1/* 2 * Copyright (C) 2006, 2007, 2010, 2011 Apple Inc. All rights reserved. 3 * (C) 2007 Graham Dennis (graham.dennis@gmail.com) 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 15 * its contributors may be used to endorse or promote products derived 16 * from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY 19 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY 22 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30#include "config.h" 31#include "ResourceLoader.h" 32 33#include "ApplicationCacheHost.h" 34#include "AsyncFileStream.h" 35#include "AuthenticationChallenge.h" 36#include "DocumentLoader.h" 37#include "Frame.h" 38#include "FrameLoader.h" 39#include "FrameLoaderClient.h" 40#include "InspectorInstrumentation.h" 41#include "LoaderStrategy.h" 42#include "Page.h" 43#include "PlatformStrategies.h" 44#include "ProgressTracker.h" 45#include "ResourceBuffer.h" 46#include "ResourceError.h" 47#include "ResourceHandle.h" 48#include "ResourceLoadScheduler.h" 49#include "SecurityOrigin.h" 50#include "Settings.h" 51#include "SharedBuffer.h" 52 53namespace WebCore { 54 55ResourceLoader::ResourceLoader(Frame* frame, ResourceLoaderOptions options) 56 : m_frame(frame) 57 , m_documentLoader(frame->loader()->activeDocumentLoader()) 58 , m_identifier(0) 59 , m_reachedTerminalState(false) 60 , m_notifiedLoadComplete(false) 61 , m_cancellationStatus(NotCancelled) 62 , m_defersLoading(frame->page()->defersLoading()) 63 , m_options(options) 64{ 65} 66 67ResourceLoader::~ResourceLoader() 68{ 69 ASSERT(m_reachedTerminalState); 70} 71 72void ResourceLoader::releaseResources() 73{ 74 ASSERT(!m_reachedTerminalState); 75 76 // It's possible that when we release the handle, it will be 77 // deallocated and release the last reference to this object. 78 // We need to retain to avoid accessing the object after it 79 // has been deallocated and also to avoid reentering this method. 80 RefPtr<ResourceLoader> protector(this); 81 82 m_frame = 0; 83 m_documentLoader = 0; 84 85 // We need to set reachedTerminalState to true before we release 86 // the resources to prevent a double dealloc of WebView <rdar://problem/4372628> 87 m_reachedTerminalState = true; 88 89 platformStrategies()->loaderStrategy()->resourceLoadScheduler()->remove(this); 90 m_identifier = 0; 91 92 if (m_handle) { 93 // Clear out the ResourceHandle's client so that it doesn't try to call 94 // us back after we release it, unless it has been replaced by someone else. 95 if (m_handle->client() == this) 96 m_handle->setClient(0); 97 m_handle = 0; 98 } 99 100 m_resourceData = 0; 101 m_deferredRequest = ResourceRequest(); 102} 103 104bool ResourceLoader::init(const ResourceRequest& r) 105{ 106 ASSERT(!m_handle); 107 ASSERT(m_request.isNull()); 108 ASSERT(m_deferredRequest.isNull()); 109 ASSERT(!m_documentLoader->isSubstituteLoadPending(this)); 110 111 ResourceRequest clientRequest(r); 112 113 m_defersLoading = m_frame->page()->defersLoading(); 114 if (m_options.securityCheck == DoSecurityCheck && !m_frame->document()->securityOrigin()->canDisplay(clientRequest.url())) { 115 FrameLoader::reportLocalLoadFailed(m_frame.get(), clientRequest.url().string()); 116 releaseResources(); 117 return false; 118 } 119 120 // https://bugs.webkit.org/show_bug.cgi?id=26391 121 // The various plug-in implementations call directly to ResourceLoader::load() instead of piping requests 122 // through FrameLoader. As a result, they miss the FrameLoader::addExtraFieldsToRequest() step which sets 123 // up the 1st party for cookies URL. Until plug-in implementations can be reigned in to pipe through that 124 // method, we need to make sure there is always a 1st party for cookies set. 125 if (clientRequest.firstPartyForCookies().isNull()) { 126 if (Document* document = m_frame->document()) 127 