[chromium-blink-merge.git] / third_party / WebKit / Source / core / xmlhttprequest / XMLHttpRequest.cpp
| blob | 7e5e8ef292b0cdce0a6fcd28d3c14b48ba903465 |
1 /*
2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved.
3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org>
4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org>
5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved.
6 * Copyright (C) 2012 Intel Corporation
7 *
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2 of the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
21 */
82 // This class protects the wrapper of the associated XMLHttpRequest object
83 // via hasPendingActivity method which returns true if
84 // m_eventDispatchRecursionLevel is positive.
88 {
90 }
92 {
95 }
99 };
102 {
104 }
107 {
113 // When no charset found, do nothing.
115 }
117 // Found at least one existing charset, replace all occurrences with new charset.
122 }
123 }
126 {
129 // FIXME: It's not good to report the bad usage without indicating what source line it came from.
130 // We should pass additional parameters so we can tell the console where the mistake occurred.
131 context->addConsoleMessage(ConsoleMessage::create(JSMessageSource, ErrorMessageLevel, message));
132 }
136 class XMLHttpRequest::BlobLoader final : public GarbageCollectedFinalized<XMLHttpRequest::BlobLoader>, public FileReaderLoaderClient {
139 {
141 }
143 // FileReaderLoaderClient functions.
146 {
149 }
151 {
153 }
155 {
157 }
160 {
162 }
165 {
167 }
173 {
175 }
178 FileReaderLoader m_loader;
179 };
182 {
185 RefPtr<SecurityOrigin> securityOrigin = world.isIsolatedWorld() ? world.isolatedWorldSecurityOrigin() : nullptr;
190 }
193 {
198 }
200 XMLHttpRequest::XMLHttpRequest(ExecutionContext* context, PassRefPtr<SecurityOrigin> securityOrigin)
220 {
221 #if ENABLE(ASSERT) && !ENABLE(OILPAN)
222 // Verify that this object was allocated on the 'eager' heap.
223 // (this check comes 'for free' with Oilpan enabled.)
225 #endif
226 }
229 {
230 }
233 {
236 }
239 {
241 }
244 {
246 }
249 {
251 exceptionState.throwDOMException(InvalidStateError, "The value is only accessible if the object's 'responseType' is '' or 'text' (was '" + responseType() + "').");
253 }
257 }
260 {
266 }
269 {
270 // The W3C spec requires the final MIME type to be some valid XML type, or text/html.
271 // If it is text/html, then the responseType of "document" must have been supplied explicitly.
278 }
283 else
286 // FIXME: Set Last-Modified.
290 }
293 {
295 exceptionState.throwDOMException(InvalidStateError, "The value is only accessible if the object's 'responseType' is '' or 'document' (was '" + responseType() + "').");
297 }
312 }
315 }
318 {
321 // We always return null before DONE.
329 // When responseType is set to "blob", we redirect the downloaded
330 // data to a file-handle directly in the browser process. We get
331 // the file-path from the ResourceResponse directly instead of
332 // copying the bytes between the browser and the renderer.
342 }
344 }
345 }
348 }
351 {
359 RefPtr<DOMArrayBuffer> buffer = DOMArrayBuffer::createUninitialized(m_binaryResponseBuilder->size(), 1);
361 // m_binaryResponseBuilder failed to allocate an ArrayBuffer.
362 // We need to crash the renderer since there's no way defined in
363 // the spec to tell this to the user.
365 }
370 }
371 }
374 }
377 {
384 }
387 {
388 // FIXME: Need to trigger or update the timeout Timer here, if needed. http://webkit.org/b/98156
389 // XHR2 spec, 4.7.3. "This implies that the timeout attribute can be set while fetching is in progress. If that occurs it will still be measured relative to the start of fetching."
391 exceptionState.throwDOMException(InvalidAccessError, "Timeouts cannot be set for synchronous requests made from a document.");
393 }
397 // From http://www.w3.org/TR/XMLHttpRequest/#the-timeout-attribute:
398 // Note: This implies that the timeout attribute can be set while fetching is in progress. If
399 // that occurs it will still be measured relative to the start of fetching.
400 //
401 // The timeout may be overridden after send.
404 }
406 void XMLHttpRequest::setResponseType(const String& responseType, ExceptionState& exceptionState)
407 {
409 exceptionState.throwDOMException(InvalidStateError, "The response type cannot be set if the object's state is LOADING or DONE.");
411 }
413 // Newer functionality is not available to synchronous requests in window contexts, as a spec-mandated
414 // attempt to discourage synchronous XHR use. responseType is one such piece of functionality.
