search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Respond with QuotaExceededError when IndexedDB has no disk space on open.
[chromium-blink-merge.git] / content / browser / loader / resource_dispatcher_host_impl.cc
blob9c29a28cb911278decb182d32d28838666afcb00
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // See http://dev.chromium.org/developers/design-documents/multi-process-resource-loading
6
7 #include "content/browser/loader/resource_dispatcher_host_impl.h"
8
9 #include <set>
10 #include <vector>
11
12 #include "base/bind.h"
13 #include "base/bind_helpers.h"
14 #include "base/command_line.h"
15 #include "base/compiler_specific.h"
16 #include "base/debug/alias.h"
17 #include "base/logging.h"
18 #include "base/memory/scoped_ptr.h"
19 #include "base/memory/shared_memory.h"
20 #include "base/message_loop/message_loop.h"
21 #include "base/metrics/histogram.h"
22 #include "base/metrics/sparse_histogram.h"
23 #include "base/stl_util.h"
24 #include "base/third_party/dynamic_annotations/dynamic_annotations.h"
25 #include "content/browser/appcache/chrome_appcache_service.h"
26 #include "content/browser/cert_store_impl.h"
27 #include "content/browser/child_process_security_policy_impl.h"
28 #include "content/browser/cross_site_request_manager.h"
29 #include "content/browser/download/download_resource_handler.h"
30 #include "content/browser/download/save_file_manager.h"
31 #include "content/browser/download/save_file_resource_handler.h"
32 #include "content/browser/fileapi/chrome_blob_storage_context.h"
33 #include "content/browser/loader/async_resource_handler.h"
34 #include "content/browser/loader/buffered_resource_handler.h"
35 #include "content/browser/loader/cross_site_resource_handler.h"
36 #include "content/browser/loader/power_save_block_resource_throttle.h"
37 #include "content/browser/loader/redirect_to_file_resource_handler.h"
38 #include "content/browser/loader/resource_message_filter.h"
39 #include "content/browser/loader/resource_request_info_impl.h"
40 #include "content/browser/loader/stream_resource_handler.h"
41 #include "content/browser/loader/sync_resource_handler.h"
42 #include "content/browser/loader/throttling_resource_handler.h"
43 #include "content/browser/loader/transfer_navigation_resource_throttle.h"
44 #include "content/browser/loader/upload_data_stream_builder.h"
45 #include "content/browser/plugin_service_impl.h"
46 #include "content/browser/renderer_host/render_view_host_delegate.h"
47 #include "content/browser/renderer_host/render_view_host_impl.h"
48 #include "content/browser/resource_context_impl.h"
49 #include "content/browser/streams/stream.h"
50 #include "content/browser/streams/stream_context.h"
51 #include "content/browser/streams/stream_registry.h"
52 #include "content/browser/worker_host/worker_service_impl.h"
53 #include "content/common/resource_messages.h"
54 #include "content/common/ssl_status_serialization.h"
55 #include "content/common/view_messages.h"
56 #include "content/public/browser/browser_thread.h"
57 #include "content/public/browser/content_browser_client.h"
58 #include "content/public/browser/download_manager.h"
59 #include "content/public/browser/download_url_parameters.h"
60 #include "content/public/browser/global_request_id.h"
61 #include "content/public/browser/resource_dispatcher_host_delegate.h"
62 #include "content/public/browser/resource_request_details.h"
63 #include "content/public/browser/resource_throttle.h"
64 #include "content/public/browser/stream_handle.h"
65 #include "content/public/browser/user_metrics.h"
66 #include "content/public/common/content_switches.h"
67 #include "content/public/common/process_type.h"
68 #include "content/public/common/url_constants.h"