clientRequest.setFirstPartyForCookies(document->firstPartyForCookies()); 128 } 129 130 willSendRequest(clientRequest, ResourceResponse()); 131 if (clientRequest.isNull()) { 132 cancel(); 133 return false; 134 } 135 136 m_originalRequest = m_request = clientRequest; 137 return true; 138} 139 140void ResourceLoader::start() 141{ 142 ASSERT(!m_handle); 143 ASSERT(!m_request.isNull()); 144 ASSERT(m_deferredRequest.isNull()); 145 146#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML) 147 if (m_documentLoader->scheduleArchiveLoad(this, m_request)) 148 return; 149#endif 150 151 if (m_documentLoader->applicationCacheHost()->maybeLoadResource(this, m_request, m_request.url())) 152 return; 153 154 if (m_defersLoading) { 155 m_deferredRequest = m_request; 156 return; 157 } 158 159 if (!m_reachedTerminalState) 160 m_handle = ResourceHandle::create(m_frame->loader()->networkingContext(), m_request, this, m_defersLoading, m_options.sniffContent == SniffContent); 161} 162 163void ResourceLoader::setDefersLoading(bool defers) 164{ 165 m_defersLoading = defers; 166 if (m_handle) 167 m_handle->setDefersLoading(defers); 168 if (!defers && !m_deferredRequest.isNull()) { 169 m_request = m_deferredRequest; 170 m_deferredRequest = ResourceRequest(); 171 start(); 172 } 173} 174 175FrameLoader* ResourceLoader::frameLoader() const 176{ 177 if (!m_frame) 178 return 0; 179 return m_frame->loader(); 180} 181 182void ResourceLoader::setDataBufferingPolicy(DataBufferingPolicy dataBufferingPolicy) 183{ 184 m_options.dataBufferingPolicy = dataBufferingPolicy; 185 186 // Reset any already buffered data 187 if (dataBufferingPolicy == DoNotBufferData) 188 m_resourceData = 0; 189} 190 191 192void ResourceLoader::addDataOrBuffer(const char* data, int length, SharedBuffer* buffer, DataPayloadType dataPayloadType) 193{ 194 if (m_options.dataBufferingPolicy == DoNotBufferData) 195 return; 196 197 if (dataPayloadType == DataPayloadWholeResource) { 198 m_resourceData = buffer ? ResourceBuffer::adoptSharedBuffer(buffer) : ResourceBuffer::create(data, length); 199 return; 200 } 201 202 if (!m_resourceData) 203 m_resourceData = buffer ? ResourceBuffer::adoptSharedBuffer(buffer) : ResourceBuffer::create(data, length); 204 else { 205 if (buffer) 206 m_resourceData->append(buffer); 207 else 208 m_resourceData->append(data, length); 209 } 210} 211 212void ResourceLoader::clearResourceData() 213{ 214 if (m_resourceData) 215 m_resourceData->clear(); 216} 217 218bool ResourceLoader::isSubresourceLoader() 219{ 220 return false; 221} 222 223void ResourceLoader::willSendRequest(ResourceRequest& request, const ResourceResponse& redirectResponse) 224{ 225 // Protect this in this delegate method since the additional processing can do 226 // anything including possibly derefing this; one example of this is Radar 3266216. 227 RefPtr<ResourceLoader> protector(this); 228 229 ASSERT(!m_reachedTerminalState); 230 231 // We need a resource identifier for all requests, even if FrameLoader is never going to see it (such as with CORS preflight requests). 232 bool createdResourceIdentifier = false; 233 if (!m_identifier) { 234 m_identifier = m_frame->page()->progress()->createUniqueIdentifier(); 235 createdResourceIdentifier = true; 236 } 237 238 if (m_options.sendLoadCallbacks == SendCallbacks) { 239 if (createdResourceIdentifier) 240 frameLoader()->notifier()->assignIdentifierToInitialRequest(m_identifier, documentLoader(), request); 241 242 frameLoader()->notifier()->willSendRequest(this, request, redirectResponse); 243 } 244#if ENABLE(INSPECTOR) 245 else 246 InspectorInstrumentation::willSendRequest(m_frame.get(), m_identifier, m_frame->loader()->documentLoader(), request, redirectResponse); 247#endif 248 249 if (!redirectResponse.isNull()) 250 