416 exceptionState.throwDOMException(InvalidAccessError, "The response type cannot be changed for synchronous requests made from a document.");
418 }
435 else
439 }
440 }
443 {
459 }
461 }
464 {
469 }
472 {
476 }
479 {
485 // Dispatch a readystatechange event because many applications use
486 // it to track progress although this is not specified.
487 //
488 // FIXME: Stop dispatching this event for progress tracking.
490 }
493 }
496 {
500 }
501 }
504 {
508 // We need this protection because dispatchReadyStateChangeEvent may
509 // dispatch multiple events.
512 TRACE_EVENT1("devtools.timeline", "XHRReadyStateChange", "data", InspectorXhrReadyStateChangeEvent::data(executionContext(), this));
513 XMLHttpRequestProgressEventThrottle::DeferredEventAction action = XMLHttpRequestProgressEventThrottle::Ignore;
517 else
519 }
520 m_progressEventThrottle->dispatchReadyStateChangeEvent(Event::create(EventTypeNames::readystatechange), action);
521 TRACE_EVENT_INSTANT1(TRACE_DISABLED_BY_DEFAULT("devtools.timeline"), "UpdateCounters", TRACE_EVENT_SCOPE_THREAD, "data", InspectorUpdateCountersEvent::data());
522 }
525 TRACE_EVENT1("devtools.timeline", "XHRLoad", "data", InspectorXhrLoadEvent::data(executionContext(), this));
528 TRACE_EVENT_INSTANT1(TRACE_DISABLED_BY_DEFAULT("devtools.timeline"), "UpdateCounters", TRACE_EVENT_SCOPE_THREAD, "data", InspectorUpdateCountersEvent::data());
529 }
530 }
533 {
535 exceptionState.throwDOMException(InvalidStateError, "The value may only be set if the object's state is UNSENT or OPENED.");
537 }
539 // FIXME: According to XMLHttpRequest Level 2 we should throw InvalidAccessError exception here.
540 // However for time being only print warning message to warn web developers.
545 }
547 void XMLHttpRequest::open(const AtomicString& method, const String& urlString, ExceptionState& exceptionState)
548 {
550 }
552 void XMLHttpRequest::open(const AtomicString& method, const String& urlString, bool async, const String& username, const String& password, ExceptionState& exceptionState)
553 {
561 }
563 void XMLHttpRequest::open(const AtomicString& method, const KURL& url, bool async, ExceptionState& exceptionState)
564 {
565 WTF_LOG(Network, "XMLHttpRequest %p open('%s', '%s', %d)", this, method.utf8().data(), url.elidedString().utf8().data(), async);
578 }
583 }
585 if (!ContentSecurityPolicy::shouldBypassMainWorld(executionContext()) && !executionContext()->contentSecurityPolicy()->allowConnectToSource(url)) {
586 // We can safely expose the URL to JavaScript, as these checks happen synchronously before redirection. JavaScript receives no new information.
587 exceptionState.throwSecurityError("Refused to connect to '" + url.elidedString() + "' because it violates the document's Content Security Policy.");
589 }
593 exceptionState.throwDOMException(InvalidAccessError, "Synchronous requests are disabled for this page.");
595 }
597 // Newer functionality is not available to synchronous requests in window contexts, as a spec-mandated
598 // attempt to discourage synchronous XHR use. responseType is one such piece of functionality.
600 exceptionState.throwDOMException(InvalidAccessError, "Synchronous requests from a document must not set a response type.");
602 }
604 // Similarly, timeouts are disabled for synchronous requests as well.
606 exceptionState.throwDOMException(InvalidAccessError, "Synchronous requests must not set a timeout.");
608 }
610 // Here we just warn that firing sync XHR's may affect responsiveness.
611 // Eventually sync xhr will be deprecated and an "InvalidAccessError" exception thrown.
612 // Refer : https://xhr.spec.whatwg.org/#sync-warning
613 // Use count for XHR synchronous requests on main thread only.
615 UseCounter::countDeprecation(executionContext(), UseCounter::XMLHttpRequestSynchronousInNonWorkerOutsideBeforeUnload);
616 }
626 // Check previous state to avoid dispatching readyState event
627 // when calling open several times in a row.
630 else
632 }
635 {
642 }
646 }
648 void XMLHttpRequest::send(const ArrayBufferOrArrayBufferViewOrBlobOrDocumentOrStringOrFormData& body, ExceptionState& exceptionState)
649 {
655 }
660 }
665 }
670 }
675 }
680 }
684 }
687 {
689 }
692 {
703 // FIXME: Per https://xhr.spec.whatwg.org/#dom-xmlhttprequest-send the
704 // Content-Type header and whether to serialize as HTML or XML should
705 // depend on |document->isHTMLDocument()|.
