1/* 2 * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 Apple Inc. All rights reserved. 3 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 4 * Copyright (C) 2008 Xan Lopez <xan@gnome.org> 5 * Copyright (C) 2008, 2010 Collabora Ltd. 6 * Copyright (C) 2009 Holger Hans Peter Freyther 7 * Copyright (C) 2009 Gustavo Noronha Silva <gns@gnome.org> 8 * Copyright (C) 2009 Christian Dywan <christian@imendio.com> 9 * Copyright (C) 2009, 2010, 2011, 2012 Igalia S.L. 10 * Copyright (C) 2009 John Kjellberg <john.kjellberg@power.alstom.com> 11 * Copyright (C) 2012 Intel Corporation 12 * 13 * This library is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU Library General Public 15 * License as published by the Free Software Foundation; either 16 * version 2 of the License, or (at your option) any later version. 17 * 18 * This library is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 * Library General Public License for more details. 22 * 23 * You should have received a copy of the GNU Library General Public License 24 * along with this library; see the file COPYING.LIB. If not, write to 25 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 26 * Boston, MA 02110-1301, USA. 27 */ 28 29#include "config.h" 30#include "ResourceHandle.h" 31 32#include "CachedResourceLoader.h" 33#include "ChromeClient.h" 34#include "CookieJarSoup.h" 35#include "CredentialStorage.h" 36#include "FileSystem.h" 37#include "Frame.h" 38#include "GOwnPtrSoup.h" 39#include "HTTPParsers.h" 40#include "LocalizedStrings.h" 41#include "Logging.h" 42#include "MIMETypeRegistry.h" 43#include "NetworkingContext.h" 44#include "NotImplemented.h" 45#include "Page.h" 46#include "ResourceError.h" 47#include "ResourceHandleClient.h" 48#include "ResourceHandleInternal.h" 49#include "ResourceResponse.h" 50#include "SharedBuffer.h" 51#include "SoupURIUtils.h" 52#include "TextEncoding.h" 53#include <errno.h> 54#include <fcntl.h> 55#include <gio/gio.h> 56#include <glib.h> 57#include <libsoup/soup.h> 58#include <sys/stat.h> 59#include <sys/types.h> 60#include <unistd.h> 61#include <wtf/CurrentTime.h> 62#include <wtf/SHA1.h> 63#include <wtf/gobject/GRefPtr.h> 64#include <wtf/text/Base64.h> 65#include <wtf/text/CString.h> 66 67#if ENABLE(BLOB) 68#include "BlobData.h" 69#include "BlobRegistryImpl.h" 70#include "BlobStorageData.h" 71#endif 72 73#if PLATFORM(GTK) 74#include "CredentialBackingStore.h" 75#endif 76 77namespace WebCore { 78 79inline static void soupLogPrinter(SoupLogger*, SoupLoggerLogLevel, char direction, const char* data, gpointer) 80{ 81#if LOG_DISABLED 82 UNUSED_PARAM(direction); 83 UNUSED_PARAM(data); 84#endif 85 LOG(Network, "%c %s", direction, data); 86} 87 88static bool loadingSynchronousRequest = false; 89static const size_t defaultReadBufferSize = 8192; 90 91class WebCoreSynchronousLoader : public ResourceHandleClient { 92 WTF_MAKE_NONCOPYABLE(WebCoreSynchronousLoader); 93public: 94 95 WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, SoupSession* session, Vector<char>& data) 96 : m_error(error) 97 , m_response(response) 98 , m_session(session) 99 , m_data(data) 100 , m_finished(false) 101 { 102 // We don't want any timers to fire while we are doing our synchronous load 103 // so we replace the thread default main context. The main loop iterations 104 // will only process GSources associated with this inner context. 105 loadingSynchronousRequest = true; 106 GRefPtr<GMainContext> innerMainContext = adoptGRef(g_main_context_new()); 107 g_main_context_push_thread_default(innerMainContext.get()); 108 m_mainLoop = adoptGRef(g_main_loop_new(innerMainContext.get(), false)); 109 110 adjustMaxConnections(1); 111 } 112 113 ~WebCoreSynchronousLoader() 114 { 115 adjustMaxConnections(-1); 116 117 GMainContext* context = g_main_context_get_thread_default(); 118 while (g_main_context_pending(context)) 119 g_main_context_iteration(context, FALSE); 120 121 g_main_context_pop_thread_default(context); 122 loadingSynchronousRequest = false; 123 } 124 125 void adjustMaxConnections(int adjustment) 126 { 127 int maxConnections, maxConnectionsPerHost; 128 g_object_get(m_session, 129 SOUP_SESSION_MAX_CONNS, &maxConnections, 130 SOUP_SESSION_MAX_CONNS_PER_HOST, &maxConnectionsPerHost, 131 NULL); 132 maxConnections += adjustment; 133 maxConnectionsPerHost += adjustment; 134 g_object_set(m_session, 135 SOUP_SESSION_MAX_CONNS, maxConnections, 136 SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost, 137 NULL); 138 139 } 140 141 virtual bool isSynchronousClient() 142 { 143 return true; 144 } 145 146 virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse& response) 147 { 148 m_response = response; 149 } 150 151 virtual void didReceiveData(ResourceHandle*, const char* data, int length, int) 152 { 153 m_data.append(data, length); 154 } 155 156 virtual void didFinishLoading(ResourceHandle*, double) 157 { 158 if (g_main_loop_is_running(m_mainLoop.get())) 159 g_main_loop_quit(m_mainLoop.get()); 160 m_finished = true; 161 } 162 163 virtual void didFail(ResourceHandle* handle, const ResourceError& error) 164 { 165 m_error = error; 166 didFinishLoading(handle, 0); 167 } 168 169 virtual void didReceiveAuthenticationChallenge(ResourceHandle*, const AuthenticationChallenge& challenge) 170 { 171 // We do not handle authentication for synchronous XMLHttpRequests. 172 challenge.authenticationClient()->receivedRequestToContinueWithoutCredential(challenge); 173 } 174 175 void run() 176 { 177 if (!m_finished) 178 g_main_loop_run(m_mainLoop.get()); 179 } 180 181private: 182 ResourceError& m_error; 183 ResourceResponse& m_response; 184 SoupSession* m_session; 185 Vector<char>& m_data; 186 bool m_finished; 187 GRefPtr<GMainLoop> m_mainLoop; 188}; 189 190class HostTLSCertificateSet { 191public: 192 void add(GTlsCertificate* certificate) 193 { 194 String certificateHash = computeCertificateHash(certificate); 195 if (!certificateHash.isEmpty()) 196 m_certificates.add(certificateHash); 197 } 198 199 bool contains(GTlsCertificate* certificate) 200 { 201 return m_certificates.contains(computeCertificateHash(certificate)); 202 } 203 204private: 205 static String computeCertificateHash(GTlsCertificate* certificate) 206 { 207 GByteArray* data = 0; 208 g_object_get(G_OBJECT(certificate), "certificate", &data, NULL); 209 if (!data) 210 return String(); 211 212 static const size_t sha1HashSize = 20; 213 GRefPtr<GByteArray> certificateData = adoptGRef(data); 214 SHA1 sha1; 215 sha1.addBytes(certificateData->data, certificateData->len); 