1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resource-loading
7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
13 #include "base/bind.h"
14 #include "base/bind_helpers.h"
15 #include "base/command_line.h"
16 #include "base/compiler_specific.h"
17 #include "base/debug/alias.h"
18 #include "base/logging.h"
19 #include "base/memory/scoped_ptr.h"
20 #include "base/memory/shared_memory.h"
21 #include "base/message_loop/message_loop.h"
22 #include "base/metrics/histogram.h"
23 #include "base/metrics/sparse_histogram.h"
24 #include "base/stl_util.h"
25 #include "base/third_party/dynamic_annotations/dynamic_annotations.h"
26 #include "content/browser/appcache/appcache_interceptor.h"
27 #include "content/browser/appcache/chrome_appcache_service.h"
28 #include "content/browser/cert_store_impl.h"
29 #include "content/browser/child_process_security_policy_impl.h"
30 #include "content/browser/download/download_resource_handler.h"
31 #include "content/browser/download/save_file_manager.h"
32 #include "content/browser/download/save_file_resource_handler.h"
33 #include "content/browser/fileapi/chrome_blob_storage_context.h"
34 #include "content/browser/frame_host/navigation_request_info.h"
35 #include "content/browser/loader/async_resource_handler.h"
36 #include "content/browser/loader/buffered_resource_handler.h"
37 #include "content/browser/loader/cross_site_resource_handler.h"
38 #include "content/browser/loader/detachable_resource_handler.h"
39 #include "content/browser/loader/power_save_block_resource_throttle.h"
40 #include "content/browser/loader/redirect_to_file_resource_handler.h"
41 #include "content/browser/loader/resource_message_filter.h"
42 #include "content/browser/loader/resource_request_info_impl.h"
43 #include "content/browser/loader/stream_resource_handler.h"
44 #include "content/browser/loader/sync_resource_handler.h"
45 #include "content/browser/loader/throttling_resource_handler.h"
46 #include "content/browser/loader/upload_data_stream_builder.h"
47 #include "content/browser/plugin_service_impl.h"
48 #include "content/browser/renderer_host/render_view_host_delegate.h"
49 #include "content/browser/renderer_host/render_view_host_impl.h"
50 #include "content/browser/resource_context_impl.h"
51 #include "content/browser/service_worker/service_worker_request_handler.h"
52 #include "content/browser/streams/stream.h"
53 #include "content/browser/streams/stream_context.h"
54 #include "content/browser/streams/stream_registry.h"
55 #include "content/browser/web_contents/web_contents_impl.h"
56 #include "content/common/appcache_interfaces.h"
57 #include "content/common/resource_messages.h"
58 #include "content/common/ssl_status_serialization.h"
59 #include "content/common/view_messages.h"
60 #include "content/public/browser/browser_thread.h"
61 #include "content/public/browser/content_browser_client.h"
62 #include "content/public/browser/download_manager.h"
63 #include "content/public/browser/download_url_parameters.h"
64 #include "content/public/browser/global_request_id.h"
65 #include "content/public/browser/resource_dispatcher_host_delegate.h"
66 #include "content/public/browser/resource_request_details.h"
67 #include "content/public/browser/resource_throttle.h"
68 #include "content/public/browser/stream_handle.h"
69 #include "content/public/browser/user_metrics.h"
70 #include "content/public/common/content_switches.h"
71 #include "content/public/common/process_type.h"
72 #include "ipc/ipc_message_macros.h"
73 #include "ipc/ipc_message_start.h"
74 #include "net/base/auth.h"
75 #include "net/base/load_flags.h"
76 #include "net/base/mime_util.h"
77 #include "net/base/net_errors.h"
78 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
79 #include "net/base/request_priority.h"
80 #include "net/base/upload_data_stream.h"
81 #include "net/cert/cert_status_flags.h"
82 #include "net/cookies/cookie_monster.h"
83 #include "net/http/http_response_headers.h"
84 #include "net/http/http_response_info.h"
85 #include "net/ssl/ssl_cert_request_info.h"
86 #include "net/url_request/url_request.h"
87 #include "net/url_request/url_request_context.h"
88 #include "net/url_request/url_request_job_factory.h"
89 #include "url/url_constants.h"
90 #include "webkit/common/blob/blob_data.h"
91 #include "webkit/browser/blob/blob_data_handle.h"
92 #include "webkit/browser/blob/blob_storage_context.h"
93 #include "webkit/browser/blob/blob_url_request_job_factory.h"
94 #include "webkit/browser/fileapi/file_permission_policy.h"
95 #include "webkit/browser/fileapi/file_system_context.h"
96 #include "webkit/common/blob/shareable_file_reference.h"
99 using base::TimeDelta
;
100 using base::TimeTicks
;
101 using storage::ShareableFileReference
;
103 // ----------------------------------------------------------------------------
109 static ResourceDispatcherHostImpl
* g_resource_dispatcher_host
;
111 // The interval for calls to ResourceDispatcherHostImpl::UpdateLoadStates
112 const int kUpdateLoadStatesIntervalMsec
= 100;
114 // Maximum byte "cost" of all the outstanding requests for a renderer.
115 // See delcaration of |max_outstanding_requests_cost_per_process_| for details.
116 // This bound is 25MB, which allows for around 6000 outstanding requests.
117 const int kMaxOutstandingRequestsCostPerProcess
= 26214400;
119 // The number of milliseconds after noting a user gesture that we will
120 // tag newly-created URLRequest objects with the
121 // net::LOAD_MAYBE_USER_GESTURE load flag. This is a fairly arbitrary
122 // guess at how long to expect direct impact from a user gesture, but
123 // this should be OK as the load flag is a best-effort thing only,
124 // rather than being intended as fully accurate.
125 const int kUserGestureWindowMs
= 3500;
127 // Ratio of |max_num_in_flight_requests_| that any one renderer is allowed to
128 // use. Arbitrarily chosen.
129 const double kMaxRequestsPerProcessRatio
= 0.45;
131 // TODO(jkarlin): The value is high to reduce the chance of the detachable
132 // request timing out, forcing a blocked second request to open a new connection
133 // and start over. Reduce this value once we have a better idea of what it
134 // should be and once we stop blocking multiple simultaneous requests for the
135 // same resource (see bugs 46104 and 31014).
136 const int kDefaultDetachableCancelDelayMs
= 30000;
138 bool IsDetachableResourceType(ResourceType type
) {
140 case RESOURCE_TYPE_PREFETCH
:
141 case RESOURCE_TYPE_PING
:
148 // Aborts a request before an URLRequest has actually been created.
149 void AbortRequestBeforeItStarts(ResourceMessageFilter
* filter
,
150 IPC::Message
* sync_result
,
153 SyncLoadResult result
;
154 result
.error_code
= net::ERR_ABORTED
;
155 ResourceHostMsg_SyncLoad::WriteReplyParams(sync_result
, result
);
156 filter
->Send(sync_result
);
158 // Tell the renderer that this request was disallowed.
159 ResourceMsg_RequestCompleteData request_complete_data
;
160 request_complete_data
.error_code
= net::ERR_ABORTED
;
161 request_complete_data
.was_ignored_by_handler
= false;
162 request_complete_data
.exists_in_cache
= false;
163 // No security info needed, connection not established.
164 request_complete_data
.completion_time
= base::TimeTicks();
165 request_complete_data
.encoded_data_length
= 0;
166 filter
->Send(new ResourceMsg_RequestComplete(
167 request_id
, request_complete_data
));
171 void SetReferrerForRequest(net::URLRequest
* request
, const Referrer
& referrer
) {
172 if (!referrer
.url
.is_valid() ||
173 base::CommandLine::ForCurrentProcess()->HasSwitch(
174 switches::kNoReferrers
)) {
175 request
->SetReferrer(std::string());
177 request
->SetReferrer(referrer
.url
.spec());
180 net::URLRequest::ReferrerPolicy net_referrer_policy
=
181 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE
;
182 switch (referrer
.policy
) {
183 case blink::WebReferrerPolicyDefault
:
184 net_referrer_policy
=
185 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE
;
187 case blink::WebReferrerPolicyAlways
:
188 case blink::WebReferrerPolicyNever
:
189 case blink::WebReferrerPolicyOrigin
:
190 net_referrer_policy
= net::URLRequest::NEVER_CLEAR_REFERRER
;
193 request
->set_referrer_policy(net_referrer_policy
);
196 // Consults the RendererSecurity policy to determine whether the
197 // ResourceDispatcherHostImpl should service this request. A request might be
198 // disallowed if the renderer is not authorized to retrieve the request URL or
199 // if the renderer is attempting to upload an unauthorized file.
200 bool ShouldServiceRequest(int process_type
,
202 const ResourceHostMsg_Request
& request_data
,
203 storage::FileSystemContext
* file_system_context
) {
204 if (process_type
== PROCESS_TYPE_PLUGIN
)
207 ChildProcessSecurityPolicyImpl
* policy
=
208 ChildProcessSecurityPolicyImpl::GetInstance();
210 // Check if the renderer is permitted to request the requested URL.
211 if (!policy
->CanRequestURL(child_id
, request_data
.url
)) {
212 VLOG(1) << "Denied unauthorized request for "
213 << request_data
.url
.possibly_invalid_spec();
217 // Check if the renderer is permitted to upload the requested files.