platformStrategies()->loaderStrategy()->resourceLoadScheduler()->crossOriginRedirectReceived(this, request.url()); 251 252 m_request = request; 253 254 if (!redirectResponse.isNull() && !m_documentLoader->isCommitted()) 255 frameLoader()->client()->dispatchDidReceiveServerRedirectForProvisionalLoad(); 256} 257 258void ResourceLoader::didSendData(unsigned long long, unsigned long long) 259{ 260} 261 262void ResourceLoader::didReceiveResponse(const ResourceResponse& r) 263{ 264 ASSERT(!m_reachedTerminalState); 265 266 // Protect this in this delegate method since the additional processing can do 267 // anything including possibly derefing this; one example of this is Radar 3266216. 268 RefPtr<ResourceLoader> protector(this); 269 270 m_response = r; 271 272 if (FormData* data = m_request.httpBody()) 273 data->removeGeneratedFilesIfNeeded(); 274 275 if (m_options.sendLoadCallbacks == SendCallbacks) 276 frameLoader()->notifier()->didReceiveResponse(this, m_response); 277} 278 279void ResourceLoader::didReceiveData(const char* data, int length, long long encodedDataLength, DataPayloadType dataPayloadType) 280{ 281 // The following assertions are not quite valid here, since a subclass 282 // might override didReceiveData in a way that invalidates them. This 283 // happens with the steps listed in 3266216 284 // ASSERT(con == connection); 285 // ASSERT(!m_reachedTerminalState); 286 287 didReceiveDataOrBuffer(data, length, 0, encodedDataLength, dataPayloadType); 288} 289 290void ResourceLoader::didReceiveBuffer(PassRefPtr<SharedBuffer> buffer, long long encodedDataLength, DataPayloadType dataPayloadType) 291{ 292 didReceiveDataOrBuffer(0, 0, buffer, encodedDataLength, dataPayloadType); 293} 294 295void ResourceLoader::didReceiveDataOrBuffer(const char* data, int length, PassRefPtr<SharedBuffer> prpBuffer, long long encodedDataLength, DataPayloadType dataPayloadType) 296{ 297 // This method should only get data+length *OR* a SharedBuffer. 298 ASSERT(!prpBuffer || (!data && !length)); 299 300 // Protect this in this delegate method since the additional processing can do 301 // anything including possibly derefing this; one example of this is Radar 3266216. 302 RefPtr<ResourceLoader> protector(this); 303 RefPtr<SharedBuffer> buffer = prpBuffer; 304 305 addDataOrBuffer(data, length, buffer.get(), dataPayloadType); 306 307 // FIXME: If we get a resource with more than 2B bytes, this code won't do the right thing. 308 // However, with today's computers and networking speeds, this won't happen in practice. 309 // Could be an issue with a giant local file. 310 if (m_options.sendLoadCallbacks == SendCallbacks && m_frame) 311 frameLoader()->notifier()->didReceiveData(this, buffer ? buffer->data() : data, buffer ? buffer->size() : length, static_cast<int>(encodedDataLength)); 312} 313 314void ResourceLoader::willStopBufferingData(const char* data, int length) 315{ 316 if (m_options.dataBufferingPolicy == DoNotBufferData) 317 return; 318 319 ASSERT(!m_resourceData); 320 m_resourceData = ResourceBuffer::create(data, length); 321} 322 323void ResourceLoader::didFinishLoading(double finishTime) 324{ 325 didFinishLoadingOnePart(finishTime); 326 327 // If the load has been cancelled by a delegate in response to didFinishLoad(), do not release 328 // the resources a second time, they have been released by cancel. 329 if (wasCancelled()) 330 return; 331 releaseResources(); 332} 333 334void ResourceLoader::didFinishLoadingOnePart(double finishTime) 335{ 336 // If load has been cancelled after finishing (which could happen with a 337 // JavaScript that changes the window location), do nothing. 