216 217 Vector<uint8_t, sha1HashSize> digest; 218 sha1.computeHash(digest); 219 220 return base64Encode(reinterpret_cast<const char*>(digest.data()), sha1HashSize); 221 } 222 223 HashSet<String> m_certificates; 224}; 225 226static bool createSoupRequestAndMessageForHandle(ResourceHandle*, const ResourceRequest&, bool isHTTPFamilyRequest); 227static void cleanupSoupRequestOperation(ResourceHandle*, bool isDestroying = false); 228static void sendRequestCallback(GObject*, GAsyncResult*, gpointer); 229static void readCallback(GObject*, GAsyncResult*, gpointer); 230static gboolean requestTimeoutCallback(void*); 231#if ENABLE(WEB_TIMING) 232static int milisecondsSinceRequest(double requestTime); 233#endif 234 235static bool gIgnoreSSLErrors = false; 236 237static HashSet<String>& allowsAnyHTTPSCertificateHosts() 238{ 239 DEFINE_STATIC_LOCAL(HashSet<String>, hosts, ()); 240 return hosts; 241} 242 243typedef HashMap<String, HostTLSCertificateSet> CertificatesMap; 244static CertificatesMap& clientCertificates() 245{ 246 DEFINE_STATIC_LOCAL(CertificatesMap, certificates, ()); 247 return certificates; 248} 249 250ResourceHandleInternal::~ResourceHandleInternal() 251{ 252} 253 254static SoupSession* sessionFromContext(NetworkingContext* context) 255{ 256 if (!context || !context->isValid()) 257 return ResourceHandle::defaultSession(); 258 return context->storageSession().soupSession(); 259} 260 261ResourceHandle::~ResourceHandle() 262{ 263 cleanupSoupRequestOperation(this, true); 264} 265 266static void ensureSessionIsInitialized(SoupSession* session) 267{ 268 if (g_object_get_data(G_OBJECT(session), "webkit-init")) 269 return; 270 271 if (session == ResourceHandle::defaultSession()) { 272 SoupCookieJar* jar = SOUP_COOKIE_JAR(soup_session_get_feature(session, SOUP_TYPE_COOKIE_JAR)); 273 if (!jar) 274 soup_session_add_feature(session, SOUP_SESSION_FEATURE(soupCookieJar())); 275 else 276 setSoupCookieJar(jar); 277 } 278 279#if !LOG_DISABLED 280 if (!soup_session_get_feature(session, SOUP_TYPE_LOGGER) && LogNetwork.state == WTFLogChannelOn) { 281 SoupLogger* logger = soup_logger_new(static_cast<SoupLoggerLogLevel>(SOUP_LOGGER_LOG_BODY), -1); 282 soup_session_add_feature(session, SOUP_SESSION_FEATURE(logger)); 283 soup_logger_set_printer(logger, soupLogPrinter, 0, 0); 284 g_object_unref(logger); 285 } 286#endif // !LOG_DISABLED 287 288 g_object_set_data(G_OBJECT(session), "webkit-init", reinterpret_cast<void*>(0xdeadbeef)); 289} 290 291SoupSession* ResourceHandleInternal::soupSession() 292{ 293 SoupSession* session = sessionFromContext(m_context.get()); 294 ensureSessionIsInitialized(session); 295 return session; 296} 297 298bool ResourceHandle::cancelledOrClientless() 299{ 300 if (!client()) 301 return true; 302 303 return getInternal()->m_cancelled; 304} 305 306void ResourceHandle::ensureReadBuffer() 307{ 308 ResourceHandleInternal* d = getInternal(); 309 310 size_t bufferSize; 311 char* bufferPtr = client()->getOrCreateReadBuffer(defaultReadBufferSize, bufferSize); 312 if (bufferPtr) { 313 d->m_defaultReadBuffer.clear(); 314 d->m_readBufferPtr = bufferPtr; 315 d->m_readBufferSize = bufferSize; 316 } else if (!d->m_defaultReadBuffer) { 317 d->m_defaultReadBuffer.set(static_cast<char*>(g_malloc(defaultReadBufferSize))); 318 d->m_readBufferPtr = d->m_defaultReadBuffer.get(); 319 d->m_readBufferSize = defaultReadBufferSize; 320 } else 321 d->m_readBufferPtr = d->m_defaultReadBuffer.get(); 322 323 ASSERT(d->m_readBufferPtr); 324 ASSERT(d->m_readBufferSize); 325} 326 327static bool isAuthenticationFailureStatusCode(int httpStatusCode) 328{ 329 return httpStatusCode == SOUP_STATUS_PROXY_AUTHENTICATION_REQUIRED || httpStatusCode == SOUP_STATUS_UNAUTHORIZED; 330} 331 332static void gotHeadersCallback(SoupMessage* message, gpointer data) 333{ 334 ResourceHandle* handle = static_cast<ResourceHandle*>(data); 335 if (!handle || handle->cancelledOrClientless()) 336 return; 337 338 ResourceHandleInternal* d = handle->getInternal(); 339 340#if ENABLE(WEB_TIMING) 341 if (d->m_response.resourceLoadTiming()) 342 d->m_response.resourceLoadTiming()->receiveHeadersEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime); 343#endif 344 345#if PLATFORM(GTK) 346 // We are a bit more conservative with the persistent credential storage than the session store, 347 // since we are waiting until we know that this authentication succeeded before actually storing. 348 // This is because we want to avoid hitting the disk twice (once to add and once to remove) for 349 // incorrect credentials or polluting the keychain with invalid credentials. 350 if (!isAuthenticationFailureStatusCode(message->status_code) && message->status_code < 500 && !d->m_credentialDataToSaveInPersistentStore.credential.isEmpty()) { 351 credentialBackingStore().storeCredentialsForChallenge( 352 d->m_credentialDataToSaveInPersistentStore.challenge, 353 d->m_credentialDataToSaveInPersistentStore.credential); 354 } 355#endif 356 357 // The original response will be needed later to feed to willSendRequest in 358 // doRedirect() in case we are redirected. For this reason, we store it here. 359 ResourceResponse response; 360 response.updateFromSoupMessage(message); 361 d->m_response = response; 362} 363 364static void applyAuthenticationToRequest(ResourceHandle* handle, ResourceRequest& request, bool redirect) 365{ 366 // m_user/m_pass are credentials given manually, for instance, by the arguments passed to XMLHttpRequest.open(). 367 ResourceHandleInternal* d = handle->getInternal(); 368 369 if (handle->shouldUseCredentialStorage()) { 370 if (d->m_user.isEmpty() && d->m_pass.isEmpty()) 371 d->m_initialCredential = CredentialStorage::get(request.url()); 372 else if (!redirect) { 373 // If there is already a protection space known for the URL, update stored credentials 374 // before sending a request. This makes it possible to implement logout by sending an 375 // XMLHttpRequest with known incorrect credentials, and aborting it immediately (so that 376 // an authentication dialog doesn't pop up). 377 CredentialStorage::set(Credential(d->m_user, d->m_pass, CredentialPersistenceNone), request.url()); 378 } 379 } 380 381 String user = d->m_user; 382 String password = d->m_pass; 383 if (!d->m_initialCredential.isEmpty()) { 384 user = d->m_initialCredential.user(); 385 password = d->m_initialCredential.password(); 386 } 387 388 if (user.isEmpty() && password.isEmpty()) 389 return; 390 391 // We always put the credentials into the URL. In the CFNetwork-port HTTP family credentials are applied in 392 // the didReceiveAuthenticationChallenge callback, but libsoup requires us to use this method to override 393 // any previously remembered credentials. It has its own per-session credential storage. 