69 #include "ipc/ipc_message_macros.h"
70 #include "ipc/ipc_message_start.h"
71 #include "net/base/auth.h"
72 #include "net/base/load_flags.h"
73 #include "net/base/mime_util.h"
74 #include "net/base/net_errors.h"
75 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
76 #include "net/base/request_priority.h"
77 #include "net/base/upload_data_stream.h"
78 #include "net/cert/cert_status_flags.h"
79 #include "net/cookies/cookie_monster.h"
80 #include "net/http/http_response_headers.h"
81 #include "net/http/http_response_info.h"
82 #include "net/ssl/ssl_cert_request_info.h"
83 #include "net/url_request/url_request.h"
84 #include "net/url_request/url_request_context.h"
85 #include "net/url_request/url_request_job_factory.h"
86 #include "webkit/browser/appcache/appcache_interceptor.h"
87 #include "webkit/common/blob/blob_data.h"
88 #include "webkit/browser/blob/blob_data_handle.h"
89 #include "webkit/browser/blob/blob_storage_context.h"
90 #include "webkit/browser/blob/blob_url_request_job_factory.h"
91 #include "webkit/browser/fileapi/file_permission_policy.h"
92 #include "webkit/browser/fileapi/file_system_context.h"
93 #include "webkit/common/appcache/appcache_interfaces.h"
94 #include "webkit/common/blob/shareable_file_reference.h"
95 #include "webkit/common/resource_request_body.h"
96
97 using base::Time;
98 using base::TimeDelta;
99 using base::TimeTicks;
100 using webkit_blob::ShareableFileReference;
101 using webkit_glue::ResourceRequestBody;
102
103 // ----------------------------------------------------------------------------
104
105 namespace content {
106
107 namespace {
108
109 static ResourceDispatcherHostImpl* g_resource_dispatcher_host;
110
111 // The interval for calls to ResourceDispatcherHostImpl::UpdateLoadStates
112 const int kUpdateLoadStatesIntervalMsec = 100;
113
114 // Maximum byte "cost" of all the outstanding requests for a renderer.
115 // See delcaration of |max_outstanding_requests_cost_per_process_| for details.
116 // This bound is 25MB, which allows for around 6000 outstanding requests.
117 const int kMaxOutstandingRequestsCostPerProcess = 26214400;
118
119 // The number of milliseconds after noting a user gesture that we will
120 // tag newly-created URLRequest objects with the
121 // net::LOAD_MAYBE_USER_GESTURE load flag. This is a fairly arbitrary
122 // guess at how long to expect direct impact from a user gesture, but
123 // this should be OK as the load flag is a best-effort thing only,
124 // rather than being intended as fully accurate.
125 const int kUserGestureWindowMs = 3500;
126
127 // Ratio of |max_num_in_flight_requests_| that any one renderer is allowed to
128 // use. Arbitrarily chosen.
129 const double kMaxRequestsPerProcessRatio = 0.45;
130
131 // All possible error codes from the network module. Note that the error codes
132 // are all positive (since histograms expect positive sample values).
133 const int kAllNetErrorCodes[] = {
134 #define NET_ERROR(label, value) -(value),
135 #include "net/base/net_error_list.h"
136 #undef NET_ERROR
137 };
138
139 // Aborts a request before an URLRequest has actually been created.
140 void AbortRequestBeforeItStarts(ResourceMessageFilter* filter,
141 IPC::Message* sync_result,
142 int request_id) {
143 if (sync_result) {
144 SyncLoadResult result;
145 result.error_code = net::ERR_ABORTED;
146 ResourceHostMsg_SyncLoad::WriteReplyParams(sync_result, result);
147 filter->Send(sync_result);
148 } else {
149 // Tell the renderer that this request was disallowed.
150 filter->Send(new ResourceMsg_RequestComplete(
151 request_id,
152 net::ERR_ABORTED,
153 false,
154 std::string(), // No security info needed, connection not established.
