 28#define CrossOriginPreflightResultCache_h 29 30#include "URLHash.h" 31#include "ResourceHandleTypes.h" 32#include <chrono> 33#include <wtf/HashMap.h> 34#include <wtf/HashSet.h> 35#include <wtf/text/StringHash.h> 36 37namespace WebCore { 38 39class HTTPHeaderMap; 40class ResourceResponse; 41 42class CrossOriginPreflightResultCacheItem { 43 WTF_MAKE_NONCOPYABLE(CrossOriginPreflightResultCacheItem); WTF_MAKE_FAST_ALLOCATED; 44public: 45 explicit CrossOriginPreflightResultCacheItem(StoredCredentials credentials) 46 : m_credentials(credentials) 47 { 48 } 49 50 bool parse(const ResourceResponse&, String& errorDescription); 51 bool allowsCrossOriginMethod(const String&, String& errorDescription) const; 52 bool allowsCrossOriginHeaders(const HTTPHeaderMap&, String& errorDescription) const; 53 bool allowsRequest(StoredCredentials, const String& method, const HTTPHeaderMap& requestHeaders) const; 54 55private: 56 // FIXME: A better solution to holding onto the absolute expiration time might be 57 // to start a timer for the expiration delta that removes this from the cache when 58 // it fires. 59 std::chrono::steady_clock::time_point m_absoluteExpiryTime; 60 StoredCredentials m_credentials; 61 HashSet<String> m_methods; 62 HashSet<String, CaseFoldingHash> m_headers; 63}; 64 65class CrossOriginPreflightResultCache { 66 WTF_MAKE_NONCOPYABLE(CrossOriginPreflightResultCache); WTF_MAKE_FAST_ALLOCATED; 67 68public: 69 static CrossOriginPreflightResultCache& shared(); 70 71 void appendEntry(const String& origin, const URL&, std::unique_ptr<CrossOriginPreflightResultCacheItem>); 72 bool canSkipPreflight(const String& origin, const URL&, StoredCredentials, const String& method, const HTTPHeaderMap& requestHeaders); 73 74 void empty(); 75 76private: 77 friend NeverDestroyed<CrossOriginPreflightResultCache>; 78 CrossOriginPreflightResultCache(); 79 80 HashMap<std::pair<String, URL>, std::unique_ptr<CrossOriginPreflightResultCacheItem>> m_preflightHashMap; 81}; 82 83} // namespace WebCore 84 85#endif 86