394 KURL urlWithCredentials(request.url()); 395 urlWithCredentials.setUser(user); 396 urlWithCredentials.setPass(password); 397 request.setURL(urlWithCredentials); 398} 399 400// Called each time the message is going to be sent again except the first time. 401// This happens when libsoup handles HTTP authentication. 402static void restartedCallback(SoupMessage*, gpointer data) 403{ 404 ResourceHandle* handle = static_cast<ResourceHandle*>(data); 405 if (!handle || handle->cancelledOrClientless()) 406 return; 407 408#if ENABLE(WEB_TIMING) 409 ResourceHandleInternal* d = handle->getInternal(); 410 ResourceResponse& redirectResponse = d->m_response; 411 redirectResponse.setResourceLoadTiming(ResourceLoadTiming::create()); 412 redirectResponse.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime(); 413#endif 414} 415 416static bool shouldRedirect(ResourceHandle* handle) 417{ 418 ResourceHandleInternal* d = handle->getInternal(); 419 SoupMessage* message = d->m_soupMessage.get(); 420 421 // Some 3xx status codes aren't actually redirects. 422 if (message->status_code == 300 || message->status_code == 304 || message->status_code == 305 || message->status_code == 306) 423 return false; 424 425 if (!soup_message_headers_get_one(message->response_headers, "Location")) 426 return false; 427 428 return true; 429} 430 431static bool shouldRedirectAsGET(SoupMessage* message, KURL& newURL, bool crossOrigin) 432{ 433 if (message->method == SOUP_METHOD_GET || message->method == SOUP_METHOD_HEAD) 434 return false; 435 436 if (!newURL.protocolIsInHTTPFamily()) 437 return true; 438 439 switch (message->status_code) { 440 case SOUP_STATUS_SEE_OTHER: 441 return true; 442 case SOUP_STATUS_FOUND: 443 case SOUP_STATUS_MOVED_PERMANENTLY: 444 if (message->method == SOUP_METHOD_POST) 445 return true; 446 break; 447 } 448 449 if (crossOrigin && message->method == SOUP_METHOD_DELETE) 450 return true; 451 452 return false; 453} 454 455static void doRedirect(ResourceHandle* handle) 456{ 457 ResourceHandleInternal* d = handle->getInternal(); 458 static const int maxRedirects = 20; 459 460 if (d->m_redirectCount++ > maxRedirects) { 461 d->client()->didFail(handle, ResourceError::transportError(d->m_soupRequest.get(), SOUP_STATUS_TOO_MANY_REDIRECTS, "Too many redirects")); 462 cleanupSoupRequestOperation(handle); 463 return; 464 } 465 466 ResourceRequest newRequest = handle->firstRequest(); 467 SoupMessage* message = d->m_soupMessage.get(); 468 const char* location = soup_message_headers_get_one(message->response_headers, "Location"); 469 KURL newURL = KURL(soupURIToKURL(soup_message_get_uri(message)), location); 470 bool crossOrigin = !protocolHostAndPortAreEqual(handle->firstRequest().url(), newURL); 471 newRequest.setURL(newURL); 472 newRequest.setFirstPartyForCookies(newURL); 473 474 if (newRequest.httpMethod() != "GET") { 475 // Change newRequest method to GET if change was made during a previous redirection 476 // or if current redirection says so 477 if (message->method == SOUP_METHOD_GET || shouldRedirectAsGET(message, newURL, crossOrigin)) { 478 newRequest.setHTTPMethod("GET"); 479 newRequest.setHTTPBody(0); 480 newRequest.clearHTTPContentType(); 481 } 482 } 483 484 // Should not set Referer after a redirect from a secure resource to non-secure one. 485 if (!newURL.protocolIs("https") && protocolIs(newRequest.httpReferrer(), "https") && handle->context()->shouldClearReferrerOnHTTPSToHTTPRedirect()) 486 newRequest.clearHTTPReferrer(); 487 488 d->m_user = newURL.user(); 489 d->m_pass = newURL.pass(); 490 newRequest.removeCredentials(); 491 492 if (crossOrigin) { 493 // If the network layer carries over authentication headers from the original request 494 // in a cross-origin redirect, we want to clear those headers here. 495 newRequest.clearHTTPAuthorization(); 496 497 // TODO: We are losing any username and password specified in the redirect URL, as this is the 498 // same behavior as the CFNet port. We should investigate if this is really what we want. 499 } else 500 applyAuthenticationToRequest(handle, newRequest, true); 501 502 cleanupSoupRequestOperation(handle); 503 if (!createSoupRequestAndMessageForHandle(handle, newRequest, true)) { 504 d->client()->cannotShowURL(handle); 505 return; 506 } 507 508 // If we sent credentials with this request's URL, we don't want the response to carry them to 509 // the WebKit layer. They were only placed in the URL for the benefit of libsoup. 510 newRequest.removeCredentials(); 511 512 d->client()->willSendRequest(handle, newRequest, d->m_response); 513 handle->sendPendingRequest(); 514} 515 516static void redirectSkipCallback(GObject*, GAsyncResult* asyncResult, gpointer data) 517{ 518 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 519 520 if (handle->cancelledOrClientless()) { 521 cleanupSoupRequestOperation(handle.get()); 522 return; 523 } 524 525 GOwnPtr<GError> error; 526 ResourceHandleInternal* d = handle->getInternal(); 527 gssize bytesSkipped = g_input_stream_skip_finish(d->m_inputStream.get(), asyncResult, &error.outPtr()); 528 if (error) { 529 handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get())); 530 cleanupSoupRequestOperation(handle.get()); 531 return; 532 } 533 534 if (bytesSkipped > 0) { 535 g_input_stream_skip_async(d->m_inputStream.get(), defaultReadBufferSize, G_PRIORITY_DEFAULT, 536 d->m_cancellable.get(), redirectSkipCallback, handle.get()); 537 return; 538 } 539 540 g_input_stream_close(d->m_inputStream.get(), 0, 0); 541 doRedirect(handle.get()); 542} 543 544static void wroteBodyDataCallback(SoupMessage*, SoupBuffer* buffer, gpointer data) 545{ 546 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 547 if (!handle) 548 return; 549 550 ASSERT(buffer); 551 ResourceHandleInternal* d = handle->getInternal(); 552 d->m_bodyDataSent += buffer->length; 553 554 if (handle->cancelledOrClientless()) 555 return; 556 557 handle->client()->didSendData(handle.get(), d->m_bodyDataSent, d->m_bodySize); 558} 559 560static void cleanupSoupRequestOperation(ResourceHandle* handle, bool isDestroying) 561{ 562 ResourceHandleInternal* d = handle->getInternal(); 563 564 d->m_soupRequest.clear(); 565 d->m_inputStream.clear(); 566 d->m_multipartInputStream.clear(); 567 d->m_cancellable.clear(); 