338 if (wasCancelled()) 339 return; 340 ASSERT(!m_reachedTerminalState); 341 342 if (m_notifiedLoadComplete) 343 return; 344 m_notifiedLoadComplete = true; 345 if (m_options.sendLoadCallbacks == SendCallbacks) 346 frameLoader()->notifier()->didFinishLoad(this, finishTime); 347} 348 349void ResourceLoader::didFail(const ResourceError& error) 350{ 351 if (wasCancelled()) 352 return; 353 ASSERT(!m_reachedTerminalState); 354 355 // Protect this in this delegate method since the additional processing can do 356 // anything including possibly derefing this; one example of this is Radar 3266216. 357 RefPtr<ResourceLoader> protector(this); 358 359 cleanupForError(error); 360 releaseResources(); 361} 362 363void ResourceLoader::cleanupForError(const ResourceError& error) 364{ 365 if (FormData* data = m_request.httpBody()) 366 data->removeGeneratedFilesIfNeeded(); 367 368 if (m_notifiedLoadComplete) 369 return; 370 m_notifiedLoadComplete = true; 371 if (m_options.sendLoadCallbacks == SendCallbacks && m_identifier) 372 frameLoader()->notifier()->didFailToLoad(this, error); 373} 374 375void ResourceLoader::didChangePriority(ResourceLoadPriority loadPriority) 376{ 377 if (handle()) { 378 frameLoader()->client()->dispatchDidChangeResourcePriority(identifier(), loadPriority); 379 handle()->didChangePriority(loadPriority); 380 } 381} 382 383void ResourceLoader::cancel() 384{ 385 cancel(ResourceError()); 386} 387 388void ResourceLoader::cancel(const ResourceError& error) 389{ 390 // If the load has already completed - succeeded, failed, or previously cancelled - do nothing. 391 if (m_reachedTerminalState) 392 return; 393 394 ResourceError nonNullError = error.isNull() ? cancelledError() : error; 395 396 // willCancel() and didFailToLoad() both call out to clients that might do 397 // something causing the last reference to this object to go away. 398 RefPtr<ResourceLoader> protector(this); 399 400 // If we re-enter cancel() from inside willCancel(), we want to pick up from where we left 401 // off without re-running willCancel() 402 if (m_cancellationStatus == NotCancelled) { 403 m_cancellationStatus = CalledWillCancel; 404 405 willCancel(nonNullError); 406 } 407 408 // If we re-enter cancel() from inside didFailToLoad(), we want to pick up from where we 409 // left off without redoing any of this work. 410 if (m_cancellationStatus == CalledWillCancel) { 411 m_cancellationStatus = Cancelled; 412 413 if (m_handle) 414 m_handle->clearAuthentication(); 415 416 m_documentLoader->cancelPendingSubstituteLoad(this); 417 if (m_handle) { 418 m_handle->cancel(); 419 m_handle = 0; 420 } 421 cleanupForError(nonNullError); 422 } 423 424 // If cancel() completed from within the call to willCancel() or didFailToLoad(), 425 // we don't want to redo didCancel() or releasesResources(). 426 if (m_reachedTerminalState) 427 return; 428 429 didCancel(nonNullError); 430 431 if (m_cancellationStatus == FinishedCancel) 432 return; 433 m_cancellationStatus = FinishedCancel; 434 435 releaseResources(); 436} 437 438ResourceError ResourceLoader::cancelledError() 439{ 440 return frameLoader()->cancelledError(m_request); 441} 442 443ResourceError ResourceLoader::blockedError() 444{ 445 return frameLoader()->client()->blockedError(m_request); 446} 447 448ResourceError ResourceLoader::cannotShowURLError() 449{ 450 return frameLoader()->client()->cannotShowURLError(m_request); 451} 452 453void ResourceLoader::willSendRequest(ResourceHandle*, ResourceRequest& request, const ResourceResponse& redirectResponse) 454{ 455 if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForRedirect(this, request, redirectResponse)) 456 return; 457 willSendRequest(request, redirectResponse); 458} 459 460void ResourceLoader::didSendData(ResourceHandle*, unsigned long long bytesSent, unsigned long long totalBytesToBeSent) 461{ 462 didSendData(bytesSent, totalBytesToBeSent); 463} 464 465void ResourceLoader::didReceiveResponse(ResourceHandle*, const ResourceResponse& response) 466{ 467 