155 base::TimeTicks()));
156 }
157 }
158
159 void SetReferrerForRequest(net::URLRequest* request, const Referrer& referrer) {
160 if (!referrer.url.is_valid() ||
161 CommandLine::ForCurrentProcess()->HasSwitch(switches::kNoReferrers)) {
162 request->SetReferrer(std::string());
163 } else {
164 request->SetReferrer(referrer.url.spec());
165 }
166
167 net::URLRequest::ReferrerPolicy net_referrer_policy =
168 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE;
169 switch (referrer.policy) {
170 case WebKit::WebReferrerPolicyDefault:
171 net_referrer_policy =
172 net::URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE;
173 break;
174 case WebKit::WebReferrerPolicyAlways:
175 case WebKit::WebReferrerPolicyNever:
176 case WebKit::WebReferrerPolicyOrigin:
177 net_referrer_policy = net::URLRequest::NEVER_CLEAR_REFERRER;
178 break;
179 }
180 request->set_referrer_policy(net_referrer_policy);
181 }
182
183 // Consults the RendererSecurity policy to determine whether the
184 // ResourceDispatcherHostImpl should service this request. A request might be
185 // disallowed if the renderer is not authorized to retrieve the request URL or
186 // if the renderer is attempting to upload an unauthorized file.
187 bool ShouldServiceRequest(int process_type,
188 int child_id,
189 const ResourceHostMsg_Request& request_data,
190 fileapi::FileSystemContext* file_system_context) {
191 if (process_type == PROCESS_TYPE_PLUGIN)
192 return true;
193
194 ChildProcessSecurityPolicyImpl* policy =
195 ChildProcessSecurityPolicyImpl::GetInstance();
196
197 // Check if the renderer is permitted to request the requested URL.
198 if (!policy->CanRequestURL(child_id, request_data.url)) {
199 VLOG(1) << "Denied unauthorized request for "
200 << request_data.url.possibly_invalid_spec();
201 return false;
202 }
203
204 // Check if the renderer is permitted to upload the requested files.
205 if (request_data.request_body.get()) {
206 const std::vector<ResourceRequestBody::Element>* uploads =
207 request_data.request_body->elements();
208 std::vector<ResourceRequestBody::Element>::const_iterator iter;
209 for (iter = uploads->begin(); iter != uploads->end(); ++iter) {
210 if (iter->type() == ResourceRequestBody::Element::TYPE_FILE &&
211 !policy->CanReadFile(child_id, iter->path())) {
212 NOTREACHED() << "Denied unauthorized upload of "
213 << iter->path().value();
214 return false;
215 }
216 if (iter->type() == ResourceRequestBody::Element::TYPE_FILE_FILESYSTEM) {
217 fileapi::FileSystemURL url =
218 file_system_context->CrackURL(iter->filesystem_url());
219 if (!policy->CanReadFileSystemFile(child_id, url)) {
220 NOTREACHED() << "Denied unauthorized upload of "
221 << iter->filesystem_url().spec();
222 return false;
223 }
224 }
225 }
226 }
227
228 return true;
229 }
230
231 void RemoveDownloadFileFromChildSecurityPolicy(int child_id,
232 const base::FilePath& path) {
233 ChildProcessSecurityPolicyImpl::GetInstance()->RevokeAllPermissionsForFile(
234 child_id, path);
235 }
236
237 #if defined(OS_WIN)
238 #pragma warning(disable: 4748)
239 #pragma optimize("", off)
240 #endif
241
242 #if defined(OS_WIN)
243 #pragma optimize("", on)
244 #pragma warning(default: 4748)
245 #endif
246
247 net::Error CallbackAndReturn(
248 const DownloadUrlParameters::OnStartedCallback& started_cb,
249 net::Error net_error) {
250 if (started_cb.is_null())
251 return net_error;
252 BrowserThread::PostTask(
253 BrowserThread::UI, FROM_HERE,
254 base::Bind(started_cb, static_cast<DownloadItem*>(NULL), net_error));
255
256 return net_error;
257 }
258
259 int GetCertID(net::URLRequest* request, int child_id) {
260 if (request->ssl_info().cert.get()) {