568 569 if (d->m_soupMessage) { 570 g_signal_handlers_disconnect_matched(d->m_soupMessage.get(), G_SIGNAL_MATCH_DATA, 571 0, 0, 0, 0, handle); 572 g_object_set_data(G_OBJECT(d->m_soupMessage.get()), "handle", 0); 573 d->m_soupMessage.clear(); 574 } 575 576 if (d->m_readBufferPtr) 577 d->m_readBufferPtr = 0; 578 if (!d->m_defaultReadBuffer) 579 d->m_readBufferSize = 0; 580 581 if (d->m_timeoutSource) { 582 g_source_destroy(d->m_timeoutSource.get()); 583 d->m_timeoutSource.clear(); 584 } 585 586 if (!isDestroying) 587 handle->deref(); 588} 589 590static bool handleUnignoredTLSErrors(ResourceHandle* handle) 591{ 592 ResourceHandleInternal* d = handle->getInternal(); 593 const ResourceResponse& response = d->m_response; 594 595 if (!response.soupMessageTLSErrors() || gIgnoreSSLErrors) 596 return false; 597 598 String lowercaseHostURL = handle->firstRequest().url().host().lower(); 599 if (allowsAnyHTTPSCertificateHosts().contains(lowercaseHostURL)) 600 return false; 601 602 // We aren't ignoring errors globally, but the user may have already decided to accept this certificate. 603 CertificatesMap::iterator i = clientCertificates().find(lowercaseHostURL); 604 if (i != clientCertificates().end() && i->value.contains(response.soupMessageCertificate())) 605 return false; 606 607 handle->client()->didFail(handle, ResourceError::tlsError(d->m_soupRequest.get(), response.soupMessageTLSErrors(), response.soupMessageCertificate())); 608 return true; 609} 610 611static void nextMultipartResponsePartCallback(GObject* /*source*/, GAsyncResult* result, gpointer data) 612{ 613 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 614 615 if (handle->cancelledOrClientless()) { 616 cleanupSoupRequestOperation(handle.get()); 617 return; 618 } 619 620 ResourceHandleInternal* d = handle->getInternal(); 621 ASSERT(!d->m_inputStream); 622 623 GOwnPtr<GError> error; 624 d->m_inputStream = adoptGRef(soup_multipart_input_stream_next_part_finish(d->m_multipartInputStream.get(), result, &error.outPtr())); 625 626 if (error) { 627 handle->client()->didFail(handle.get(), ResourceError::httpError(d->m_soupMessage.get(), error.get(), d->m_soupRequest.get())); 628 cleanupSoupRequestOperation(handle.get()); 629 return; 630 } 631 632 if (!d->m_inputStream) { 633 handle->client()->didFinishLoading(handle.get(), 0); 634 cleanupSoupRequestOperation(handle.get()); 635 return; 636 } 637 638 d->m_response = ResourceResponse(); 639 d->m_response.setURL(handle->firstRequest().url()); 640 d->m_response.updateFromSoupMessageHeaders(soup_multipart_input_stream_get_headers(d->m_multipartInputStream.get())); 641 642 handle->client()->didReceiveResponse(handle.get(), d->m_response); 643 644 if (handle->cancelledOrClientless()) { 645 cleanupSoupRequestOperation(handle.get()); 646 return; 647 } 648 649 handle->ensureReadBuffer(); 650 g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, 651 G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle.get()); 652} 653 654static void sendRequestCallback(GObject*, GAsyncResult* result, gpointer data) 655{ 656 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 657 658 if (handle->cancelledOrClientless()) { 659 cleanupSoupRequestOperation(handle.get()); 660 return; 661 } 662 663 ResourceHandleInternal* d = handle->getInternal(); 664 SoupMessage* soupMessage = d->m_soupMessage.get(); 665 666 667 if (d->m_defersLoading) { 668 d->m_deferredResult = result; 669 return; 670 } 671 672 GOwnPtr<GError> error; 673 GRefPtr<GInputStream> inputStream = adoptGRef(soup_request_send_finish(d->m_soupRequest.get(), result, &error.outPtr())); 674 if (error) { 675 handle->client()->didFail(handle.get(), ResourceError::httpError(soupMessage, error.get(), d->m_soupRequest.get())); 676 cleanupSoupRequestOperation(handle.get()); 677 return; 678 } 679 680 ASSERT(!d->m_readBufferPtr); 681 682 if (soupMessage) { 683 if (SOUP_STATUS_IS_REDIRECTION(soupMessage->status_code) && shouldRedirect(handle.get())) { 684 d->m_inputStream = inputStream; 685 g_input_stream_skip_async(d->m_inputStream.get(), defaultReadBufferSize, G_PRIORITY_DEFAULT, 686 d->m_cancellable.get(), redirectSkipCallback, handle.get()); 687 return; 688 } 689 690 if (handle->shouldContentSniff() && soupMessage->status_code != SOUP_STATUS_NOT_MODIFIED) { 691 const char* sniffedType = soup_request_get_content_type(d->m_soupRequest.get()); 692 d->m_response.setSniffedContentType(sniffedType); 693 } 694 d->m_response.updateFromSoupMessage(soupMessage); 695 696 if (handleUnignoredTLSErrors(handle.get())) { 697 cleanupSoupRequestOperation(handle.get()); 698 return; 699 } 700 701 } else { 702 d->m_response.setURL(handle->firstRequest().url()); 703 const gchar* contentType = soup_request_get_content_type(d->m_soupRequest.get()); 704 d->m_response.setMimeType(extractMIMETypeFromMediaType(contentType)); 705 d->m_response.setTextEncodingName(extractCharsetFromMediaType(contentType)); 706 d->m_response.setExpectedContentLength(soup_request_get_content_length(d->m_soupRequest.get())); 707 } 708 709 handle->client()->didReceiveResponse(handle.get(), d->m_response); 710 711 if (handle->cancelledOrClientless()) { 712 cleanupSoupRequestOperation(handle.get()); 713 return; 714 } 715 716 if (soupMessage && d->m_response.isMultipart()) { 717 d->m_multipartInputStream = adoptGRef(soup_multipart_input_stream_new(soupMessage, inputStream.get())); 718 soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT, 719 d->m_cancellable.get(), nextMultipartResponsePartCallback, handle.get()); 720 return; 721 } 722 723 d->m_inputStream = inputStream; 724 725 handle->ensureReadBuffer(); 726 g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, 727 G_PRIORITY_DEFAULT, d->m_cancellable.get(), readCallback, handle.get()); 728} 729 730static bool addFileToSoupMessageBody(SoupMessage* message, const String& fileNameString, size_t offset, size_t lengthToSend, unsigned long& totalBodySize) 731{ 732 GOwnPtr<GError> error; 733 CString fileName = fileSystemRepresentation(fileNameString); 734 GMappedFile* fileMapping = g_mapped_file_new(fileName.data(), false, &error.outPtr()); 735 if (error) 736 return false; 737 738 gsize bufferLength = lengthToSend; 739 if (!lengthToSend) 740 bufferLength = g_mapped_file_get_length(fileMapping); 741 totalBodySize += bufferLength; 742 743 SoupBuffer* soupBuffer = soup_buffer_new_with_owner(g_mapped_file_get_contents(fileMapping) + offset, 744 bufferLength, 745 fileMapping, 746 reinterpret_cast<GDestroyNotify>(g_mapped_file_unref)); 