218 if (request_data
.request_body
.get()) {
219 const std::vector
<ResourceRequestBody::Element
>* uploads
=
220 request_data
.request_body
->elements();
221 std::vector
<ResourceRequestBody::Element
>::const_iterator iter
;
222 for (iter
= uploads
->begin(); iter
!= uploads
->end(); ++iter
) {
223 if (iter
->type() == ResourceRequestBody::Element::TYPE_FILE
&&
224 !policy
->CanReadFile(child_id
, iter
->path())) {
225 NOTREACHED() << "Denied unauthorized upload of "
226 << iter
->path().value();
229 if (iter
->type() == ResourceRequestBody::Element::TYPE_FILE_FILESYSTEM
) {
230 storage::FileSystemURL url
=
231 file_system_context
->CrackURL(iter
->filesystem_url());
232 if (!policy
->CanReadFileSystemFile(child_id
, url
)) {
233 NOTREACHED() << "Denied unauthorized upload of "
234 << iter
->filesystem_url().spec();
244 void RemoveDownloadFileFromChildSecurityPolicy(int child_id
,
245 const base::FilePath
& path
) {
246 ChildProcessSecurityPolicyImpl::GetInstance()->RevokeAllPermissionsForFile(
250 DownloadInterruptReason
CallbackAndReturn(
251 const DownloadUrlParameters::OnStartedCallback
& started_cb
,
252 DownloadInterruptReason interrupt_reason
) {
253 if (started_cb
.is_null())
254 return interrupt_reason
;
255 BrowserThread::PostTask(
259 started_cb
, static_cast<DownloadItem
*>(NULL
), interrupt_reason
));
261 return interrupt_reason
;
264 int GetCertID(net::URLRequest
* request
, int child_id
) {
265 if (request
->ssl_info().cert
.get()) {
266 return CertStore::GetInstance()->StoreCert(request
->ssl_info().cert
.get(),
272 void NotifyRedirectOnUI(int render_process_id
,
273 int render_frame_host
,
274 scoped_ptr
<ResourceRedirectDetails
> details
) {
275 RenderFrameHostImpl
* host
=
276 RenderFrameHostImpl::FromID(render_process_id
, render_frame_host
);
277 WebContentsImpl
* web_contents
=
278 static_cast<WebContentsImpl
*>(WebContents::FromRenderFrameHost(host
));
281 web_contents
->DidGetRedirectForResourceRequest(
282 host
->render_view_host(), *details
.get());
285 void NotifyResponseOnUI(int render_process_id
,
286 int render_frame_host
,
287 scoped_ptr
<ResourceRequestDetails
> details
) {
288 RenderFrameHostImpl
* host
=
289 RenderFrameHostImpl::FromID(render_process_id
, render_frame_host
);
290 WebContentsImpl
* web_contents
=
291 static_cast<WebContentsImpl
*>(WebContents::FromRenderFrameHost(host
));
294 web_contents
->DidGetResourceResponseStart(*details
.get());
298 const net::SignedCertificateTimestampAndStatus
& sct_status
) {
299 return sct_status
.status
== net::ct::SCT_STATUS_OK
;
302 storage::BlobStorageContext
* GetBlobStorageContext(
303 ResourceMessageFilter
* filter
) {
304 if (!filter
->blob_storage_context())
306 return filter
->blob_storage_context()->context();
309 void AttachRequestBodyBlobDataHandles(
310 ResourceRequestBody
* body
,
311 storage::BlobStorageContext
* blob_context
) {
312 DCHECK(blob_context
);
313 for (size_t i
= 0; i
< body
->elements()->size(); ++i
) {
314 const ResourceRequestBody::Element
& element
= (*body
->elements())[i
];
315 if (element
.type() != ResourceRequestBody::Element::TYPE_BLOB
)
317 scoped_ptr
<storage::BlobDataHandle
> handle
=
318 blob_context
->GetBlobDataFromUUID(element
.blob_uuid());
322 // Ensure the blob and any attached shareable files survive until
323 // upload completion. The |body| takes ownership of |handle|.
324 const void* key
= handle
.get();
325 body
->SetUserData(key
, handle
.release());
332 ResourceDispatcherHost
* ResourceDispatcherHost::Get() {
333 return g_resource_dispatcher_host
;
336 ResourceDispatcherHostImpl::ResourceDispatcherHostImpl()
337 : save_file_manager_(new SaveFileManager()),
340 num_in_flight_requests_(0),
341 max_num_in_flight_requests_(base::SharedMemory::GetHandleLimit()),
342 max_num_in_flight_requests_per_process_(
344 max_num_in_flight_requests_
* kMaxRequestsPerProcessRatio
)),
345 max_outstanding_requests_cost_per_process_(
346 kMaxOutstandingRequestsCostPerProcess
),
349 allow_cross_origin_auth_prompt_(false) {
350 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI
));
351 DCHECK(!g_resource_dispatcher_host
);
352 g_resource_dispatcher_host
= this;
354 GetContentClient()->browser()->ResourceDispatcherHostCreated();
356 ANNOTATE_BENIGN_RACE(
357 &last_user_gesture_time_
,
358 "We don't care about the precise value, see http://crbug.com/92889");
360 BrowserThread::PostTask(BrowserThread::IO
,
362 base::Bind(&ResourceDispatcherHostImpl::OnInit
,
363 base::Unretained(this)));
365 update_load_states_timer_
.reset(
366 new base::RepeatingTimer
<ResourceDispatcherHostImpl
>());
369 ResourceDispatcherHostImpl::~ResourceDispatcherHostImpl() {
370 DCHECK(outstanding_requests_stats_map_
.empty());
371 DCHECK(g_resource_dispatcher_host
);
372 g_resource_dispatcher_host
= NULL
;
376 ResourceDispatcherHostImpl
* ResourceDispatcherHostImpl::Get() {
377 return g_resource_dispatcher_host
;
380 void ResourceDispatcherHostImpl::SetDelegate(
381 ResourceDispatcherHostDelegate
* delegate
) {
382 delegate_
= delegate
;
385 void ResourceDispatcherHostImpl::SetAllowCrossOriginAuthPrompt(bool value
) {
386 allow_cross_origin_auth_prompt_
= value
;
389 void ResourceDispatcherHostImpl::AddResourceContext(ResourceContext
* context
) {
390 active_resource_contexts_
.insert(context
);
393 void ResourceDispatcherHostImpl::RemoveResourceContext(
394 ResourceContext
* context
) {
395 CHECK(ContainsKey(active_resource_contexts_
, context
));
396 active_resource_contexts_
.erase(context
);
399 void ResourceDispatcherHostImpl::ResumeResponseDeferredAtStart(
400 const GlobalRequestID
& id
) {
401 ResourceLoader
* loader
= GetLoader(id
);
403 // The response we were meant to resume could have already been canceled.
404 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
405 if (info
->cross_site_handler())
406 info
->cross_site_handler()->ResumeResponseDeferredAtStart(id
.request_id
);
410 void ResourceDispatcherHostImpl::CancelRequestsForContext(
411 ResourceContext
* context
) {
412 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
415 CHECK(ContainsKey(active_resource_contexts_
, context
));
417 // Note that request cancellation has side effects. Therefore, we gather all
418 // the requests to cancel first, and then we start cancelling. We assert at
419 // the end that there are no more to cancel since the context is about to go
421 typedef std::vector
<linked_ptr
<ResourceLoader
> > LoaderList
;
422 LoaderList loaders_to_cancel
;
424 for (LoaderMap::iterator i
= pending_loaders_
.begin();
425 i
!= pending_loaders_
.end();) {
426 if (i
->second
->GetRequestInfo()->GetContext() == context
) {
427 loaders_to_cancel
.push_back(i
->second
);
428 IncrementOutstandingRequestsMemory(-1, *i
->second
->GetRequestInfo());
429 pending_loaders_
.erase(i
++);
435 for (BlockedLoadersMap::iterator i
= blocked_loaders_map_
.begin();
436 i
!= blocked_loaders_map_
.end();) {
437 BlockedLoadersList
* loaders
= i
->second
;
438 if (loaders
->empty()) {
439 // This can happen if BlockRequestsForRoute() has been called for a route,
440 // but we haven't blocked any matching requests yet.
444 ResourceRequestInfoImpl
* info
= loaders
->front()->GetRequestInfo();
445 if (info
->GetContext() == context
) {
446 blocked_loaders_map_
.erase(i
++);
447 for (BlockedLoadersList::const_iterator it
= loaders
->begin();
448 it
!= loaders
->end(); ++it
) {
449 linked_ptr
<ResourceLoader
> loader
= *it
;
450 info
= loader
->GetRequestInfo();
451 // We make the assumption that all requests on the list have the same
453 DCHECK_EQ(context
, info
->GetContext());
454 IncrementOutstandingRequestsMemory(-1, *info
);
455 loaders_to_cancel
.push_back(loader
);
464 for (LoaderList::iterator i
= loaders_to_cancel
.begin();
465 i
!= loaders_to_cancel
.end(); ++i
) {
466 // There is no strict requirement that this be the case, but currently
467 // downloads, streams, detachable requests, and transferred requests are the
468 // only requests that aren't cancelled when the associated processes go
469 // away. It may be OK for this invariant to change in the future, but if
470 // this assertion fires without the invariant changing, then it's indicative
472 DCHECK((*i
)->GetRequestInfo()->IsDownload() ||
473 (*i
)->GetRequestInfo()->is_stream() ||
474 ((*i
)->GetRequestInfo()->detachable_handler() &&
475 (*i
)->GetRequestInfo()->detachable_handler()->is_detached()) ||
476 (*i
)->is_transferring());
480 loaders_to_cancel
.clear();
482 // Validate that no more requests for this context were added.
483 for (LoaderMap::const_iterator i
= pending_loaders_
.begin();
484 i
!= pending_loaders_
.end(); ++i
) {
485 // http://crbug.com/90971
486 CHECK_NE(i
->second
->GetRequestInfo()->GetContext(), context
);
489 for (BlockedLoadersMap::const_iterator i
= blocked_loaders_map_
.begin();
490 i
!= blocked_loaders_map_
.end(); ++i
) {
491 BlockedLoadersList
* loaders
= i
->second
;
492 if (!loaders
->empty()) {
493 ResourceRequestInfoImpl
* info
= loaders
->front()->GetRequestInfo();
494 // http://crbug.com/90971
495 CHECK_NE(info
->GetContext(), context
);
500 DownloadInterruptReason
ResourceDispatcherHostImpl::BeginDownload(
501 scoped_ptr
<net::URLRequest
> request
,
502 const Referrer
& referrer
,
503 bool is_content_initiated
,
504 ResourceContext
* context
,
508 scoped_ptr
<DownloadSaveInfo
> save_info
,
510 const DownloadStartedCallback
& started_callback
) {
512 return CallbackAndReturn(started_callback
,
513 DOWNLOAD_INTERRUPT_REASON_USER_SHUTDOWN
);
515 const GURL
& url
= request
->original_url();
517 // http://crbug.com/90971
519 base::strlcpy(url_buf
, url
.spec().c_str(), arraysize(url_buf
));
520 base::debug::Alias(url_buf
);
521 CHECK(ContainsKey(active_resource_contexts_
, context
));
523 SetReferrerForRequest(request
.get(), referrer
);
525 int extra_load_flags
= net::LOAD_IS_DOWNLOAD
;
527 // If there is upload data attached, only retrieve from cache because there
528 // is no current mechanism to prompt the user for their consent for a
529 // re-post. For GETs, try to retrieve data from the cache and skip
530 // validating the entry if present.