261 return CertStore::GetInstance()->StoreCert(request->ssl_info().cert.get(),
262 child_id);
263 }
264 return 0;
265 }
266
267 void NotifyRedirectOnUI(int render_process_id,
268 int render_view_id,
269 scoped_ptr<ResourceRedirectDetails> details) {
270 RenderViewHostImpl* host =
271 RenderViewHostImpl::FromID(render_process_id, render_view_id);
272 if (!host)
273 return;
274
275 RenderViewHostDelegate* delegate = host->GetDelegate();
276 delegate->DidGetRedirectForResourceRequest(*details.get());
277 }
278
279 void NotifyResponseOnUI(int render_process_id,
280 int render_view_id,
281 scoped_ptr<ResourceRequestDetails> details) {
282 RenderViewHostImpl* host =
283 RenderViewHostImpl::FromID(render_process_id, render_view_id);
284 if (!host)
285 return;
286
287 RenderViewHostDelegate* delegate = host->GetDelegate();
288 delegate->DidGetResourceResponseStart(*details.get());
289 }
290
291 } // namespace
292
293 // static
294 ResourceDispatcherHost* ResourceDispatcherHost::Get() {
295 return g_resource_dispatcher_host;
296 }
297
298 ResourceDispatcherHostImpl::ResourceDispatcherHostImpl()
299 : save_file_manager_(new SaveFileManager()),
300 request_id_(-1),
301 is_shutdown_(false),
302 num_in_flight_requests_(0),
303 max_num_in_flight_requests_(base::SharedMemory::GetHandleLimit()),
304 max_num_in_flight_requests_per_process_(
305 static_cast<int>(
306 max_num_in_flight_requests_ * kMaxRequestsPerProcessRatio)),
307 max_outstanding_requests_cost_per_process_(
308 kMaxOutstandingRequestsCostPerProcess),
309 filter_(NULL),
310 delegate_(NULL),
311 allow_cross_origin_auth_prompt_(false) {
312 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
313 DCHECK(!g_resource_dispatcher_host);
314 g_resource_dispatcher_host = this;
315
316 GetContentClient()->browser()->ResourceDispatcherHostCreated();
317
318 ANNOTATE_BENIGN_RACE(
319 &last_user_gesture_time_,
320 "We don't care about the precise value, see http://crbug.com/92889");
321
322 BrowserThread::PostTask(BrowserThread::IO,
323 FROM_HERE,
324 base::Bind(&ResourceDispatcherHostImpl::OnInit,
325 base::Unretained(this)));
326
327 update_load_states_timer_.reset(
328 new base::RepeatingTimer<ResourceDispatcherHostImpl>());
329 }
330
331 ResourceDispatcherHostImpl::~ResourceDispatcherHostImpl() {
332 DCHECK(outstanding_requests_stats_map_.empty());
333 DCHECK(g_resource_dispatcher_host);
334 g_resource_dispatcher_host = NULL;
335 }
336
337 // static
338 ResourceDispatcherHostImpl* ResourceDispatcherHostImpl::Get() {
339 return g_resource_dispatcher_host;
340 }
341
342 void ResourceDispatcherHostImpl::SetDelegate(
343 ResourceDispatcherHostDelegate* delegate) {
344 delegate_ = delegate;
345 }
346
347 void ResourceDispatcherHostImpl::SetAllowCrossOriginAuthPrompt(bool value) {
348 allow_cross_origin_auth_prompt_ = value;
349 }
350
351 void ResourceDispatcherHostImpl::AddResourceContext(ResourceContext* context) {
352 active_resource_contexts_.insert(context);
353 }
354
355 void ResourceDispatcherHostImpl::RemoveResourceContext(
356 ResourceContext* context) {
357 CHECK(ContainsKey(active_resource_contexts_, context));
358 active_resource_contexts_.erase(context);
359 }
360
361 void ResourceDispatcherHostImpl::CancelRequestsForContext(
362 ResourceContext* context) {
363 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
364 DCHECK(context);
365
366 CHECK(ContainsKey(active_resource_contexts_, context));
367
368 // Note that request cancellation has side effects. Therefore, we gather all
369 // the requests to cancel first, and then we start cancelling. We assert at
370 // the end that there are no more to cancel since the context is about to go
371 // away.