747 soup_message_body_append_buffer(message->request_body, soupBuffer); 748 soup_buffer_free(soupBuffer); 749 return true; 750} 751 752#if ENABLE(BLOB) 753static bool blobIsOutOfDate(const BlobDataItem& blobItem) 754{ 755 ASSERT(blobItem.type == BlobDataItem::File); 756 if (!isValidFileTime(blobItem.expectedModificationTime)) 757 return false; 758 759 time_t fileModificationTime; 760 if (!getFileModificationTime(blobItem.path, fileModificationTime)) 761 return true; 762 763 return fileModificationTime != static_cast<time_t>(blobItem.expectedModificationTime); 764} 765 766static void addEncodedBlobItemToSoupMessageBody(SoupMessage* message, const BlobDataItem& blobItem, unsigned long& totalBodySize) 767{ 768 if (blobItem.type == BlobDataItem::Data) { 769 totalBodySize += blobItem.length; 770 soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY, 771 blobItem.data->data() + blobItem.offset, blobItem.length); 772 return; 773 } 774 775 ASSERT(blobItem.type == BlobDataItem::File); 776 if (blobIsOutOfDate(blobItem)) 777 return; 778 779 addFileToSoupMessageBody(message, 780 blobItem.path, 781 blobItem.offset, 782 blobItem.length == BlobDataItem::toEndOfFile ? 0 : blobItem.length, 783 totalBodySize); 784} 785 786static void addEncodedBlobToSoupMessageBody(SoupMessage* message, const FormDataElement& element, unsigned long& totalBodySize) 787{ 788 RefPtr<BlobStorageData> blobData = static_cast<BlobRegistryImpl&>(blobRegistry()).getBlobDataFromURL(KURL(ParsedURLString, element.m_url)); 789 if (!blobData) 790 return; 791 792 for (size_t i = 0; i < blobData->items().size(); ++i) 793 addEncodedBlobItemToSoupMessageBody(message, blobData->items()[i], totalBodySize); 794} 795#endif // ENABLE(BLOB) 796 797static bool addFormElementsToSoupMessage(SoupMessage* message, const char*, FormData* httpBody, unsigned long& totalBodySize) 798{ 799 soup_message_body_set_accumulate(message->request_body, FALSE); 800 size_t numElements = httpBody->elements().size(); 801 for (size_t i = 0; i < numElements; i++) { 802 const FormDataElement& element = httpBody->elements()[i]; 803 804 if (element.m_type == FormDataElement::data) { 805 totalBodySize += element.m_data.size(); 806 soup_message_body_append(message->request_body, SOUP_MEMORY_TEMPORARY, 807 element.m_data.data(), element.m_data.size()); 808 continue; 809 } 810 811 if (element.m_type == FormDataElement::encodedFile) { 812 if (!addFileToSoupMessageBody(message , 813 element.m_filename, 814 0 /* offset */, 815 0 /* lengthToSend */, 816 totalBodySize)) 817 return false; 818 continue; 819 } 820 821#if ENABLE(BLOB) 822 ASSERT(element.m_type == FormDataElement::encodedBlob); 823 addEncodedBlobToSoupMessageBody(message, element, totalBodySize); 824#endif 825 } 826 return true; 827} 828 829#if ENABLE(WEB_TIMING) 830static int milisecondsSinceRequest(double requestTime) 831{ 832 return static_cast<int>((monotonicallyIncreasingTime() - requestTime) * 1000.0); 833} 834 835static void wroteBodyCallback(SoupMessage*, gpointer data) 836{ 837 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 838 if (!handle) 839 return; 840 841 ResourceHandleInternal* d = handle->getInternal(); 842 if (!d->m_response.resourceLoadTiming()) 843 return; 844 845 d->m_response.resourceLoadTiming()->sendEnd = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime); 846} 847 848static void requestStartedCallback(SoupSession*, SoupMessage* soupMessage, SoupSocket*, gpointer) 849{ 850 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle")); 851 if (!handle) 852 return; 853 854 ResourceHandleInternal* d = handle->getInternal(); 855 if (!d->m_response.resourceLoadTiming()) 856 return; 857 858 d->m_response.resourceLoadTiming()->sendStart = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime); 859 if (d->m_response.resourceLoadTiming()->sslStart != -1) { 860 // WebCore/inspector/front-end/RequestTimingView.js assumes 861 // that SSL time is included in connection time so must 862 // substract here the SSL delta that will be added later (see 863 // WebInspector.RequestTimingView.createTimingTable in the 864 // file above for more details). 865 d->m_response.resourceLoadTiming()->sendStart -= 866 d->m_response.resourceLoadTiming()->sslEnd - d->m_response.resourceLoadTiming()->sslStart; 867 } 868} 869 870static void networkEventCallback(SoupMessage*, GSocketClientEvent event, GIOStream*, gpointer data) 871{ 872 ResourceHandle* handle = static_cast<ResourceHandle*>(data); 873 if (!handle) 874 return; 875 876 if (handle->cancelledOrClientless()) 877 return; 878 879 ResourceHandleInternal* d = handle->getInternal(); 880 int deltaTime = milisecondsSinceRequest(d->m_response.resourceLoadTiming()->requestTime); 881 switch (event) { 882 case G_SOCKET_CLIENT_RESOLVING: 883 d->m_response.resourceLoadTiming()->dnsStart = deltaTime; 884 break; 885 case G_SOCKET_CLIENT_RESOLVED: 886 d->m_response.resourceLoadTiming()->dnsEnd = deltaTime; 887 break; 888 case G_SOCKET_CLIENT_CONNECTING: 889 d->m_response.resourceLoadTiming()->connectStart = deltaTime; 890 if (d->m_response.resourceLoadTiming()->dnsStart != -1) 891 // WebCore/inspector/front-end/RequestTimingView.js assumes 892 // that DNS time is included in connection time so must 893 // substract here the DNS delta that will be added later (see 894 // WebInspector.RequestTimingView.createTimingTable in the 895 // file above for more details). 896 d->m_response.resourceLoadTiming()->connectStart -= 897 d->m_response.resourceLoadTiming()->dnsEnd - d->m_response.resourceLoadTiming()->dnsStart; 898 break; 899 case G_SOCKET_CLIENT_CONNECTED: 900 // Web Timing considers that connection time involves dns, proxy & TLS negotiation... 