531 if (request
->get_upload() != NULL
)
532 extra_load_flags
|= net::LOAD_ONLY_FROM_CACHE
;
534 extra_load_flags
|= net::LOAD_PREFERRING_CACHE
;
536 extra_load_flags
|= net::LOAD_DISABLE_CACHE
;
538 request
->SetLoadFlags(request
->load_flags() | extra_load_flags
);
540 // We treat a download as a main frame load, and thus update the policy URL on
543 // TODO(davidben): Is this correct? If this came from a
544 // ViewHostMsg_DownloadUrl in a frame, should it have first-party URL set
546 request
->set_first_party_url_policy(
547 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT
);
549 // Check if the renderer is permitted to request the requested URL.
550 if (!ChildProcessSecurityPolicyImpl::GetInstance()->
551 CanRequestURL(child_id
, url
)) {
552 VLOG(1) << "Denied unauthorized download request for "
553 << url
.possibly_invalid_spec();
554 return CallbackAndReturn(started_callback
,
555 DOWNLOAD_INTERRUPT_REASON_NETWORK_INVALID_REQUEST
);
560 const net::URLRequestContext
* request_context
= context
->GetRequestContext();
561 if (!request_context
->job_factory()->IsHandledURL(url
)) {
562 VLOG(1) << "Download request for unsupported protocol: "
563 << url
.possibly_invalid_spec();
564 return CallbackAndReturn(started_callback
,
565 DOWNLOAD_INTERRUPT_REASON_NETWORK_INVALID_REQUEST
);
568 ResourceRequestInfoImpl
* extra_info
=
569 CreateRequestInfo(child_id
, route_id
, true, context
);
570 extra_info
->AssociateWithRequest(request
.get()); // Request takes ownership.
572 if (request
->url().SchemeIs(url::kBlobScheme
)) {
573 ChromeBlobStorageContext
* blob_context
=
574 GetChromeBlobStorageContextForResourceContext(context
);
575 storage::BlobProtocolHandler::SetRequestedBlobDataHandle(
577 blob_context
->context()->GetBlobDataFromPublicURL(request
->url()));
580 // From this point forward, the |DownloadResourceHandler| is responsible for
581 // |started_callback|.
582 scoped_ptr
<ResourceHandler
> handler(
583 CreateResourceHandlerForDownload(request
.get(), is_content_initiated
,
584 true, download_id
, save_info
.Pass(),
587 BeginRequestInternal(request
.Pass(), handler
.Pass());
589 return DOWNLOAD_INTERRUPT_REASON_NONE
;
592 void ResourceDispatcherHostImpl::ClearLoginDelegateForRequest(
593 net::URLRequest
* request
) {
594 ResourceRequestInfoImpl
* info
= ResourceRequestInfoImpl::ForRequest(request
);
596 ResourceLoader
* loader
= GetLoader(info
->GetGlobalRequestID());
598 loader
->ClearLoginDelegate();
602 void ResourceDispatcherHostImpl::Shutdown() {
603 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI
));
604 BrowserThread::PostTask(BrowserThread::IO
,
606 base::Bind(&ResourceDispatcherHostImpl::OnShutdown
,
607 base::Unretained(this)));
610 scoped_ptr
<ResourceHandler
>
611 ResourceDispatcherHostImpl::CreateResourceHandlerForDownload(
612 net::URLRequest
* request
,
613 bool is_content_initiated
,
616 scoped_ptr
<DownloadSaveInfo
> save_info
,
617 const DownloadUrlParameters::OnStartedCallback
& started_cb
) {
618 scoped_ptr
<ResourceHandler
> handler(
619 new DownloadResourceHandler(id
, request
, started_cb
, save_info
.Pass()));
621 const ResourceRequestInfo
* request_info(
622 ResourceRequestInfo::ForRequest(request
));
624 ScopedVector
<ResourceThrottle
> throttles
;
625 delegate_
->DownloadStarting(
626 request
, request_info
->GetContext(), request_info
->GetChildID(),
627 request_info
->GetRouteID(), request_info
->GetRequestID(),
628 is_content_initiated
, must_download
, &throttles
);
629 if (!throttles
.empty()) {
631 new ThrottlingResourceHandler(
632 handler
.Pass(), request
, throttles
.Pass()));
635 return handler
.Pass();
638 scoped_ptr
<ResourceHandler
>
639 ResourceDispatcherHostImpl::MaybeInterceptAsStream(net::URLRequest
* request
,
640 ResourceResponse
* response
,
641 std::string
* payload
) {
642 ResourceRequestInfoImpl
* info
= ResourceRequestInfoImpl::ForRequest(request
);
643 const std::string
& mime_type
= response
->head
.mime_type
;
647 !delegate_
->ShouldInterceptResourceAsStream(request
,
651 return scoped_ptr
<ResourceHandler
>();
654 StreamContext
* stream_context
=
655 GetStreamContextForResourceContext(info
->GetContext());
657 scoped_ptr
<StreamResourceHandler
> handler(
658 new StreamResourceHandler(request
,
659 stream_context
->registry(),
662 info
->set_is_stream(true);
663 delegate_
->OnStreamCreated(
665 handler
->stream()->CreateHandle(
668 response
->head
.headers
));
669 return handler
.PassAs
<ResourceHandler
>();
672 void ResourceDispatcherHostImpl::ClearSSLClientAuthHandlerForRequest(
673 net::URLRequest
* request
) {
674 ResourceRequestInfoImpl
* info
= ResourceRequestInfoImpl::ForRequest(request
);
676 ResourceLoader
* loader
= GetLoader(info
->GetGlobalRequestID());
678 loader
->ClearSSLClientAuthHandler();
682 ResourceDispatcherHostLoginDelegate
*
683 ResourceDispatcherHostImpl::CreateLoginDelegate(
684 ResourceLoader
* loader
,
685 net::AuthChallengeInfo
* auth_info
) {
689 return delegate_
->CreateLoginDelegate(auth_info
, loader
->request());
692 bool ResourceDispatcherHostImpl::HandleExternalProtocol(ResourceLoader
* loader
,
697 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
699 if (!IsResourceTypeFrame(info
->GetResourceType()))
702 const net::URLRequestJobFactory
* job_factory
=
703 info
->GetContext()->GetRequestContext()->job_factory();
704 if (job_factory
->IsHandledURL(url
))
707 return delegate_
->HandleExternalProtocol(
708 url
, info
->GetChildID(), info
->GetRouteID());
711 void ResourceDispatcherHostImpl::DidStartRequest(ResourceLoader
* loader
) {
712 // Make sure we have the load state monitor running
713 if (!update_load_states_timer_
->IsRunning()) {
714 update_load_states_timer_
->Start(FROM_HERE
,
715 TimeDelta::FromMilliseconds(kUpdateLoadStatesIntervalMsec
),
716 this, &ResourceDispatcherHostImpl::UpdateLoadStates
);
720 void ResourceDispatcherHostImpl::DidReceiveRedirect(ResourceLoader
* loader
,
721 const GURL
& new_url
) {
722 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
724 int render_process_id
, render_frame_host
;
725 if (!info
->GetAssociatedRenderFrame(&render_process_id
, &render_frame_host
))
728 // Notify the observers on the UI thread.
729 scoped_ptr
<ResourceRedirectDetails
> detail(new ResourceRedirectDetails(
731 GetCertID(loader
->request(), info
->GetChildID()),
733 BrowserThread::PostTask(
734 BrowserThread::UI
, FROM_HERE
,
737 render_process_id
, render_frame_host
, base::Passed(&detail
)));
740 void ResourceDispatcherHostImpl::DidReceiveResponse(ResourceLoader
* loader
) {
741 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
743 if (loader
->request()->was_fetched_via_proxy() &&
744 loader
->request()->was_fetched_via_spdy() &&
745 loader
->request()->url().SchemeIs("http")) {
746 scheduler_
->OnReceivedSpdyProxiedHttpResponse(
747 info
->GetChildID(), info
->GetRouteID());
750 int render_process_id
, render_frame_host
;
751 if (!info
->GetAssociatedRenderFrame(&render_process_id
, &render_frame_host
))
754 // Notify the observers on the UI thread.
755 scoped_ptr
<ResourceRequestDetails
> detail(new ResourceRequestDetails(
757 GetCertID(loader
->request(), info
->GetChildID())));
758 BrowserThread::PostTask(
759 BrowserThread::UI
, FROM_HERE
,
762 render_process_id
, render_frame_host
, base::Passed(&detail
)));
765 void ResourceDispatcherHostImpl::DidFinishLoading(ResourceLoader
* loader
) {
766 ResourceRequestInfo
* info
= loader
->GetRequestInfo();
768 // Record final result of all resource loads.
769 if (info
->GetResourceType() == RESOURCE_TYPE_MAIN_FRAME
) {
770 // This enumeration has "3" appended to its name to distinguish it from
772 UMA_HISTOGRAM_SPARSE_SLOWLY(
773 "Net.ErrorCodesForMainFrame3",
774 -loader
->request()->status().error());
776 if (loader
->request()->url().SchemeIsSecure()) {
777 if (loader
->request()->url().host() == "www.google.com") {
778 UMA_HISTOGRAM_SPARSE_SLOWLY("Net.ErrorCodesForHTTPSGoogleMainFrame2",
779 -loader
->request()->status().error());
782 int num_valid_scts
= std::count_if(
783 loader
->request()->ssl_info().signed_certificate_timestamps
.begin(),
784 loader
->request()->ssl_info().signed_certificate_timestamps
.end(),
786 UMA_HISTOGRAM_COUNTS_100(
787 "Net.CertificateTransparency.MainFrameValidSCTCount", num_valid_scts
);
790 if (info
->GetResourceType() == RESOURCE_TYPE_IMAGE
) {
791 UMA_HISTOGRAM_SPARSE_SLOWLY(
792 "Net.ErrorCodesForImages",
793 -loader
->request()->status().error());
795 // This enumeration has "2" appended to distinguish it from older versions.