712 }
715 }
718 {
733 }
736 }
739 }
742 {
755 }
756 }
758 // FIXME: add support for uploading bundles.
766 else
770 }
771 }
774 }
777 {
789 AtomicString contentType = AtomicString("multipart/form-data; boundary=", AtomicString::ConstructFromLiteral) + httpBody->boundary().data();
791 }
792 }
795 }
798 {
802 }
805 {
809 }
811 void XMLHttpRequest::sendBytesData(const void* data, size_t length, ExceptionState& exceptionState)
812 {
820 }
823 }
825 void XMLHttpRequest::sendForInspectorXHRReplay(PassRefPtr<EncodedFormData> formData, ExceptionState& exceptionState)
826 {
829 }
831 void XMLHttpRequest::throwForLoadFailureIfNeeded(ExceptionState& exceptionState, const String& reason)
832 {
845 }
848 }
850 void XMLHttpRequest::createRequest(PassRefPtr<EncodedFormData> httpBody, ExceptionState& exceptionState)
851 {
852 // Only GET request is supported for blob URL.
857 throwForLoadFailureIfNeeded(exceptionState, "'GET' is the only method allowed for 'blob:' URLs.");
858 }
860 }
862 // The presence of upload event listeners forces us to use preflighting because POSTing to an URL that does not
863 // permit cross origin requests should look exactly like POSTing to an URL that does not respond at all.
864 // Also, only async requests support upload progress events.
871 }
872 }
876 // We also remember whether upload events should be allowed for this request in case the upload listeners are
877 // added after the request is started.
878 m_uploadEventsAllowed = m_sameOriginRequest || uploadEvents || !FetchUtils::isSimpleRequest(m_method, m_requestHeaders);
886 request.setFetchCredentialsMode(m_includeCredentials ? WebURLRequest::FetchCredentialsModeInclude : WebURLRequest::FetchCredentialsModeSameOrigin);
888 InspectorInstrumentation::willLoadXHR(&executionContext, this, this, m_method, m_url, m_async, httpBody ? httpBody->deepCopy() : nullptr, m_requestHeaders, m_includeCredentials);
894 }
899 ThreadableLoaderOptions options;
903 options.contentSecurityPolicyEnforcement = ContentSecurityPolicy::shouldBypassMainWorld(&executionContext) ? DoNotEnforceContentSecurityPolicy : EnforceConnectSrcDirective;
906 ResourceLoaderOptions resourceLoaderOptions;
907 resourceLoaderOptions.allowCredentials = (m_sameOriginRequest || m_includeCredentials) ? AllowStoredCredentials : DoNotAllowStoredCredentials;
908 resourceLoaderOptions.credentialsRequested = m_includeCredentials ? ClientRequestedCredentials : ClientDidNotRequestCredentials;
911 // When responseType is set to "blob", we redirect the downloaded data to a
912 // file-handle directly.
917 }
927 // ThreadableLoader::create can return null here, for example if we're no longer attached to a page.
928 // This is true while running onunload handlers.
929 // FIXME: Maybe we need to be able to send XMLHttpRequests from onunload, <http://bugs.webkit.org/show_bug.cgi?id=10904>.
930 // FIXME: Maybe create() can return null for other reasons too?
932 m_loader = ThreadableLoader::create(executionContext, this, request, options, resourceLoaderOptions);
935 }
937 // Use count for XHR synchronous requests.
939 ThreadableLoader::loadResourceSynchronously(executionContext, request, *this, options, resourceLoaderOptions);
942 }
945 {
948 // internalAbort() clears |m_loader|. Compute |sendFlag| now.
949 //
950 // |sendFlag| corresponds to "the send() flag" defined in the XHR spec.
951 //
952 // |sendFlag| is only set when we have an active, asynchronous loader.
953 // Don't use it as "the send() flag" when the XHR is in sync mode.
956 // internalAbort() clears the response. Save the data needed for
957 // dispatching ProgressEvents.
964 // The script never gets any chance to call abort() on a sync XHR between
965 // send() call and transition to the DONE state. It's because a sync XHR
966 // doesn't dispatch any event between them. So, if |m_async| is false, we
967 // can skip the "request error steps" (defined in the XHR spec) without any
968 // state check.
969 //
970 // FIXME: It's possible open() is invoked in internalAbort() and |m_async|
971 // becomes true by that. We should implement more reliable treatment for
972 // nested method invocations at some point.