901 // so we better pick G_SOCKET_CLIENT_COMPLETE for connectEnd 902 break; 903 case G_SOCKET_CLIENT_PROXY_NEGOTIATING: 904 d->m_response.resourceLoadTiming()->proxyStart = deltaTime; 905 break; 906 case G_SOCKET_CLIENT_PROXY_NEGOTIATED: 907 d->m_response.resourceLoadTiming()->proxyEnd = deltaTime; 908 break; 909 case G_SOCKET_CLIENT_TLS_HANDSHAKING: 910 d->m_response.resourceLoadTiming()->sslStart = deltaTime; 911 break; 912 case G_SOCKET_CLIENT_TLS_HANDSHAKED: 913 d->m_response.resourceLoadTiming()->sslEnd = deltaTime; 914 break; 915 case G_SOCKET_CLIENT_COMPLETE: 916 d->m_response.resourceLoadTiming()->connectEnd = deltaTime; 917 break; 918 default: 919 ASSERT_NOT_REACHED(); 920 break; 921 } 922} 923#endif 924 925static const char* gSoupRequestInitiatingPageIDKey = "wk-soup-request-initiating-page-id"; 926 927static void setSoupRequestInitiatingPageIDFromNetworkingContext(SoupRequest* request, NetworkingContext* context) 928{ 929 if (!context || !context->isValid()) 930 return; 931 932 uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(fastMalloc(sizeof(uint64_t))); 933 *initiatingPageIDPtr = context->initiatingPageID(); 934 g_object_set_data_full(G_OBJECT(request), g_intern_static_string(gSoupRequestInitiatingPageIDKey), initiatingPageIDPtr, fastFree); 935} 936 937static bool createSoupMessageForHandleAndRequest(ResourceHandle* handle, const ResourceRequest& request) 938{ 939 ASSERT(handle); 940 941 ResourceHandleInternal* d = handle->getInternal(); 942 ASSERT(d->m_soupRequest); 943 944 d->m_soupMessage = adoptGRef(soup_request_http_get_message(SOUP_REQUEST_HTTP(d->m_soupRequest.get()))); 945 if (!d->m_soupMessage) 946 return false; 947 948 SoupMessage* soupMessage = d->m_soupMessage.get(); 949 request.updateSoupMessage(soupMessage); 950 951 g_object_set_data(G_OBJECT(soupMessage), "handle", handle); 952 if (!handle->shouldContentSniff()) 953 soup_message_disable_feature(soupMessage, SOUP_TYPE_CONTENT_SNIFFER); 954 955 FormData* httpBody = request.httpBody(); 956 CString contentType = request.httpContentType().utf8().data(); 957 if (httpBody && !httpBody->isEmpty() && !addFormElementsToSoupMessage(soupMessage, contentType.data(), httpBody, d->m_bodySize)) { 958 // We failed to prepare the body data, so just fail this load. 959 d->m_soupMessage.clear(); 960 return false; 961 } 962 963 // Make sure we have an Accept header for subresources; some sites 964 // want this to serve some of their subresources 965 if (!soup_message_headers_get_one(soupMessage->request_headers, "Accept")) 966 soup_message_headers_append(soupMessage->request_headers, "Accept", "*/*"); 967 968 // In the case of XHR .send() and .send("") explicitly tell libsoup to send a zero content-lenght header 969 // for consistency with other backends (e.g. Chromium's) and other UA implementations like FF. It's done 970 // in the backend here instead of in XHR code since in XHR CORS checking prevents us from this kind of 971 // late header manipulation. 972 if ((request.httpMethod() == "POST" || request.httpMethod() == "PUT") 973 && (!request.httpBody() || request.httpBody()->isEmpty())) 974 soup_message_headers_set_content_length(soupMessage->request_headers, 0); 975 976 g_signal_connect(d->m_soupMessage.get(), "got-headers", G_CALLBACK(gotHeadersCallback), handle); 977 g_signal_connect(d->m_soupMessage.get(), "restarted", G_CALLBACK(restartedCallback), handle); 978 g_signal_connect(d->m_soupMessage.get(), "wrote-body-data", G_CALLBACK(wroteBodyDataCallback), handle); 979 980 soup_message_set_flags(d->m_soupMessage.get(), static_cast<SoupMessageFlags>(soup_message_get_flags(d->m_soupMessage.get()) | SOUP_MESSAGE_NO_REDIRECT)); 981 982#if ENABLE(WEB_TIMING) 983 d->m_response.setResourceLoadTiming(ResourceLoadTiming::create()); 984 g_signal_connect(d->m_soupMessage.get(), "network-event", G_CALLBACK(networkEventCallback), handle); 985 g_signal_connect(d->m_soupMessage.get(), "wrote-body", G_CALLBACK(wroteBodyCallback), handle); 986#endif 987 988#if SOUP_CHECK_VERSION(2, 43, 1) 989 soup_message_set_priority(d->m_soupMessage.get(), toSoupMessagePriority(request.priority())); 990#endif 991 992 return true; 993} 994 995static bool createSoupRequestAndMessageForHandle(ResourceHandle* handle, const ResourceRequest& request, bool isHTTPFamilyRequest) 996{ 997 ResourceHandleInternal* d = handle->getInternal(); 998 999 GOwnPtr<GError> error; 1000 1001 GOwnPtr<SoupURI> soupURI(request.soupURI()); 1002 if (!soupURI) 1003 return false; 1004 1005 d->m_soupRequest = adoptGRef(soup_session_request_uri(d->soupSession(), soupURI.get(), &error.outPtr())); 1006 if (error) { 1007 d->m_soupRequest.clear(); 1008 return false; 1009 } 1010 1011 // SoupMessages are only applicable to HTTP-family requests. 1012 if (isHTTPFamilyRequest && !createSoupMessageForHandleAndRequest(handle, request)) { 1013 d->m_soupRequest.clear(); 1014 return false; 1015 } 1016 1017 return true; 1018} 1019 1020bool ResourceHandle::start() 1021{ 1022 ASSERT(!d->m_soupMessage); 1023 1024 // The frame could be null if the ResourceHandle is not associated to any 1025 // Frame, e.g. if we are downloading a file. 1026 // If the frame is not null but the page is null this must be an attempted 1027 // load from an unload handler, so let's just block it. 1028 // If both the frame and the page are not null the context is valid. 1029 if (d->m_context && !d->m_context->isValid()) 1030 return false; 1031 1032 // Only allow the POST and GET methods for non-HTTP requests. 1033 const ResourceRequest& request = firstRequest(); 1034 bool isHTTPFamilyRequest = request.url().protocolIsInHTTPFamily(); 1035 if (!isHTTPFamilyRequest && request.httpMethod() != "GET" && request.httpMethod() != "POST") { 1036 this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately 1037 return true; 1038 } 1039 1040 applyAuthenticationToRequest(this, firstRequest(), false); 1041 1042 if (!createSoupRequestAndMessageForHandle(this, request, isHTTPFamilyRequest)) { 1043 this->scheduleFailure(InvalidURLFailure); // Error must not be reported immediately 1044 return true; 1045 } 1046 1047 setSoupRequestInitiatingPageIDFromNetworkingContext(d->m_soupRequest.get(), d->m_context.get()); 1048 1049 // Send the request only if it's not been explicitly deferred. 1050 if (!d->m_defersLoading) 1051 sendPendingRequest(); 1052 1053 return true; 1054} 1055 1056void ResourceHandle::sendPendingRequest() 1057{ 1058#if ENABLE(WEB_TIMING) 1059 if (d->m_response.resourceLoadTiming()) 1060 d->m_response.resourceLoadTiming()->requestTime = monotonicallyIncreasingTime(); 1061#endif 1062 1063 if (d->m_firstRequest.timeoutInterval() > 0) { 1064 // soup_add_timeout returns a GSource* whose only reference is owned by 1065 // the context. We need to have our own reference to it, hence not using adoptRef. 