796 UMA_HISTOGRAM_SPARSE_SLOWLY(
797 "Net.ErrorCodesForSubresources2",
798 -loader
->request()->status().error());
802 delegate_
->RequestComplete(loader
->request());
804 // Destroy the ResourceLoader.
805 RemovePendingRequest(info
->GetChildID(), info
->GetRequestID());
808 void ResourceDispatcherHostImpl::OnInit() {
809 scheduler_
.reset(new ResourceScheduler
);
810 AppCacheInterceptor::EnsureRegistered();
813 void ResourceDispatcherHostImpl::OnShutdown() {
814 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
817 pending_loaders_
.clear();
819 // Make sure we shutdown the timer now, otherwise by the time our destructor
820 // runs if the timer is still running the Task is deleted twice (once by
821 // the MessageLoop and the second time by RepeatingTimer).
822 update_load_states_timer_
.reset();
824 // Clear blocked requests if any left.
825 // Note that we have to do this in 2 passes as we cannot call
826 // CancelBlockedRequestsForRoute while iterating over
827 // blocked_loaders_map_, as it modifies it.
828 std::set
<GlobalRoutingID
> ids
;
829 for (BlockedLoadersMap::const_iterator iter
= blocked_loaders_map_
.begin();
830 iter
!= blocked_loaders_map_
.end(); ++iter
) {
831 std::pair
<std::set
<GlobalRoutingID
>::iterator
, bool> result
=
832 ids
.insert(iter
->first
);
833 // We should not have duplicates.
834 DCHECK(result
.second
);
836 for (std::set
<GlobalRoutingID
>::const_iterator iter
= ids
.begin();
837 iter
!= ids
.end(); ++iter
) {
838 CancelBlockedRequestsForRoute(iter
->child_id
, iter
->route_id
);
844 bool ResourceDispatcherHostImpl::OnMessageReceived(
845 const IPC::Message
& message
,
846 ResourceMessageFilter
* filter
) {
849 IPC_BEGIN_MESSAGE_MAP(ResourceDispatcherHostImpl
, message
)
850 IPC_MESSAGE_HANDLER(ResourceHostMsg_RequestResource
, OnRequestResource
)
851 IPC_MESSAGE_HANDLER_DELAY_REPLY(ResourceHostMsg_SyncLoad
, OnSyncLoad
)
852 IPC_MESSAGE_HANDLER(ResourceHostMsg_ReleaseDownloadedFile
,
853 OnReleaseDownloadedFile
)
854 IPC_MESSAGE_HANDLER(ResourceHostMsg_DataDownloaded_ACK
, OnDataDownloadedACK
)
855 IPC_MESSAGE_HANDLER(ResourceHostMsg_UploadProgress_ACK
, OnUploadProgressACK
)
856 IPC_MESSAGE_HANDLER(ResourceHostMsg_CancelRequest
, OnCancelRequest
)
857 IPC_MESSAGE_UNHANDLED(handled
= false)
858 IPC_END_MESSAGE_MAP()
860 if (!handled
&& IPC_MESSAGE_ID_CLASS(message
.type()) == ResourceMsgStart
) {
861 PickleIterator
iter(message
);
863 bool ok
= iter
.ReadInt(&request_id
);
865 GlobalRequestID
id(filter_
->child_id(), request_id
);
866 DelegateMap::iterator it
= delegate_map_
.find(id
);
867 if (it
!= delegate_map_
.end()) {
868 ObserverList
<ResourceMessageDelegate
>::Iterator
del_it(*it
->second
);
869 ResourceMessageDelegate
* delegate
;
870 while (!handled
&& (delegate
= del_it
.GetNext()) != NULL
) {
871 handled
= delegate
->OnMessageReceived(message
);
875 // As the unhandled resource message effectively has no consumer, mark it as
876 // handled to prevent needless propagation through the filter pipeline.
884 void ResourceDispatcherHostImpl::OnRequestResource(
887 const ResourceHostMsg_Request
& request_data
) {
888 BeginRequest(request_id
, request_data
, NULL
, routing_id
);
891 // Begins a resource request with the given params on behalf of the specified
892 // child process. Responses will be dispatched through the given receiver. The
893 // process ID is used to lookup WebContentsImpl from routing_id's in the case of
894 // a request from a renderer. request_context is the cookie/cache context to be
895 // used for this request.
897 // If sync_result is non-null, then a SyncLoad reply will be generated, else
898 // a normal asynchronous set of response messages will be generated.
899 void ResourceDispatcherHostImpl::OnSyncLoad(
901 const ResourceHostMsg_Request
& request_data
,
902 IPC::Message
* sync_result
) {
903 BeginRequest(request_id
, request_data
, sync_result
,
904 sync_result
->routing_id());
907 void ResourceDispatcherHostImpl::UpdateRequestForTransfer(
911 const ResourceHostMsg_Request
& request_data
,
912 const linked_ptr
<ResourceLoader
>& loader
) {
913 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
914 GlobalRoutingID
old_routing_id(
915 request_data
.transferred_request_child_id
, info
->GetRouteID());
916 GlobalRequestID
old_request_id(request_data
.transferred_request_child_id
,
917 request_data
.transferred_request_request_id
);
918 GlobalRoutingID
new_routing_id(child_id
, route_id
);
919 GlobalRequestID
new_request_id(child_id
, request_id
);
921 // Clear out data that depends on |info| before updating it.
922 IncrementOutstandingRequestsMemory(-1, *info
);
923 OustandingRequestsStats empty_stats
= { 0, 0 };
924 OustandingRequestsStats old_stats
= GetOutstandingRequestsStats(*info
);
925 UpdateOutstandingRequestsStats(*info
, empty_stats
);
926 pending_loaders_
.erase(old_request_id
);
928 // ResourceHandlers should always get state related to the request from the
929 // ResourceRequestInfo rather than caching it locally. This lets us update
930 // the info object when a transfer occurs.
931 info
->UpdateForTransfer(child_id
, route_id
, request_data
.origin_pid
,
932 request_id
, request_data
.parent_render_frame_id
,
933 filter_
->GetWeakPtr());
935 // Update maps that used the old IDs, if necessary. Some transfers in tests
936 // do not actually use a different ID, so not all maps need to be updated.
937 pending_loaders_
[new_request_id
] = loader
;
938 UpdateOutstandingRequestsStats(*info
, old_stats
);
939 IncrementOutstandingRequestsMemory(1, *info
);
940 if (old_routing_id
!= new_routing_id
) {
941 if (blocked_loaders_map_
.find(old_routing_id
) !=
942 blocked_loaders_map_
.end()) {
943 blocked_loaders_map_
[new_routing_id
] =
944 blocked_loaders_map_
[old_routing_id
];
945 blocked_loaders_map_
.erase(old_routing_id
);
948 if (old_request_id
!= new_request_id
) {
949 DelegateMap::iterator it
= delegate_map_
.find(old_request_id
);
950 if (it
!= delegate_map_
.end()) {
951 // Tell each delegate that the request ID has changed.
952 ObserverList
<ResourceMessageDelegate
>::Iterator
del_it(*it
->second
);
953 ResourceMessageDelegate
* delegate
;
954 while ((delegate
= del_it
.GetNext()) != NULL
) {
955 delegate
->set_request_id(new_request_id
);
957 // Now store the observer list under the new request ID.
958 delegate_map_
[new_request_id
] = delegate_map_
[old_request_id
];
959 delegate_map_
.erase(old_request_id
);
963 AppCacheInterceptor::CompleteCrossSiteTransfer(
966 request_data
.appcache_host_id
);
968 // We should have a CrossSiteResourceHandler to finish the transfer.
969 DCHECK(info
->cross_site_handler());
972 void ResourceDispatcherHostImpl::BeginRequest(
974 const ResourceHostMsg_Request
& request_data
,
975 IPC::Message
* sync_result
, // only valid for sync
977 int process_type
= filter_
->process_type();
978 int child_id
= filter_
->child_id();
980 // Reject invalid priority.
981 if (request_data
.priority
< net::MINIMUM_PRIORITY
||
982 request_data
.priority
> net::MAXIMUM_PRIORITY
) {
983 RecordAction(base::UserMetricsAction("BadMessageTerminate_RDH"));
984 filter_
->BadMessageReceived();
988 // If we crash here, figure out what URL the renderer was requesting.
989 // http://crbug.com/91398
991 base::strlcpy(url_buf
, request_data
.url
.spec().c_str(), arraysize(url_buf
));
992 base::debug::Alias(url_buf
);
994 // If the request that's coming in is being transferred from another process,
995 // we want to reuse and resume the old loader rather than start a new one.
997 LoaderMap::iterator it
= pending_loaders_
.find(
998 GlobalRequestID(request_data
.transferred_request_child_id
,
999 request_data
.transferred_request_request_id
));
1000 if (it
!= pending_loaders_
.end()) {
1001 // If the request is transferring to a new process, we can update our
1002 // state and let it resume with its existing ResourceHandlers.
1003 if (it
->second
->is_transferring()) {
1004 linked_ptr
<ResourceLoader
> deferred_loader
= it
->second
;
1005 UpdateRequestForTransfer(child_id
, route_id
, request_id
,
1006 request_data
, deferred_loader
);
1008 deferred_loader
->CompleteTransfer();
1010 RecordAction(base::UserMetricsAction("BadMessageTerminate_RDH"));
1011 filter_
->BadMessageReceived();
1017 ResourceContext
* resource_context
= NULL
;
1018 net::URLRequestContext
* request_context
= NULL
;
1019 filter_
->GetContexts(request_data
, &resource_context
, &request_context
);
1020 // http://crbug.com/90971
1021 CHECK(ContainsKey(active_resource_contexts_
, resource_context
));
1024 !ShouldServiceRequest(process_type
, child_id
, request_data
,
1025 filter_
->file_system_context())) {
1026 AbortRequestBeforeItStarts(filter_
, sync_result
, request_id
);
1030 // Allow the observer to block/handle the request.