372 typedef std::vector<linked_ptr<ResourceLoader> > LoaderList;
373 LoaderList loaders_to_cancel;
374
375 for (LoaderMap::iterator i = pending_loaders_.begin();
376 i != pending_loaders_.end();) {
377 if (i->second->GetRequestInfo()->GetContext() == context) {
378 loaders_to_cancel.push_back(i->second);
379 IncrementOutstandingRequestsMemory(-1, *i->second->GetRequestInfo());
380 pending_loaders_.erase(i++);
381 } else {
382 ++i;
383 }
384 }
385
386 for (BlockedLoadersMap::iterator i = blocked_loaders_map_.begin();
387 i != blocked_loaders_map_.end();) {
388 BlockedLoadersList* loaders = i->second;
389 if (loaders->empty()) {
390 // This can happen if BlockRequestsForRoute() has been called for a route,
391 // but we haven't blocked any matching requests yet.
392 ++i;
393 continue;
394 }
395 ResourceRequestInfoImpl* info = loaders->front()->GetRequestInfo();
396 if (info->GetContext() == context) {
397 blocked_loaders_map_.erase(i++);
398 for (BlockedLoadersList::const_iterator it = loaders->begin();
399 it != loaders->end(); ++it) {
400 linked_ptr<ResourceLoader> loader = *it;
401 info = loader->GetRequestInfo();
402 // We make the assumption that all requests on the list have the same
403 // ResourceContext.
404 DCHECK_EQ(context, info->GetContext());
405 IncrementOutstandingRequestsMemory(-1, *info);
406 loaders_to_cancel.push_back(loader);
407 }
408 delete loaders;
409 } else {
410 ++i;
411 }
412 }
413
414 #ifndef NDEBUG
415 for (LoaderList::iterator i = loaders_to_cancel.begin();
416 i != loaders_to_cancel.end(); ++i) {
417 // There is no strict requirement that this be the case, but currently
418 // downloads, streams and transferred requests are the only requests that
419 // aren't cancelled when the associated processes go away. It may be OK for
420 // this invariant to change in the future, but if this assertion fires
421 // without the invariant changing, then it's indicative of a leak.
422 DCHECK((*i)->GetRequestInfo()->is_download() ||
423 (*i)->GetRequestInfo()->is_stream() ||
424 (*i)->is_transferring());
425 }
426 #endif
427
428 loaders_to_cancel.clear();
429
430 // Validate that no more requests for this context were added.
431 for (LoaderMap::const_iterator i = pending_loaders_.begin();
432 i != pending_loaders_.end(); ++i) {
433 // http://crbug.com/90971
434 CHECK_NE(i->second->GetRequestInfo()->GetContext(), context);
435 }
436
437 for (BlockedLoadersMap::const_iterator i = blocked_loaders_map_.begin();
438 i != blocked_loaders_map_.end(); ++i) {
439 BlockedLoadersList* loaders = i->second;
440 if (!loaders->empty()) {
441 ResourceRequestInfoImpl* info = loaders->front()->GetRequestInfo();
442 // http://crbug.com/90971
443 CHECK_NE(info->GetContext(), context);
444 }
445 }
446 }
447
448 net::Error ResourceDispatcherHostImpl::BeginDownload(
449 scoped_ptr<net::URLRequest> request,
450 const Referrer& referrer,
451 bool is_content_initiated,
452 ResourceContext* context,
453 int child_id,
454 int route_id,
455 bool prefer_cache,
456 scoped_ptr<DownloadSaveInfo> save_info,
457 uint32 download_id,
458 const DownloadStartedCallback& started_callback) {
459 if (is_shutdown_)
460 return CallbackAndReturn(started_callback, net::ERR_INSUFFICIENT_RESOURCES);
461
462 const GURL& url = request->original_url();
463
464 // http://crbug.com/90971
465 char url_buf[128];
466 base::strlcpy(url_buf, url.spec().c_str(), arraysize(url_buf));
467 base::debug::Alias(url_buf);
468 CHECK(ContainsKey(active_resource_contexts_, context));
469
470 SetReferrerForRequest(request.get(), referrer);
471
472 int extra_load_flags = net::LOAD_IS_DOWNLOAD;
473 if (prefer_cache) {
474 // If there is upload data attached, only retrieve from cache because there
475 // is no current mechanism to prompt the user for their consent for a
476 // re-post. For GETs, try to retrieve data from the cache and skip
477 // validating the entry if present.