1066 d->m_timeoutSource = soup_add_timeout(g_main_context_get_thread_default(), 1067 d->m_firstRequest.timeoutInterval() * 1000, requestTimeoutCallback, this); 1068 } 1069 1070 // Balanced by a deref() in cleanupSoupRequestOperation, which should always run. 1071 ref(); 1072 1073 d->m_cancellable = adoptGRef(g_cancellable_new()); 1074 soup_request_send_async(d->m_soupRequest.get(), d->m_cancellable.get(), sendRequestCallback, this); 1075} 1076 1077void ResourceHandle::cancel() 1078{ 1079 d->m_cancelled = true; 1080 if (d->m_soupMessage) 1081 soup_session_cancel_message(d->soupSession(), d->m_soupMessage.get(), SOUP_STATUS_CANCELLED); 1082 else if (d->m_cancellable) 1083 g_cancellable_cancel(d->m_cancellable.get()); 1084} 1085 1086bool ResourceHandle::shouldUseCredentialStorage() 1087{ 1088 return (!client() || client()->shouldUseCredentialStorage(this)) && firstRequest().url().protocolIsInHTTPFamily(); 1089} 1090 1091void ResourceHandle::setHostAllowsAnyHTTPSCertificate(const String& host) 1092{ 1093 allowsAnyHTTPSCertificateHosts().add(host.lower()); 1094} 1095 1096void ResourceHandle::setClientCertificate(const String& host, GTlsCertificate* certificate) 1097{ 1098 clientCertificates().add(host.lower(), HostTLSCertificateSet()).iterator->value.add(certificate); 1099} 1100 1101void ResourceHandle::setIgnoreSSLErrors(bool ignoreSSLErrors) 1102{ 1103 gIgnoreSSLErrors = ignoreSSLErrors; 1104} 1105 1106#if PLATFORM(GTK) 1107void getCredentialFromPersistentStoreCallback(const Credential& credential, void* data) 1108{ 1109 static_cast<ResourceHandle*>(data)->continueDidReceiveAuthenticationChallenge(credential); 1110} 1111#endif 1112 1113void ResourceHandle::continueDidReceiveAuthenticationChallenge(const Credential& credentialFromPersistentStorage) 1114{ 1115 ASSERT(!d->m_currentWebChallenge.isNull()); 1116 AuthenticationChallenge& challenge = d->m_currentWebChallenge; 1117 1118 ASSERT(challenge.soupSession()); 1119 ASSERT(challenge.soupMessage()); 1120 if (!credentialFromPersistentStorage.isEmpty()) 1121 challenge.setProposedCredential(credentialFromPersistentStorage); 1122 1123 if (!client()) { 1124 soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage()); 1125 clearAuthentication(); 1126 return; 1127 } 1128 1129 ASSERT(challenge.soupSession()); 1130 ASSERT(challenge.soupMessage()); 1131 client()->didReceiveAuthenticationChallenge(this, challenge); 1132} 1133 1134void ResourceHandle::didReceiveAuthenticationChallenge(const AuthenticationChallenge& challenge) 1135{ 1136 ASSERT(d->m_currentWebChallenge.isNull()); 1137 1138 // FIXME: Per the specification, the user shouldn't be asked for credentials if there were incorrect ones provided explicitly. 1139 bool useCredentialStorage = shouldUseCredentialStorage(); 1140 if (useCredentialStorage) { 1141 if (!d->m_initialCredential.isEmpty() || challenge.previousFailureCount()) { 1142 // The stored credential wasn't accepted, stop using it. There is a race condition 1143 // here, since a different credential might have already been stored by another 1144 // ResourceHandle, but the observable effect should be very minor, if any. 1145 CredentialStorage::remove(challenge.protectionSpace()); 1146 } 1147 1148 if (!challenge.previousFailureCount()) { 1149 Credential credential = CredentialStorage::get(challenge.protectionSpace()); 1150 if (!credential.isEmpty() && credential != d->m_initialCredential) { 1151 ASSERT(credential.persistence() == CredentialPersistenceNone); 1152 1153 // Store the credential back, possibly adding it as a default for this directory. 1154 if (isAuthenticationFailureStatusCode(challenge.failureResponse().httpStatusCode())) 1155 CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url()); 1156 1157 soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data()); 1158 return; 1159 } 1160 } 1161 } 1162 1163 d->m_currentWebChallenge = challenge; 1164 soup_session_pause_message(challenge.soupSession(), challenge.soupMessage()); 1165 1166#if PLATFORM(GTK) 1167 // We could also do this before we even start the request, but that would be at the expense 1168 // of all request latency, versus a one-time latency for the small subset of requests that 1169 // use HTTP authentication. In the end, this doesn't matter much, because persistent credentials 1170 // will become session credentials after the first use. 1171 if (useCredentialStorage) { 1172 credentialBackingStore().credentialForChallenge(challenge, getCredentialFromPersistentStoreCallback, this); 1173 return; 1174 } 1175#endif 1176 1177 continueDidReceiveAuthenticationChallenge(Credential()); 1178} 1179 1180void ResourceHandle::receivedRequestToContinueWithoutCredential(const AuthenticationChallenge& challenge) 1181{ 1182 ASSERT(!challenge.isNull()); 1183 if (challenge != d->m_currentWebChallenge) 1184 return; 1185 soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage()); 1186 1187 clearAuthentication(); 1188} 1189 1190void ResourceHandle::receivedCredential(const AuthenticationChallenge& challenge, const Credential& credential) 1191{ 1192 ASSERT(!challenge.isNull()); 1193 if (challenge != d->m_currentWebChallenge) 1194 return; 1195 1196 // FIXME: Support empty credentials. Currently, an empty credential cannot be stored in WebCore credential storage, as that's empty value for its map. 1197 if (credential.isEmpty()) { 1198 receivedRequestToContinueWithoutCredential(challenge); 1199 return; 1200 } 1201 1202 if (shouldUseCredentialStorage()) { 1203 // Eventually we will manage per-session credentials only internally or use some newly-exposed API from libsoup, 1204 // because once we authenticate via libsoup, there is no way to ignore it for a particular request. Right now, 1205 // we place the credentials in the store even though libsoup will never fire the authenticate signal again for 1206 // this protection space. 1207 if (credential.persistence() == CredentialPersistenceForSession || credential.persistence() == CredentialPersistencePermanent) 1208 CredentialStorage::set(credential, challenge.protectionSpace(), challenge.failureResponse().url()); 1209 1210#if PLATFORM(GTK) 1211 if (credential.persistence() == CredentialPersistencePermanent) { 1212 d->m_credentialDataToSaveInPersistentStore.credential = credential; 1213 d->m_credentialDataToSaveInPersistentStore.challenge = challenge; 1214 } 1215#endif 1216 } 1217 1218 ASSERT(challenge.soupSession()); 1219 ASSERT(challenge.soupMessage()); 1220 soup_auth_authenticate(challenge.soupAuth(), credential.user().utf8().data(), credential.password().utf8().data()); 1221 soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage()); 1222 1223 clearAuthentication(); 1224} 1225 1226void ResourceHandle::receivedCancellation(const AuthenticationChallenge& challenge) 1227{ 1228 ASSERT(!challenge.isNull()); 1229 if (challenge != d->m_currentWebChallenge) 1230 return; 1231 1232 soup_session_unpause_message(challenge.soupSession(), challenge.soupMessage()); 1233 1234 if (client()) 1235 client()->receivedCancellation(this, challenge); 1236 1237 clearAuthentication(); 1238} 1239 1240static bool waitingToSendRequest(ResourceHandle* handle) 1241{ 1242 // We need to check for d->m_soupRequest because the request may have raised a failure 1243 // (for example invalid URLs). We cannot simply check for d->m_scheduledFailure because 1244 // it's cleared as soon as the failure event is fired. 