1031 if (delegate_
&& !delegate_
->ShouldBeginRequest(request_data
.method
,
1033 request_data
.resource_type
,
1034 resource_context
)) {
1035 AbortRequestBeforeItStarts(filter_
, sync_result
, request_id
);
1039 bool is_sync_load
= sync_result
!= NULL
;
1041 BuildLoadFlagsForRequest(request_data
, child_id
, is_sync_load
);
1043 // Sync loads should have maximum priority and should be the only
1044 // requets that have the ignore limits flag set.
1046 DCHECK_EQ(request_data
.priority
, net::MAXIMUM_PRIORITY
);
1047 DCHECK_NE(load_flags
& net::LOAD_IGNORE_LIMITS
, 0);
1049 DCHECK_EQ(load_flags
& net::LOAD_IGNORE_LIMITS
, 0);
1052 // Construct the request.
1053 net::CookieStore
* cookie_store
=
1054 GetContentClient()->browser()->OverrideCookieStoreForRenderProcess(
1056 scoped_ptr
<net::URLRequest
> new_request
;
1057 new_request
= request_context
->CreateRequest(
1058 request_data
.url
, request_data
.priority
, NULL
, cookie_store
);
1060 new_request
->set_method(request_data
.method
);
1061 new_request
->set_first_party_for_cookies(
1062 request_data
.first_party_for_cookies
);
1064 // If the request is a MAIN_FRAME request, the first-party URL gets updated on
1066 if (request_data
.resource_type
== RESOURCE_TYPE_MAIN_FRAME
) {
1067 new_request
->set_first_party_url_policy(
1068 net::URLRequest::UPDATE_FIRST_PARTY_URL_ON_REDIRECT
);
1071 const Referrer
referrer(request_data
.referrer
, request_data
.referrer_policy
);
1072 SetReferrerForRequest(new_request
.get(), referrer
);
1074 net::HttpRequestHeaders headers
;
1075 headers
.AddHeadersFromString(request_data
.headers
);
1076 new_request
->SetExtraRequestHeaders(headers
);
1078 new_request
->SetLoadFlags(load_flags
);
1080 storage::BlobStorageContext
* blob_context
=
1081 GetBlobStorageContext(filter_
);
1082 // Resolve elements from request_body and prepare upload data.
1083 if (request_data
.request_body
.get()) {
1084 // Attaches the BlobDataHandles to request_body not to free the blobs and
1085 // any attached shareable files until upload completion. These data will be
1086 // used in UploadDataStream and ServiceWorkerURLRequestJob.
1087 AttachRequestBodyBlobDataHandles(
1088 request_data
.request_body
.get(),
1090 new_request
->set_upload(UploadDataStreamBuilder::Build(
1091 request_data
.request_body
.get(),
1093 filter_
->file_system_context(),
1094 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE)
1098 bool allow_download
= request_data
.allow_download
&&
1099 IsResourceTypeFrame(request_data
.resource_type
);
1101 // Make extra info and read footer (contains request ID).
1102 ResourceRequestInfoImpl
* extra_info
=
1103 new ResourceRequestInfoImpl(
1107 request_data
.origin_pid
,
1109 request_data
.render_frame_id
,
1110 request_data
.is_main_frame
,
1111 request_data
.parent_is_main_frame
,
1112 request_data
.parent_render_frame_id
,
1113 request_data
.resource_type
,
1114 request_data
.transition_type
,
1115 request_data
.should_replace_current_entry
,
1116 false, // is download
1119 request_data
.has_user_gesture
,
1120 request_data
.enable_load_timing
,
1121 request_data
.referrer_policy
,
1122 request_data
.visiblity_state
,
1124 filter_
->GetWeakPtr(),
1126 // Request takes ownership.
1127 extra_info
->AssociateWithRequest(new_request
.get());
1129 if (new_request
->url().SchemeIs(url::kBlobScheme
)) {
1130 // Hang on to a reference to ensure the blob is not released prior
1131 // to the job being started.
1132 storage::BlobProtocolHandler::SetRequestedBlobDataHandle(
1134 filter_
->blob_storage_context()->context()->GetBlobDataFromPublicURL(
1135 new_request
->url()));
1138 // Initialize the service worker handler for the request.
1139 ServiceWorkerRequestHandler::InitializeHandler(
1141 filter_
->service_worker_context(),
1144 request_data
.service_worker_provider_id
,
1145 request_data
.resource_type
,
1146 request_data
.request_body
);
1148 // Have the appcache associate its extra info with the request.
1149 AppCacheInterceptor::SetExtraRequestInfo(
1150 new_request
.get(), filter_
->appcache_service(), child_id
,
1151 request_data
.appcache_host_id
, request_data
.resource_type
);
1153 scoped_ptr
<ResourceHandler
> handler(
1154 CreateResourceHandler(
1156 request_data
, sync_result
, route_id
, process_type
, child_id
,
1160 BeginRequestInternal(new_request
.Pass(), handler
.Pass());
1163 scoped_ptr
<ResourceHandler
> ResourceDispatcherHostImpl::CreateResourceHandler(
1164 net::URLRequest
* request
,
1165 const ResourceHostMsg_Request
& request_data
,
1166 IPC::Message
* sync_result
,
1170 ResourceContext
* resource_context
) {
1171 // Construct the IPC resource handler.
1172 scoped_ptr
<ResourceHandler
> handler
;
1174 // download_to_file is not supported for synchronous requests.
1175 if (request_data
.download_to_file
) {
1176 RecordAction(base::UserMetricsAction("BadMessageTerminate_RDH"));
1177 filter_
->BadMessageReceived();
1178 return scoped_ptr
<ResourceHandler
>();
1181 handler
.reset(new SyncResourceHandler(request
, sync_result
, this));
1183 handler
.reset(new AsyncResourceHandler(request
, this));
1185 // The RedirectToFileResourceHandler depends on being next in the chain.
1186 if (request_data
.download_to_file
) {
1188 new RedirectToFileResourceHandler(handler
.Pass(), request
));
1192 // Prefetches and <a ping> requests outlive their child process.
1193 if (!sync_result
&& IsDetachableResourceType(request_data
.resource_type
)) {
1194 handler
.reset(new DetachableResourceHandler(
1196 base::TimeDelta::FromMilliseconds(kDefaultDetachableCancelDelayMs
),
1200 // Install a CrossSiteResourceHandler for all main frame requests. This will
1201 // let us check whether a transfer is required and pause for the unload
1202 // handler either if so or if a cross-process navigation is already under way.
1203 bool is_swappable_navigation
=
1204 request_data
.resource_type
== RESOURCE_TYPE_MAIN_FRAME
;
1205 // If we are using --site-per-process, install it for subframes as well.
1206 if (!is_swappable_navigation
&&
1207 base::CommandLine::ForCurrentProcess()->HasSwitch(
1208 switches::kSitePerProcess
)) {
1209 is_swappable_navigation
=
1210 request_data
.resource_type
== RESOURCE_TYPE_SUB_FRAME
;
1212 if (is_swappable_navigation
&& process_type
== PROCESS_TYPE_RENDERER
)
1213 handler
.reset(new CrossSiteResourceHandler(handler
.Pass(), request
));
1215 // Insert a buffered event handler before the actual one.
1217 new BufferedResourceHandler(handler
.Pass(), this, request
));
1219 ScopedVector
<ResourceThrottle
> throttles
;
1221 delegate_
->RequestBeginning(request
,
1223 filter_
->appcache_service(),
1224 request_data
.resource_type
,
1228 if (request
->has_upload()) {
1229 // Block power save while uploading data.
1230 throttles
.push_back(new PowerSaveBlockResourceThrottle());
1233 throttles
.push_back(
1234 scheduler_
->ScheduleRequest(child_id
, route_id
, request
).release());
1237 new ThrottlingResourceHandler(handler
.Pass(), request
, throttles
.Pass()));
1239 return handler
.Pass();
1242 void ResourceDispatcherHostImpl::OnReleaseDownloadedFile(int request_id
) {
1243 UnregisterDownloadedTempFile(filter_
->child_id(), request_id
);
1246 void ResourceDispatcherHostImpl::OnDataDownloadedACK(int request_id
) {
1247 // TODO(michaeln): maybe throttle DataDownloaded messages
1250 void ResourceDispatcherHostImpl::RegisterDownloadedTempFile(
1251 int child_id
, int request_id
, const base::FilePath
& file_path
) {
1252 scoped_refptr
<ShareableFileReference
> reference
=
1253 ShareableFileReference::Get(file_path
);
1254 DCHECK(reference
.get());
1256 registered_temp_files_
[child_id
][request_id
] = reference
;
1257 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
1258 child_id
, reference
->path());
1260 // When the temp file is deleted, revoke permissions that the renderer has
1261 // to that file. This covers an edge case where the file is deleted and then
1262 // the same name is re-used for some other purpose, we don't want the old
1263 // renderer to still have access to it.
1265 // We do this when the file is deleted because the renderer can take a blob
1266 // reference to the temp file that outlives the url loaded that it was
1267 // loaded with to keep the file (and permissions) alive.
1268 reference
->AddFinalReleaseCallback(
1269 base::Bind(&RemoveDownloadFileFromChildSecurityPolicy
,
1273 void ResourceDispatcherHostImpl::UnregisterDownloadedTempFile(
1274 int child_id
, int request_id
) {
1275 DeletableFilesMap
& map
= registered_temp_files_
[child_id
];
1276 DeletableFilesMap::iterator found
= map
.find(request_id
);
1277 if (found
== map
.end())
1282 // Note that we don't remove the security bits here. This will be done
1283 // when all file refs are deleted (see RegisterDownloadedTempFile).
1286 bool ResourceDispatcherHostImpl::Send(IPC::Message
* message
) {
1291 void ResourceDispatcherHostImpl::OnUploadProgressACK(int request_id
) {
1292 ResourceLoader
* loader
= GetLoader(filter_
->child_id(), request_id
);
1294 loader
->OnUploadProgressACK();
1297 // Note that this cancel is subtly different from the other
1298 // CancelRequest methods in this file, which also tear down the loader.