478 if (request->get_upload() != NULL)
479 extra_load_flags |= net::LOAD_ONLY_FROM_CACHE;
480 else
481 extra_load_flags |= net::LOAD_PREFERRING_CACHE;
482 } else {
483 extra_load_flags |= net::LOAD_DISABLE_CACHE;
484 }
485 request->set_load_flags(request->load_flags() | extra_load_flags);
486
487 // No need to get offline load flags for downloads, but make sure
488 // we have an OfflinePolicy to receive request completions.
489 GlobalRoutingID id(child_id, route_id);
490 if (!offline_policy_map_[id])
491 offline_policy_map_[id] = new OfflinePolicy();
492
493 // Check if the renderer is permitted to request the requested URL.
494 if (!ChildProcessSecurityPolicyImpl::GetInstance()->
495 CanRequestURL(child_id, url)) {
496 VLOG(1) << "Denied unauthorized download request for "
497 << url.possibly_invalid_spec();
498 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED);
499 }
500
501 request_id_--;
502
503 const net::URLRequestContext* request_context = context->GetRequestContext();
504 if (!request_context->job_factory()->IsHandledURL(url)) {
505 VLOG(1) << "Download request for unsupported protocol: "
506 << url.possibly_invalid_spec();
507 return CallbackAndReturn(started_callback, net::ERR_ACCESS_DENIED);
508 }
509
510 ResourceRequestInfoImpl* extra_info =
511 CreateRequestInfo(child_id, route_id, true, context);
512 extra_info->AssociateWithRequest(request.get()); // Request takes ownership.
513
514 if (request->url().SchemeIs(chrome::kBlobScheme)) {
515 ChromeBlobStorageContext* blob_context =
516 GetChromeBlobStorageContextForResourceContext(context);
517 webkit_blob::BlobProtocolHandler::SetRequestedBlobDataHandle(
518 request.get(),
519 blob_context->context()->GetBlobDataFromPublicURL(request->url()));
520 }
521
522 // From this point forward, the |DownloadResourceHandler| is responsible for
523 // |started_callback|.
524 scoped_ptr<ResourceHandler> handler(
525 CreateResourceHandlerForDownload(request.get(), is_content_initiated,
526 true, download_id, save_info.Pass(),
527 started_callback));
528
529 BeginRequestInternal(request.Pass(), handler.Pass());
530
531 return net::OK;
532 }
533
534 void ResourceDispatcherHostImpl::ClearLoginDelegateForRequest(
535 net::URLRequest* request) {
536 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
537 if (info) {
538 ResourceLoader* loader = GetLoader(info->GetGlobalRequestID());
539 if (loader)
540 loader->ClearLoginDelegate();
541 }
542 }
543
544 void ResourceDispatcherHostImpl::Shutdown() {
545 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
546 BrowserThread::PostTask(BrowserThread::IO,
547 FROM_HERE,
548 base::Bind(&ResourceDispatcherHostImpl::OnShutdown,
549 base::Unretained(this)));
550 }
551
552 scoped_ptr<ResourceHandler>
553 ResourceDispatcherHostImpl::CreateResourceHandlerForDownload(
554 net::URLRequest* request,
555 bool is_content_initiated,
556 bool must_download,
557 uint32 id,
558 scoped_ptr<DownloadSaveInfo> save_info,
559 const DownloadUrlParameters::OnStartedCallback& started_cb) {
560 scoped_ptr<ResourceHandler> handler(
561 new DownloadResourceHandler(id, request, started_cb, save_info.Pass()));
562 if (delegate_) {
563 const ResourceRequestInfo* request_info(
564 ResourceRequestInfo::ForRequest(request));
565
566 ScopedVector<ResourceThrottle> throttles;
567 delegate_->DownloadStarting(
568 request, request_info->GetContext(), request_info->GetChildID(),
569 request_info->GetRouteID(), request_info->GetRequestID(),
570 is_content_initiated, must_download, &throttles);
571 if (!throttles.empty()) {
572 handler.reset(
573 new ThrottlingResourceHandler(
574 handler.Pass(), request_info->GetChildID(),