if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForResponse(this, response)) 468 return; 469 didReceiveResponse(response); 470} 471 472void ResourceLoader::didReceiveData(ResourceHandle*, const char* data, int length, int encodedDataLength) 473{ 474 InspectorInstrumentationCookie cookie = InspectorInstrumentation::willReceiveResourceData(m_frame.get(), identifier(), encodedDataLength); 475 didReceiveData(data, length, encodedDataLength, DataPayloadBytes); 476 InspectorInstrumentation::didReceiveResourceData(cookie); 477} 478 479void ResourceLoader::didReceiveBuffer(ResourceHandle*, PassRefPtr<SharedBuffer> buffer, int encodedDataLength) 480{ 481 InspectorInstrumentationCookie cookie = InspectorInstrumentation::willReceiveResourceData(m_frame.get(), identifier(), encodedDataLength); 482 didReceiveBuffer(buffer, encodedDataLength, DataPayloadBytes); 483 InspectorInstrumentation::didReceiveResourceData(cookie); 484} 485 486void ResourceLoader::didFinishLoading(ResourceHandle*, double finishTime) 487{ 488 didFinishLoading(finishTime); 489} 490 491void ResourceLoader::didFail(ResourceHandle*, const ResourceError& error) 492{ 493 if (documentLoader()->applicationCacheHost()->maybeLoadFallbackForError(this, error)) 494 return; 495 didFail(error); 496} 497 498void ResourceLoader::wasBlocked(ResourceHandle*) 499{ 500 didFail(blockedError()); 501} 502 503void ResourceLoader::cannotShowURL(ResourceHandle*) 504{ 505 didFail(cannotShowURLError()); 506} 507 508bool ResourceLoader::shouldUseCredentialStorage() 509{ 510 if (m_options.allowCredentials == DoNotAllowStoredCredentials) 511 return false; 512 513 RefPtr<ResourceLoader> protector(this); 514 return frameLoader()->client()->shouldUseCredentialStorage(documentLoader(), identifier()); 515} 516 517void ResourceLoader::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge) 518{ 519 ASSERT(handle()->hasAuthenticationChallenge()); 520 521 // Protect this in this delegate method since the additional processing can do 522 // anything including possibly derefing this; one example of this is Radar 3266216. 523 RefPtr<ResourceLoader> protector(this); 524 525 if (m_options.allowCredentials == AllowStoredCredentials) { 526 if (m_options.clientCredentialPolicy == AskClientForAllCredentials || (m_options.clientCredentialPolicy == DoNotAskClientForCrossOriginCredentials && m_frame->document()->securityOrigin()->canRequest(originalRequest().url()))) { 527 frameLoader()->notifier()->didReceiveAuthenticationChallenge(this, challenge); 528 return; 529 } 530 } 531 // Only these platforms provide a way to continue without credentials. 532 // If we can't continue with credentials, we need to cancel the load altogether. 533#if PLATFORM(MAC) || USE(CFNETWORK) || USE(CURL) || PLATFORM(GTK) || PLATFORM(EFL) 534 challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge); 535 ASSERT(!handle() || !handle()->hasAuthenticationChallenge()); 536#else 537 didFail(blockedError()); 538#endif 539} 540 541void ResourceLoader::didCancelAuthenticationChallenge(const AuthenticationChallenge& challenge) 542{ 543 // Protect this in this delegate method since the additional processing can do 544 // anything including possibly derefing this; one example of this is Radar 3266216. 545 RefPtr<ResourceLoader> protector(this); 546 frameLoader()->notifier()->didCancelAuthenticationChallenge(this, challenge); 547} 548 549#if USE(PROTECTION_SPACE_AUTH_CALLBACK) 550bool ResourceLoader::canAuthenticateAgainstProtectionSpace(const ProtectionSpace& protectionSpace) 551{ 552 RefPtr<ResourceLoader> protector(this); 553 return frameLoader()->client()->canAuthenticateAgainstProtectionSpace(documentLoader(), identifier(), protectionSpace); 554} 555#endif 556 557void ResourceLoader::receivedCancellation(const AuthenticationChallenge&) 558{ 559 cancel(); 560} 561 562} 563