1299 void ResourceDispatcherHostImpl::OnCancelRequest(int request_id
) {
1300 int child_id
= filter_
->child_id();
1302 // When the old renderer dies, it sends a message to us to cancel its
1304 if (IsTransferredNavigation(GlobalRequestID(child_id
, request_id
)))
1307 ResourceLoader
* loader
= GetLoader(child_id
, request_id
);
1309 // We probably want to remove this warning eventually, but I wanted to be
1310 // able to notice when this happens during initial development since it
1311 // should be rare and may indicate a bug.
1312 DVLOG(1) << "Canceling a request that wasn't found";
1316 loader
->CancelRequest(true);
1319 ResourceRequestInfoImpl
* ResourceDispatcherHostImpl::CreateRequestInfo(
1323 ResourceContext
* context
) {
1324 return new ResourceRequestInfoImpl(
1325 PROCESS_TYPE_RENDERER
,
1330 MSG_ROUTING_NONE
, // render_frame_id
1331 false, // is_main_frame
1332 false, // parent_is_main_frame
1333 -1, // parent_render_frame_id
1334 RESOURCE_TYPE_SUB_RESOURCE
,
1335 PAGE_TRANSITION_LINK
,
1336 false, // should_replace_current_entry
1337 download
, // is_download
1339 download
, // allow_download
1340 false, // has_user_gesture
1341 false, // enable_load_timing
1342 blink::WebReferrerPolicyDefault
,
1343 blink::WebPageVisibilityStateVisible
,
1345 base::WeakPtr
<ResourceMessageFilter
>(), // filter
1349 void ResourceDispatcherHostImpl::OnRenderViewHostCreated(
1353 scheduler_
->OnClientCreated(child_id
, route_id
, is_visible
);
1356 void ResourceDispatcherHostImpl::OnRenderViewHostDeleted(
1359 scheduler_
->OnClientDeleted(child_id
, route_id
);
1360 CancelRequestsForRoute(child_id
, route_id
);
1363 void ResourceDispatcherHostImpl::OnRenderViewHostWasHidden(
1366 scheduler_
->OnVisibilityChanged(child_id
, route_id
, false);
1369 void ResourceDispatcherHostImpl::OnRenderViewHostWasShown(
1372 scheduler_
->OnVisibilityChanged(child_id
, route_id
, true);
1375 // This function is only used for saving feature.
1376 void ResourceDispatcherHostImpl::BeginSaveFile(
1378 const Referrer
& referrer
,
1381 ResourceContext
* context
) {
1385 // http://crbug.com/90971
1387 base::strlcpy(url_buf
, url
.spec().c_str(), arraysize(url_buf
));
1388 base::debug::Alias(url_buf
);
1389 CHECK(ContainsKey(active_resource_contexts_
, context
));
1393 const net::URLRequestContext
* request_context
= context
->GetRequestContext();
1395 request_context
->job_factory()->IsHandledURL(url
);
1397 // Since any URLs which have non-standard scheme have been filtered
1398 // by save manager(see GURL::SchemeIsStandard). This situation
1399 // should not happen.
1404 net::CookieStore
* cookie_store
=
1405 GetContentClient()->browser()->OverrideCookieStoreForRenderProcess(
1407 scoped_ptr
<net::URLRequest
> request(
1408 request_context
->CreateRequest(url
, net::DEFAULT_PRIORITY
, NULL
,
1411 request
->set_method("GET");
1412 SetReferrerForRequest(request
.get(), referrer
);
1414 // So far, for saving page, we need fetch content from cache, in the
1415 // future, maybe we can use a configuration to configure this behavior.
1416 request
->SetLoadFlags(net::LOAD_PREFERRING_CACHE
);
1418 // Since we're just saving some resources we need, disallow downloading.
1419 ResourceRequestInfoImpl
* extra_info
=
1420 CreateRequestInfo(child_id
, route_id
, false, context
);
1421 extra_info
->AssociateWithRequest(request
.get()); // Request takes ownership.
1423 scoped_ptr
<ResourceHandler
> handler(
1424 new SaveFileResourceHandler(request
.get(),
1428 save_file_manager_
.get()));
1430 BeginRequestInternal(request
.Pass(), handler
.Pass());
1433 void ResourceDispatcherHostImpl::MarkAsTransferredNavigation(
1434 const GlobalRequestID
& id
) {
1435 GetLoader(id
)->MarkAsTransferring();
1438 void ResourceDispatcherHostImpl::CancelTransferringNavigation(
1439 const GlobalRequestID
& id
) {
1440 // Request should still exist and be in the middle of a transfer.
1441 DCHECK(IsTransferredNavigation(id
));
1442 RemovePendingRequest(id
.child_id
, id
.request_id
);
1445 void ResourceDispatcherHostImpl::ResumeDeferredNavigation(
1446 const GlobalRequestID
& id
) {
1447 ResourceLoader
* loader
= GetLoader(id
);
1448 // The response we were meant to resume could have already been canceled.
1450 loader
->CompleteTransfer();
1453 // The object died, so cancel and detach all requests associated with it except
1454 // for downloads and detachable resources, which belong to the browser process
1455 // even if initiated via a renderer.
1456 void ResourceDispatcherHostImpl::CancelRequestsForProcess(int child_id
) {
1457 CancelRequestsForRoute(child_id
, -1 /* cancel all */);
1458 registered_temp_files_
.erase(child_id
);
1461 void ResourceDispatcherHostImpl::CancelRequestsForRoute(int child_id
,
1463 // Since pending_requests_ is a map, we first build up a list of all of the
1464 // matching requests to be cancelled, and then we cancel them. Since there
1465 // may be more than one request to cancel, we cannot simply hold onto the map
1466 // iterators found in the first loop.
1468 // Find the global ID of all matching elements.
1469 bool any_requests_transferring
= false;
1470 std::vector
<GlobalRequestID
> matching_requests
;
1471 for (LoaderMap::const_iterator i
= pending_loaders_
.begin();
1472 i
!= pending_loaders_
.end(); ++i
) {
1473 if (i
->first
.child_id
!= child_id
)
1476 ResourceRequestInfoImpl
* info
= i
->second
->GetRequestInfo();
1478 GlobalRequestID
id(child_id
, i
->first
.request_id
);
1479 DCHECK(id
== i
->first
);
1480 // Don't cancel navigations that are expected to live beyond this process.
1481 if (IsTransferredNavigation(id
))
1482 any_requests_transferring
= true;
1483 if (info
->detachable_handler()) {
1484 info
->detachable_handler()->Detach();
1485 } else if (!info
->IsDownload() && !info
->is_stream() &&
1486 !IsTransferredNavigation(id
) &&
1487 (route_id
== -1 || route_id
== info
->GetRouteID())) {
1488 matching_requests
.push_back(id
);
1493 for (size_t i
= 0; i
< matching_requests
.size(); ++i
) {
1494 LoaderMap::iterator iter
= pending_loaders_
.find(matching_requests
[i
]);
1495 // Although every matching request was in pending_requests_ when we built
1496 // matching_requests, it is normal for a matching request to be not found
1497 // in pending_requests_ after we have removed some matching requests from
1498 // pending_requests_. For example, deleting a net::URLRequest that has
1499 // exclusive (write) access to an HTTP cache entry may unblock another
1500 // net::URLRequest that needs exclusive access to the same cache entry, and
1501 // that net::URLRequest may complete and remove itself from
1502 // pending_requests_. So we need to check that iter is not equal to
1503 // pending_requests_.end().
1504 if (iter
!= pending_loaders_
.end())
1505 RemovePendingLoader(iter
);
1508 // Don't clear the blocked loaders or offline policy maps if any of the
1509 // requests in route_id are being transferred to a new process, since those
1510 // maps will be updated with the new route_id after the transfer. Otherwise
1511 // we will lose track of this info when the old route goes away, before the
1512 // new one is created.
1513 if (any_requests_transferring
)
1516 // Now deal with blocked requests if any.
1517 if (route_id
!= -1) {
1518 if (blocked_loaders_map_
.find(GlobalRoutingID(child_id
, route_id
)) !=
1519 blocked_loaders_map_
.end()) {
1520 CancelBlockedRequestsForRoute(child_id
, route_id
);
1523 // We have to do all render views for the process |child_id|.
1524 // Note that we have to do this in 2 passes as we cannot call
1525 // CancelBlockedRequestsForRoute while iterating over
1526 // blocked_loaders_map_, as it modifies it.
1527 std::set
<int> route_ids
;
1528 for (BlockedLoadersMap::const_iterator iter
= blocked_loaders_map_
.begin();
1529 iter
!= blocked_loaders_map_
.end(); ++iter
) {
1530 if (iter
->first
.child_id
== child_id
)
1531 route_ids
.insert(iter
->first
.route_id
);
1533 for (std::set
<int>::const_iterator iter
= route_ids
.begin();
1534 iter
!= route_ids
.end(); ++iter
) {
1535 CancelBlockedRequestsForRoute(child_id
, *iter
);
1540 // Cancels the request and removes it from the list.
1541 void ResourceDispatcherHostImpl::RemovePendingRequest(int child_id
,
1543 LoaderMap::iterator i
= pending_loaders_
.find(
1544 GlobalRequestID(child_id
, request_id
));
1545 if (i
== pending_loaders_
.end()) {
1546 NOTREACHED() << "Trying to remove a request that's not here";
1549 RemovePendingLoader(i
);
1552 void ResourceDispatcherHostImpl::RemovePendingLoader(
1553 const LoaderMap::iterator
& iter
) {
1554 ResourceRequestInfoImpl
* info
= iter
->second
->GetRequestInfo();
1556 // Remove the memory credit that we added when pushing the request onto
1557 // the pending list.
1558 IncrementOutstandingRequestsMemory(-1, *info
);
1560 pending_loaders_
.erase(iter
);
1562 // If we have no more pending requests, then stop the load state monitor
1563 if (pending_loaders_
.empty() && update_load_states_timer_
)
1564 update_load_states_timer_
->Stop();
1567 void ResourceDispatcherHostImpl::CancelRequest(int child_id
,
1569 ResourceLoader
* loader
= GetLoader(child_id
, request_id
);
1571 // We probably want to remove this warning eventually, but I wanted to be
1572 // able to notice when this happens during initial development since it
1573 // should be rare and may indicate a bug.