1245 return handle->getInternal()->m_soupRequest && !handle->getInternal()->m_cancellable; 1246} 1247 1248void ResourceHandle::platformSetDefersLoading(bool defersLoading) 1249{ 1250 if (cancelledOrClientless()) 1251 return; 1252 1253 // Except when canceling a possible timeout timer, we only need to take action here to UN-defer loading. 1254 if (defersLoading) { 1255 if (d->m_timeoutSource) { 1256 g_source_destroy(d->m_timeoutSource.get()); 1257 d->m_timeoutSource.clear(); 1258 } 1259 return; 1260 } 1261 1262 if (waitingToSendRequest(this)) { 1263 sendPendingRequest(); 1264 return; 1265 } 1266 1267 if (d->m_deferredResult) { 1268 GRefPtr<GAsyncResult> asyncResult = adoptGRef(d->m_deferredResult.leakRef()); 1269 1270 if (d->m_inputStream) 1271 readCallback(G_OBJECT(d->m_inputStream.get()), asyncResult.get(), this); 1272 else 1273 sendRequestCallback(G_OBJECT(d->m_soupRequest.get()), asyncResult.get(), this); 1274 } 1275} 1276 1277bool ResourceHandle::loadsBlocked() 1278{ 1279 return false; 1280} 1281 1282void ResourceHandle::platformLoadResourceSynchronously(NetworkingContext* context, const ResourceRequest& request, StoredCredentials /*storedCredentials*/, ResourceError& error, ResourceResponse& response, Vector<char>& data) 1283{ 1284 ASSERT(!loadingSynchronousRequest); 1285 if (loadingSynchronousRequest) // In practice this cannot happen, but if for some reason it does, 1286 return; // we want to avoid accidentally going into an infinite loop of requests. 1287 1288 WebCoreSynchronousLoader syncLoader(error, response, sessionFromContext(context), data); 1289 RefPtr<ResourceHandle> handle = create(context, request, &syncLoader, false /*defersLoading*/, false /*shouldContentSniff*/); 1290 if (!handle) 1291 return; 1292 1293 // If the request has already failed, do not run the main loop, or else we'll block indefinitely. 1294 if (handle->d->m_scheduledFailureType != NoFailure) 1295 return; 1296 1297 syncLoader.run(); 1298} 1299 1300static void readCallback(GObject*, GAsyncResult* asyncResult, gpointer data) 1301{ 1302 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 1303 1304 if (handle->cancelledOrClientless()) { 1305 cleanupSoupRequestOperation(handle.get()); 1306 return; 1307 } 1308 1309 ResourceHandleInternal* d = handle->getInternal(); 1310 if (d->m_defersLoading) { 1311 d->m_deferredResult = asyncResult; 1312 return; 1313 } 1314 1315 GOwnPtr<GError> error; 1316 gssize bytesRead = g_input_stream_read_finish(d->m_inputStream.get(), asyncResult, &error.outPtr()); 1317 1318 if (error) { 1319 handle->client()->didFail(handle.get(), ResourceError::genericGError(error.get(), d->m_soupRequest.get())); 1320 cleanupSoupRequestOperation(handle.get()); 1321 return; 1322 } 1323 1324 if (!bytesRead) { 1325 // If this is a multipart message, we'll look for another part. 1326 if (d->m_soupMessage && d->m_multipartInputStream) { 1327 d->m_inputStream.clear(); 1328 soup_multipart_input_stream_next_part_async(d->m_multipartInputStream.get(), G_PRIORITY_DEFAULT, 1329 d->m_cancellable.get(), nextMultipartResponsePartCallback, handle.get()); 1330 return; 1331 } 1332 1333 g_input_stream_close(d->m_inputStream.get(), 0, 0); 1334 1335 handle->client()->didFinishLoading(handle.get(), 0); 1336 cleanupSoupRequestOperation(handle.get()); 1337 return; 1338 } 1339 1340 // It's mandatory to have sent a response before sending data 1341 ASSERT(!d->m_response.isNull()); 1342 1343 handle->client()->didReceiveData(handle.get(), d->m_readBufferPtr, bytesRead, bytesRead); 1344 1345 // didReceiveData may cancel the load, which may release the last reference. 1346 if (handle->cancelledOrClientless()) { 1347 cleanupSoupRequestOperation(handle.get()); 1348 return; 1349 } 1350 1351 handle->ensureReadBuffer(); 1352 g_input_stream_read_async(d->m_inputStream.get(), d->m_readBufferPtr, d->m_readBufferSize, G_PRIORITY_DEFAULT, 1353 d->m_cancellable.get(), readCallback, handle.get()); 1354} 1355 1356static gboolean requestTimeoutCallback(gpointer data) 1357{ 1358 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data); 1359 handle->client()->didFail(handle.get(), ResourceError::timeoutError(handle->getInternal()->m_firstRequest.url().string())); 1360 handle->cancel(); 1361 1362 return FALSE; 1363} 1364 1365static void authenticateCallback(SoupSession* session, SoupMessage* soupMessage, SoupAuth* soupAuth, gboolean retrying) 1366{ 1367 RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(g_object_get_data(G_OBJECT(soupMessage), "handle")); 1368 if (!handle) 1369 return; 1370 handle->didReceiveAuthenticationChallenge(AuthenticationChallenge(session, soupMessage, soupAuth, retrying, handle.get())); 1371} 1372 1373SoupSession* ResourceHandle::defaultSession() 1374{ 1375 static SoupSession* session = 0; 1376 // Values taken from http://www.browserscope.org/ following 1377 // the rule "Do What Every Other Modern Browser Is Doing". They seem 1378 // to significantly improve page loading time compared to soup's 1379 // default values. 1380 static const int maxConnections = 35; 1381 static const int maxConnectionsPerHost = 6; 1382 1383 if (!session) { 1384 session = soup_session_async_new(); 1385 g_object_set(session, 1386 SOUP_SESSION_MAX_CONNS, maxConnections, 1387 SOUP_SESSION_MAX_CONNS_PER_HOST, maxConnectionsPerHost, 1388 SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_DECODER, 1389 SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_SNIFFER, 1390 SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_PROXY_RESOLVER_DEFAULT, 1391 SOUP_SESSION_USE_THREAD_CONTEXT, TRUE, 1392 NULL); 1393 g_signal_connect(session, "authenticate", G_CALLBACK(authenticateCallback), 0); 1394 1395#if ENABLE(WEB_TIMING) 1396 g_signal_connect(session, "request-started", G_CALLBACK(requestStartedCallback), 0); 1397#endif 1398 } 1399 1400 return session; 1401} 1402 1403uint64_t ResourceHandle::getSoupRequestInitiatingPageID(SoupRequest* request) 1404{ 1405 uint64_t* initiatingPageIDPtr = static_cast<uint64_t*>(g_object_get_data(G_OBJECT(request), gSoupRequestInitiatingPageIDKey)); 1406 return initiatingPageIDPtr ? *initiatingPageIDPtr : 0; 1407} 1408 1409} 1410