977 }
978 }
980 }
983 {
987 }
993 #if !ENABLE(OILPAN)
995 #endif
997 }
1000 }
1003 {
1020 // Cancelling the ThreadableLoader m_loader may result in calling
1021 // window.onload synchronously. If such an onload handler contains open()
1022 // call on the same XMLHttpRequest object, reentry happens.
1023 //
1024 // If, window.onload contains open() and send(), m_loader will be set to
1025 // non 0 value. So, we cannot continue the outer open(). In such case,
1026 // just abort the outer open() by returning false.
1030 // If abort() called internalAbort() and a nested open() ended up
1031 // clearing the error flag, but didn't send(), make sure the error
1032 // flag is still set.
1038 }
1041 {
1042 // FIXME: when we add the support for multi-part XHR, we will have to
1043 // be careful with this initialization.
1060 // These variables may referred by the response accessors. So, we can clear
1061 // this only when we clear the response holder variables above.
1064 }
1067 {
1069 }
1071 void XMLHttpRequest::dispatchProgressEvent(const AtomicString& type, long long receivedLength, long long expectedLength)
1072 {
1074 unsigned long long loaded = receivedLength >= 0 ? static_cast<unsigned long long>(receivedLength) : 0;
1075 unsigned long long total = lengthComputable ? static_cast<unsigned long long>(expectedLength) : 0;
1081 }
1084 {
1086 }
1089 {
1092 // Response is cleared next, save needed progress event data.
1100 }
1103 {
1106 // Response is cleared next, save needed progress event data.
1114 }
1116 void XMLHttpRequest::handleRequestError(ExceptionCode exceptionCode, const AtomicString& type, long long receivedLength, long long expectedLength)
1117 {
1127 }
1129 // With m_error set, the state change steps are minimal: any pending
1130 // progress event is flushed + a readystatechange is dispatched.
1131 // No new progress events dispatched; as required, that happens at
1132 // the end here.
1140 }
1142 // Note: The below event dispatch may be called while |hasPendingActivity() == false|,
1143 // when |handleRequestError| is called after |internalAbort()|.
1144 // This is safe, however, as |this| will be kept alive from a strong ref |Event::m_target|.
1148 }
1150 void XMLHttpRequest::overrideMimeType(const AtomicString& mimeType, ExceptionState& exceptionState)
1151 {
1153 exceptionState.throwDOMException(InvalidStateError, "MimeType cannot be overridden when the state is LOADING or DONE.");
1155 }
1158 }
1160 void XMLHttpRequest::setRequestHeader(const AtomicString& name, const AtomicString& value, ExceptionState& exceptionState)
1161 {
1165 }
1168 exceptionState.throwDOMException(SyntaxError, "'" + name + "' is not a valid HTTP header field name.");
1170 }
1173 exceptionState.throwDOMException(SyntaxError, "'" + value + "' is not a valid HTTP header field value.");
1175 }
1177 // Show deprecation warnings and count occurrences of such deprecated header values.
1181 // No script (privileged or not) can set unsafe headers.
1185 }
1188 }
1190 void XMLHttpRequest::setRequestHeaderInternal(const AtomicString& name, const AtomicString& value)
1191 {
1195 }
1198 {
1200 }
1203 {
1207 StringBuilder stringBuilder;
1209 HTTPHeaderSet accessControlExposeHeaderSet;
1210 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-Control-Expose-Headers"), accessControlExposeHeaderSet);
1212 for (HTTPHeaderMap::const_iterator it = m_response.httpHeaderFields().begin(); it!= end; ++it) {
1213 // Hide Set-Cookie header fields from the XMLHttpRequest client for these reasons:
1214 // 1) If the client did have access to the fields, then it could read HTTP-only
1215 // cookies; those cookies are supposed to be hidden from scripts.
1216 // 2) There's no known harm in hiding Set-Cookie header fields entirely; we don't
1217 // know any widely used technique that requires access to them.
1218 // 3) Firefox has implemented this policy.
1222 if (!m_sameOriginRequest && !isOnAccessControlResponseHeaderWhitelist(it->key) && !accessControlExposeHeaderSet.contains(it->key))
1231 }
1234 }
1237 {
1241 // See comment in getAllResponseHeaders above.
1245 }
1247 HTTPHeaderSet accessControlExposeHeaderSet;
1248 parseAccessControlExposeHeadersAllowList(m_response.httpHeaderField("Access-Control-Expose-Headers"), accessControlExposeHeaderSet);
1250 if (!m_sameOriginRequest && !isOnAccessControlResponseHeaderWhitelist(name) && !accessControlExposeHeaderSet.contains(name)) {
1253 }
1255 }
1258 {
1267 }
1270 {
1275 // FIXME: This fallback is not specified in the final MIME type algorithm
1276 // of the XHR spec. Move this to more appropriate place.