1574 DVLOG(1) << "Canceling a request that wasn't found";
1578 RemovePendingRequest(child_id
, request_id
);
1581 ResourceDispatcherHostImpl::OustandingRequestsStats
1582 ResourceDispatcherHostImpl::GetOutstandingRequestsStats(
1583 const ResourceRequestInfoImpl
& info
) {
1584 OutstandingRequestsStatsMap::iterator entry
=
1585 outstanding_requests_stats_map_
.find(info
.GetChildID());
1586 OustandingRequestsStats stats
= { 0, 0 };
1587 if (entry
!= outstanding_requests_stats_map_
.end())
1588 stats
= entry
->second
;
1592 void ResourceDispatcherHostImpl::UpdateOutstandingRequestsStats(
1593 const ResourceRequestInfoImpl
& info
,
1594 const OustandingRequestsStats
& stats
) {
1595 if (stats
.memory_cost
== 0 && stats
.num_requests
== 0)
1596 outstanding_requests_stats_map_
.erase(info
.GetChildID());
1598 outstanding_requests_stats_map_
[info
.GetChildID()] = stats
;
1601 ResourceDispatcherHostImpl::OustandingRequestsStats
1602 ResourceDispatcherHostImpl::IncrementOutstandingRequestsMemory(
1604 const ResourceRequestInfoImpl
& info
) {
1605 DCHECK_EQ(1, abs(count
));
1607 // Retrieve the previous value (defaulting to 0 if not found).
1608 OustandingRequestsStats stats
= GetOutstandingRequestsStats(info
);
1610 // Insert/update the total; delete entries when their count reaches 0.
1611 stats
.memory_cost
+= count
* info
.memory_cost();
1612 DCHECK_GE(stats
.memory_cost
, 0);
1613 UpdateOutstandingRequestsStats(info
, stats
);
1618 ResourceDispatcherHostImpl::OustandingRequestsStats
1619 ResourceDispatcherHostImpl::IncrementOutstandingRequestsCount(
1621 const ResourceRequestInfoImpl
& info
) {
1622 DCHECK_EQ(1, abs(count
));
1623 num_in_flight_requests_
+= count
;
1625 OustandingRequestsStats stats
= GetOutstandingRequestsStats(info
);
1626 stats
.num_requests
+= count
;
1627 DCHECK_GE(stats
.num_requests
, 0);
1628 UpdateOutstandingRequestsStats(info
, stats
);
1633 bool ResourceDispatcherHostImpl::HasSufficientResourcesForRequest(
1634 const net::URLRequest
* request_
) {
1635 const ResourceRequestInfoImpl
* info
=
1636 ResourceRequestInfoImpl::ForRequest(request_
);
1637 OustandingRequestsStats stats
= IncrementOutstandingRequestsCount(1, *info
);
1639 if (stats
.num_requests
> max_num_in_flight_requests_per_process_
)
1641 if (num_in_flight_requests_
> max_num_in_flight_requests_
)
1647 void ResourceDispatcherHostImpl::FinishedWithResourcesForRequest(
1648 const net::URLRequest
* request_
) {
1649 const ResourceRequestInfoImpl
* info
=
1650 ResourceRequestInfoImpl::ForRequest(request_
);
1651 IncrementOutstandingRequestsCount(-1, *info
);
1654 void ResourceDispatcherHostImpl::NavigationRequest(
1655 const NavigationRequestInfo
& info
,
1656 scoped_refptr
<ResourceRequestBody
> request_body
,
1657 int64 frame_node_id
) {
1662 int ResourceDispatcherHostImpl::CalculateApproximateMemoryCost(
1663 net::URLRequest
* request
) {
1664 // The following fields should be a minor size contribution (experimentally
1665 // on the order of 100). However since they are variable length, it could
1666 // in theory be a sizeable contribution.
1667 int strings_cost
= request
->extra_request_headers().ToString().size() +
1668 request
->original_url().spec().size() +
1669 request
->referrer().size() +
1670 request
->method().size();
1672 // Note that this expression will typically be dominated by:
1673 // |kAvgBytesPerOutstandingRequest|.
1674 return kAvgBytesPerOutstandingRequest
+ strings_cost
;
1677 void ResourceDispatcherHostImpl::BeginRequestInternal(
1678 scoped_ptr
<net::URLRequest
> request
,
1679 scoped_ptr
<ResourceHandler
> handler
) {
1680 DCHECK(!request
->is_pending());
1681 ResourceRequestInfoImpl
* info
=
1682 ResourceRequestInfoImpl::ForRequest(request
.get());
1684 if ((TimeTicks::Now() - last_user_gesture_time_
) <
1685 TimeDelta::FromMilliseconds(kUserGestureWindowMs
)) {
1686 request
->SetLoadFlags(
1687 request
->load_flags() | net::LOAD_MAYBE_USER_GESTURE
);
1690 // Add the memory estimate that starting this request will consume.
1691 info
->set_memory_cost(CalculateApproximateMemoryCost(request
.get()));
1693 // If enqueing/starting this request will exceed our per-process memory
1694 // bound, abort it right away.
1695 OustandingRequestsStats stats
= IncrementOutstandingRequestsMemory(1, *info
);
1696 if (stats
.memory_cost
> max_outstanding_requests_cost_per_process_
) {
1697 // We call "CancelWithError()" as a way of setting the net::URLRequest's
1698 // status -- it has no effect beyond this, since the request hasn't started.
1699 request
->CancelWithError(net::ERR_INSUFFICIENT_RESOURCES
);
1702 handler
->OnResponseCompleted(request
->status(), std::string(), &defer
);
1704 // TODO(darin): The handler is not ready for us to kill the request. Oops!
1708 IncrementOutstandingRequestsMemory(-1, *info
);
1710 // A ResourceHandler must not outlive its associated URLRequest.
1715 linked_ptr
<ResourceLoader
> loader(
1716 new ResourceLoader(request
.Pass(), handler
.Pass(), this));
1718 GlobalRoutingID
id(info
->GetGlobalRoutingID());
1719 BlockedLoadersMap::const_iterator iter
= blocked_loaders_map_
.find(id
);
1720 if (iter
!= blocked_loaders_map_
.end()) {
1721 // The request should be blocked.
1722 iter
->second
->push_back(loader
);
1726 StartLoading(info
, loader
);
1729 void ResourceDispatcherHostImpl::StartLoading(
1730 ResourceRequestInfoImpl
* info
,
1731 const linked_ptr
<ResourceLoader
>& loader
) {
1732 pending_loaders_
[info
->GetGlobalRequestID()] = loader
;
1734 loader
->StartRequest();
1737 void ResourceDispatcherHostImpl::OnUserGesture(WebContentsImpl
* contents
) {
1738 last_user_gesture_time_
= TimeTicks::Now();
1741 net::URLRequest
* ResourceDispatcherHostImpl::GetURLRequest(
1742 const GlobalRequestID
& id
) {
1743 ResourceLoader
* loader
= GetLoader(id
);
1747 return loader
->request();
1752 // This function attempts to return the "more interesting" load state of |a|
1753 // and |b|. We don't have temporal information about these load states
1754 // (meaning we don't know when we transitioned into these states), so we just
1755 // rank them according to how "interesting" the states are.
1757 // We take advantage of the fact that the load states are an enumeration listed
1758 // in the order in which they occur during the lifetime of a request, so we can
1759 // regard states with larger numeric values as being further along toward
1760 // completion. We regard those states as more interesting to report since they
1761 // represent progress.
1763 // For example, by this measure "tranferring data" is a more interesting state
1764 // than "resolving host" because when we are transferring data we are actually
1765 // doing something that corresponds to changes that the user might observe,
1766 // whereas waiting for a host name to resolve implies being stuck.
1768 const net::LoadStateWithParam
& MoreInterestingLoadState(
1769 const net::LoadStateWithParam
& a
, const net::LoadStateWithParam
& b
) {
1770 return (a
.state
< b
.state
) ? b
: a
;
1773 // Carries information about a load state change.
1776 net::LoadStateWithParam load_state
;
1777 uint64 upload_position
;
1781 // Map from ProcessID+RouteID pair to LoadState
1782 typedef std::map
<GlobalRoutingID
, LoadInfo
> LoadInfoMap
;
1784 // Used to marshal calls to LoadStateChanged from the IO to UI threads. We do
1785 // them all as a single callback to avoid spamming the UI thread.
1786 void LoadInfoUpdateCallback(const LoadInfoMap
& info_map
) {
1787 LoadInfoMap::const_iterator i
;
1788 for (i
= info_map
.begin(); i
!= info_map
.end(); ++i
) {
1789 RenderViewHostImpl
* view
=
1790 RenderViewHostImpl::FromID(i
->first
.child_id
, i
->first
.route_id
);
1791 if (view
) // The view could be gone at this point.
1792 view
->LoadStateChanged(i
->second
.url
, i
->second
.load_state
,
1793 i
->second
.upload_position
,
1794 i
->second
.upload_size
);
1800 void ResourceDispatcherHostImpl::UpdateLoadStates() {
1801 // Populate this map with load state changes, and then send them on to the UI
1802 // thread where they can be passed along to the respective RVHs.
1803 LoadInfoMap info_map
;
1805 LoaderMap::const_iterator i
;
1807 // Determine the largest upload size of all requests
1808 // in each View (good chance it's zero).