575 request_info->GetRequestID(), throttles.Pass()));
576 }
577 }
578 return handler.Pass();
579 }
580
581 scoped_ptr<ResourceHandler>
582 ResourceDispatcherHostImpl::MaybeInterceptAsStream(net::URLRequest* request,
583 ResourceResponse* response) {
584 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
585 const std::string& mime_type = response->head.mime_type;
586
587 GURL origin;
588 std::string target_id;
589 if (!delegate_ ||
590 !delegate_->ShouldInterceptResourceAsStream(info->GetContext(),
591 request->url(),
592 mime_type,
593 &origin,
594 &target_id)) {
595 return scoped_ptr<ResourceHandler>();
596 }
597
598 StreamContext* stream_context =
599 GetStreamContextForResourceContext(info->GetContext());
600
601 scoped_ptr<StreamResourceHandler> handler(
602 new StreamResourceHandler(request,
603 stream_context->registry(),
604 origin));
605
606 info->set_is_stream(true);
607 delegate_->OnStreamCreated(
608 info->GetContext(),
609 info->GetChildID(),
610 info->GetRouteID(),
611 target_id,
612 handler->stream()->CreateHandle(request->url(), mime_type),
613 request->GetExpectedContentSize());
614 return handler.PassAs<ResourceHandler>();
615 }
616
617 void ResourceDispatcherHostImpl::ClearSSLClientAuthHandlerForRequest(
618 net::URLRequest* request) {
619 ResourceRequestInfoImpl* info = ResourceRequestInfoImpl::ForRequest(request);
620 if (info) {
621 ResourceLoader* loader = GetLoader(info->GetGlobalRequestID());
622 if (loader)
623 loader->ClearSSLClientAuthHandler();
624 }
625 }
626
627 ResourceDispatcherHostLoginDelegate*
628 ResourceDispatcherHostImpl::CreateLoginDelegate(
629 ResourceLoader* loader,
630 net::AuthChallengeInfo* auth_info) {
631 if (!delegate_)
632 return NULL;
633
634 return delegate_->CreateLoginDelegate(auth_info, loader->request());
635 }
636
637 bool ResourceDispatcherHostImpl::AcceptAuthRequest(
638 ResourceLoader* loader,
639 net::AuthChallengeInfo* auth_info) {
640 if (delegate_ && !delegate_->AcceptAuthRequest(loader->request(), auth_info))
641 return false;
642
643 return true;
644 }
645
646 bool ResourceDispatcherHostImpl::AcceptSSLClientCertificateRequest(
647 ResourceLoader* loader,
648 net::SSLCertRequestInfo* cert_info) {
649 if (delegate_ && !delegate_->AcceptSSLClientCertificateRequest(
650 loader->request(), cert_info)) {
651 return false;
652 }
653
654 return true;
655 }
656
657 bool ResourceDispatcherHostImpl::HandleExternalProtocol(ResourceLoader* loader,
658 const GURL& url) {
659 if (!delegate_)
660 return false;
661
662 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
663
664 if (!ResourceType::IsFrame(info->GetResourceType()))
665 return false;
666
667 const net::URLRequestJobFactory* job_factory =
668 info->GetContext()->GetRequestContext()->job_factory();
669 if (job_factory->IsHandledURL(url))
670 return false;
671
672 return delegate_->HandleExternalProtocol(url, info->GetChildID(),
673 info->GetRouteID());
674 }
675
676 void ResourceDispatcherHostImpl::DidStartRequest(ResourceLoader* loader) {
677 // Make sure we have the load state monitor running
678 if (!update_load_states_timer_->IsRunning()) {
679 update_load_states_timer_->Start(FROM_HERE,
680 TimeDelta::FromMilliseconds(kUpdateLoadStatesIntervalMsec),
681 this, &ResourceDispatcherHostImpl::UpdateLoadStates);
682 }
683 }
684
685 void ResourceDispatcherHostImpl::DidReceiveRedirect(ResourceLoader* loader,
686 const GURL& new_url) {
687 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
688
689 int render_process_id, render_view_id;
690 if (!info->GetAssociatedRenderView(&render_process_id, &render_view_id))
691 return;
692
693 // Notify the observers on the UI thread.