1278 }
1281 {
1283 }
1286 {
1288 }
1291 {
1299 }
1302 {
1310 }
1313 {
1317 // If we are already in an error state, for instance we called abort(), bail out early.
1323 // Now the XMLHttpRequest instance may be dead.
1325 }
1329 // Now the XMLHttpRequest instance may be dead.
1331 }
1333 // Network failures are already reported to Web Inspector by ResourceLoader.
1335 logConsoleError(executionContext(), "XMLHttpRequest cannot load " + error.failingURL() + ". " + error.localizedDescription());
1338 // Now the XMLHttpRequest instance may be dead.
1339 }
1342 {
1347 // Now the XMLHttpRequest instance may be dead.
1348 }
1351 {
1361 if (m_downloadingToFile && m_responseTypeCode != ResponseTypeBlob && m_lengthDownloadedToFile) {
1363 // In this case, we have sent the request with DownloadToFile true,
1364 // but the user changed the response type after that. Hence we need to
1365 // read the response data and provide it to this object.
1369 }
1370 }
1373 {
1375 // |DocumentParser::finish()| tells the parser that we have reached end of the data.
1376 // When using |HTMLDocumentParser|, which works asynchronously, we do not have the
1377 // complete document just after the |DocumentParser::finish()| call.
1378 // Wait for the parser to call us back in |notifyParserStopped| to progress state.
1382 }
1389 }
1390 }
1397 }
1400 {
1405 }
1408 {
1415 }
1418 {
1422 // If we errored out or got no data, we return an empty handle.
1425 // FIXME: finalResponseMIMETypeWithFallback() defaults to
1426 // text/xml which may be incorrect. Replace it with
1427 // finalResponseMIMEType() after compatibility investigation.
1429 }
1431 }
1434 {
1437 // This should only be called when response document is parsed asynchronously.
1442 // Do nothing if we are called from |internalAbort()|.
1456 }
1459 {
1460 InspectorInstrumentation::didFinishXHRLoading(executionContext(), this, this, m_method, m_url);
1467 if (!executionContext()->isDocument() || !document() || !document()->frame() || !document()->frame()->page())
1472 }
1473 }
1475 void XMLHttpRequest::didSendData(unsigned long long bytesSent, unsigned long long totalBytesToBeSent)
1476 {
1477 WTF_LOG(Network, "XMLHttpRequest %p didSendData(%llu, %llu)", this, bytesSent, totalBytesToBeSent);
1490 }
1491 }
1493 void XMLHttpRequest::didReceiveResponse(unsigned long identifier, const ResourceResponse& response, PassOwnPtr<WebDataConsumerHandle> handle)
1494 {
1503 }
1507 }
1510 {
1519 }
1526 }
1529 {
1536 // allow TextResourceDecoder to look inside the m_response if it's XML or HTML
1539 // Don't stop on encoding errors, unlike it is done for other kinds
1540 // of XML resources. This matches the behavior of previous WebKit
1541 // versions, Firefox and Opera.
1545 }
1551 }
1554 {
1562 // We need to check for |m_error| again, because |changeState| may trigger
1563 // readystatechange, and user javascript can cause |abort()|.
1572 } else if (m_responseTypeCode == ResponseTypeDefault || m_responseTypeCode == ResponseTypeText || m_responseTypeCode == ResponseTypeJSON || m_responseTypeCode == ResponseTypeDocument) {
1580 }
1581 } else if (m_responseTypeCode == ResponseTypeArrayBuffer || m_responseTypeCode == ResponseTypeBlob) {
1582 // Buffer binary data.
1590 }
1593 // In this case, the data is provided by m_blobLoader. As progress
1594 // events are already fired, we should return here.
1596 }
1598 }
1601 {
1614 // readystatechange event handler may do something to put this XHR in error
1615 // state. We need to check m_error again here.
1622 }
1625 {
1628 // Response is cleared next, save needed progress event data.
1636 }
1639 {
1641 }
1644 {
1646 }
1649 {
1652 }
1655 {
1656 // Neither this object nor the JavaScript wrapper should be deleted while
1657 // a request is in progress because we need to keep the listeners alive,
1658 // and they are referenced by the JavaScript wrapper.
1659 // |m_loader| is non-null while request is active and ThreadableLoaderClient
1660 // callbacks may be called, and |m_responseDocumentParser| is non-null while
1661 // DocumentParserClient callbacks may be called.
1665 }
1668 {
1671 }
1674 {
1676 }
1679 {
1681 }
1684 {
1695 }