1809 std::map
<GlobalRoutingID
, uint64
> largest_upload_size
;
1810 for (i
= pending_loaders_
.begin(); i
!= pending_loaders_
.end(); ++i
) {
1811 net::URLRequest
* request
= i
->second
->request();
1812 ResourceRequestInfoImpl
* info
= i
->second
->GetRequestInfo();
1813 uint64 upload_size
= request
->GetUploadProgress().size();
1814 if (request
->GetLoadState().state
!= net::LOAD_STATE_SENDING_REQUEST
)
1816 GlobalRoutingID
id(info
->GetGlobalRoutingID());
1817 if (upload_size
&& largest_upload_size
[id
] < upload_size
)
1818 largest_upload_size
[id
] = upload_size
;
1821 for (i
= pending_loaders_
.begin(); i
!= pending_loaders_
.end(); ++i
) {
1822 net::URLRequest
* request
= i
->second
->request();
1823 ResourceRequestInfoImpl
* info
= i
->second
->GetRequestInfo();
1824 net::LoadStateWithParam load_state
= request
->GetLoadState();
1825 net::UploadProgress progress
= request
->GetUploadProgress();
1827 // We also poll for upload progress on this timer and send upload
1828 // progress ipc messages to the plugin process.
1829 i
->second
->ReportUploadProgress();
1831 GlobalRoutingID
id(info
->GetGlobalRoutingID());
1833 // If a request is uploading data, ignore all other requests so that the
1834 // upload progress takes priority for being shown in the status bar.
1835 if (largest_upload_size
.find(id
) != largest_upload_size
.end() &&
1836 progress
.size() < largest_upload_size
[id
])
1839 net::LoadStateWithParam to_insert
= load_state
;
1840 LoadInfoMap::iterator existing
= info_map
.find(id
);
1841 if (existing
!= info_map
.end()) {
1843 MoreInterestingLoadState(existing
->second
.load_state
, load_state
);
1844 if (to_insert
.state
== existing
->second
.load_state
.state
)
1847 LoadInfo
& load_info
= info_map
[id
];
1848 load_info
.url
= request
->url();
1849 load_info
.load_state
= to_insert
;
1850 load_info
.upload_size
= progress
.size();
1851 load_info
.upload_position
= progress
.position();
1854 if (info_map
.empty())
1857 BrowserThread::PostTask(
1858 BrowserThread::UI
, FROM_HERE
,
1859 base::Bind(&LoadInfoUpdateCallback
, info_map
));
1862 void ResourceDispatcherHostImpl::BlockRequestsForRoute(int child_id
,
1864 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
1865 GlobalRoutingID
key(child_id
, route_id
);
1866 DCHECK(blocked_loaders_map_
.find(key
) == blocked_loaders_map_
.end()) <<
1867 "BlockRequestsForRoute called multiple time for the same RVH";
1868 blocked_loaders_map_
[key
] = new BlockedLoadersList();
1871 void ResourceDispatcherHostImpl::ResumeBlockedRequestsForRoute(int child_id
,
1873 ProcessBlockedRequestsForRoute(child_id
, route_id
, false);
1876 void ResourceDispatcherHostImpl::CancelBlockedRequestsForRoute(int child_id
,
1878 ProcessBlockedRequestsForRoute(child_id
, route_id
, true);
1881 void ResourceDispatcherHostImpl::ProcessBlockedRequestsForRoute(
1884 bool cancel_requests
) {
1885 BlockedLoadersMap::iterator iter
= blocked_loaders_map_
.find(
1886 GlobalRoutingID(child_id
, route_id
));
1887 if (iter
== blocked_loaders_map_
.end()) {
1888 // It's possible to reach here if the renderer crashed while an interstitial
1889 // page was showing.
1893 BlockedLoadersList
* loaders
= iter
->second
;
1895 // Removing the vector from the map unblocks any subsequent requests.
1896 blocked_loaders_map_
.erase(iter
);
1898 for (BlockedLoadersList::iterator loaders_iter
= loaders
->begin();
1899 loaders_iter
!= loaders
->end(); ++loaders_iter
) {
1900 linked_ptr
<ResourceLoader
> loader
= *loaders_iter
;
1901 ResourceRequestInfoImpl
* info
= loader
->GetRequestInfo();
1902 if (cancel_requests
) {
1903 IncrementOutstandingRequestsMemory(-1, *info
);
1905 StartLoading(info
, loader
);
1912 ResourceDispatcherHostImpl::HttpAuthRelationType
1913 ResourceDispatcherHostImpl::HttpAuthRelationTypeOf(
1914 const GURL
& request_url
,
1915 const GURL
& first_party
) {
1916 if (!first_party
.is_valid())
1917 return HTTP_AUTH_RELATION_TOP
;
1919 if (net::registry_controlled_domains::SameDomainOrHost(
1920 first_party
, request_url
,
1921 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES
))
1922 return HTTP_AUTH_RELATION_SAME_DOMAIN
;
1924 if (allow_cross_origin_auth_prompt())
1925 return HTTP_AUTH_RELATION_ALLOWED_CROSS
;
1927 return HTTP_AUTH_RELATION_BLOCKED_CROSS
;
1930 bool ResourceDispatcherHostImpl::allow_cross_origin_auth_prompt() {
1931 return allow_cross_origin_auth_prompt_
;
1934 bool ResourceDispatcherHostImpl::IsTransferredNavigation(
1935 const GlobalRequestID
& id
) const {
1936 ResourceLoader
* loader
= GetLoader(id
);
1937 return loader
? loader
->is_transferring() : false;
1940 ResourceLoader
* ResourceDispatcherHostImpl::GetLoader(
1941 const GlobalRequestID
& id
) const {
1942 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO
));
1944 LoaderMap::const_iterator i
= pending_loaders_
.find(id
);
1945 if (i
== pending_loaders_
.end())
1948 return i
->second
.get();
1951 ResourceLoader
* ResourceDispatcherHostImpl::GetLoader(int child_id
,
1952 int request_id
) const {
1953 return GetLoader(GlobalRequestID(child_id
, request_id
));
1956 void ResourceDispatcherHostImpl::RegisterResourceMessageDelegate(
1957 const GlobalRequestID
& id
, ResourceMessageDelegate
* delegate
) {
1958 DelegateMap::iterator it
= delegate_map_
.find(id
);
1959 if (it
== delegate_map_
.end()) {
1960 it
= delegate_map_
.insert(
1961 std::make_pair(id
, new ObserverList
<ResourceMessageDelegate
>)).first
;
1963 it
->second
->AddObserver(delegate
);
1966 void ResourceDispatcherHostImpl::UnregisterResourceMessageDelegate(
1967 const GlobalRequestID
& id
, ResourceMessageDelegate
* delegate
) {
1968 DCHECK(ContainsKey(delegate_map_
, id
));
1969 DelegateMap::iterator it
= delegate_map_
.find(id
);
1970 DCHECK(it
->second
->HasObserver(delegate
));
1971 it
->second
->RemoveObserver(delegate
);
1972 if (!it
->second
->might_have_observers()) {
1974 delegate_map_
.erase(it
);
1978 int ResourceDispatcherHostImpl::BuildLoadFlagsForRequest(
1979 const ResourceHostMsg_Request
& request_data
,
1981 bool is_sync_load
) {
1982 int load_flags
= request_data
.load_flags
;
1984 // Although EV status is irrelevant to sub-frames and sub-resources, we have
1985 // to perform EV certificate verification on all resources because an HTTP
1986 // keep-alive connection created to load a sub-frame or a sub-resource could
1987 // be reused to load a main frame.
1988 load_flags
|= net::LOAD_VERIFY_EV_CERT
;
1989 if (request_data
.resource_type
== RESOURCE_TYPE_MAIN_FRAME
) {
1990 load_flags
|= net::LOAD_MAIN_FRAME
;
1991 } else if (request_data
.resource_type
== RESOURCE_TYPE_SUB_FRAME
) {
1992 load_flags
|= net::LOAD_SUB_FRAME
;
1993 } else if (request_data
.resource_type
== RESOURCE_TYPE_PREFETCH
) {
1994 load_flags
|= (net::LOAD_PREFETCH
| net::LOAD_DO_NOT_PROMPT_FOR_LOGIN
);
1995 } else if (request_data
.resource_type
== RESOURCE_TYPE_FAVICON
) {
1996 load_flags
|= net::LOAD_DO_NOT_PROMPT_FOR_LOGIN
;
1997 } else if (request_data
.resource_type
== RESOURCE_TYPE_IMAGE
) {
1998 // Prevent third-party image content from prompting for login, as this
1999 // is often a scam to extract credentials for another domain from the user.
2000 // Only block image loads, as the attack applies largely to the "src"
2001 // property of the <img> tag. It is common for web properties to allow
2002 // untrusted values for <img src>; this is considered a fair thing for an
2003 // HTML sanitizer to do. Conversely, any HTML sanitizer that didn't
2004 // filter sources for <script>, <link>, <embed>, <object>, <iframe> tags
2005 // would be considered vulnerable in and of itself.
2006 HttpAuthRelationType relation_type
= HttpAuthRelationTypeOf(
2007 request_data
.url
, request_data
.first_party_for_cookies
);
2008 if (relation_type
== HTTP_AUTH_RELATION_BLOCKED_CROSS
) {
2009 load_flags
|= (net::LOAD_DO_NOT_USE_EMBEDDED_IDENTITY
|
2010 net::LOAD_DO_NOT_PROMPT_FOR_LOGIN
);
2015 load_flags
|= net::LOAD_IGNORE_LIMITS
;
2017 ChildProcessSecurityPolicyImpl
* policy
=
2018 ChildProcessSecurityPolicyImpl::GetInstance();
2019 if (!policy
->CanSendCookiesForOrigin(child_id
, request_data
.url
)) {
2020 load_flags
|= (net::LOAD_DO_NOT_SEND_COOKIES
|
2021 net::LOAD_DO_NOT_SEND_AUTH_DATA
|
2022 net::LOAD_DO_NOT_SAVE_COOKIES
);
2025 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only
2026 // allow requesting them if requester has ReadRawCookies permission.
2027 if ((load_flags
& net::LOAD_REPORT_RAW_HEADERS
)
2028 && !policy
->CanReadRawCookies(child_id
)) {
2029 VLOG(1) << "Denied unauthorized request for raw headers";
2030 load_flags
&= ~net::LOAD_REPORT_RAW_HEADERS
;
2033 // Add a flag to selectively bypass the data reduction proxy if the resource
2034 // type is not an image.
2035 if (request_data
.resource_type
!= RESOURCE_TYPE_IMAGE
)
2036 load_flags
|= net::LOAD_BYPASS_DATA_REDUCTION_PROXY
;
2041 } // namespace content