694 scoped_ptr<ResourceRedirectDetails> detail(new ResourceRedirectDetails(
695 loader->request(),
696 GetCertID(loader->request(), info->GetChildID()),
697 new_url));
698 BrowserThread::PostTask(
699 BrowserThread::UI, FROM_HERE,
700 base::Bind(
701 &NotifyRedirectOnUI,
702 render_process_id, render_view_id, base::Passed(&detail)));
703 }
704
705 void ResourceDispatcherHostImpl::DidReceiveResponse(ResourceLoader* loader) {
706 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
707 // There should be an entry in the map created when we dispatched the
708 // request.
709 OfflineMap::iterator policy_it(
710 offline_policy_map_.find(info->GetGlobalRoutingID()));
711 if (offline_policy_map_.end() != policy_it) {
712 policy_it->second->UpdateStateForSuccessfullyStartedRequest(
713 loader->request()->response_info());
714 } else {
715 // We should always have an entry in offline_policy_map_ from when
716 // this request traversed Begin{Download,SaveFile,Request}.
717 // TODO(rdsmith): This isn't currently true; see http://crbug.com/241176.
718 NOTREACHED();
719 }
720
721 int render_process_id, render_view_id;
722 if (!info->GetAssociatedRenderView(&render_process_id, &render_view_id))
723 return;
724
725 // Notify the observers on the UI thread.
726 scoped_ptr<ResourceRequestDetails> detail(new ResourceRequestDetails(
727 loader->request(),
728 GetCertID(loader->request(), info->GetChildID())));
729 BrowserThread::PostTask(
730 BrowserThread::UI, FROM_HERE,
731 base::Bind(
732 &NotifyResponseOnUI,
733 render_process_id, render_view_id, base::Passed(&detail)));
734 }
735
736 void ResourceDispatcherHostImpl::DidFinishLoading(ResourceLoader* loader) {
737 ResourceRequestInfo* info = loader->GetRequestInfo();
738
739 // Record final result of all resource loads.
740 if (info->GetResourceType() == ResourceType::MAIN_FRAME) {
741 // This enumeration has "3" appended to its name to distinguish it from
742 // older versions.
743 UMA_HISTOGRAM_SPARSE_SLOWLY(
744 "Net.ErrorCodesForMainFrame3",
745 -loader->request()->status().error());
746
747 if (loader->request()->url().SchemeIsSecure() &&
748 loader->request()->url().host() == "www.google.com") {
749 UMA_HISTOGRAM_SPARSE_SLOWLY(
750 "Net.ErrorCodesForHTTPSGoogleMainFrame2",
751 -loader->request()->status().error());
752 }
753 } else {
754 if (info->GetResourceType() == ResourceType::IMAGE) {
755 UMA_HISTOGRAM_SPARSE_SLOWLY(
756 "Net.ErrorCodesForImages",
757 -loader->request()->status().error());
758 }
759 // This enumeration has "2" appended to distinguish it from older versions.
760 UMA_HISTOGRAM_SPARSE_SLOWLY(
761 "Net.ErrorCodesForSubresources2",
762 -loader->request()->status().error());
763 }
764
765 // Destroy the ResourceLoader.
766 RemovePendingRequest(info->GetChildID(), info->GetRequestID());
767 }
768
769 // static
770 bool ResourceDispatcherHostImpl::RenderViewForRequest(
771 const net::URLRequest* request,
772 int* render_process_id,
773 int* render_view_id) {
774 const ResourceRequestInfoImpl* info =
775 ResourceRequestInfoImpl::ForRequest(request);
776 if (!info) {
777 *render_process_id = -1;
778 *render_view_id = -1;
779 return false;
780 }
781
782 return info->GetAssociatedRenderView(render_process_id, render_view_id);
783 }
784
785 void ResourceDispatcherHostImpl::OnInit() {
786 scheduler_.reset(new ResourceScheduler);
787 appcache::AppCacheInterceptor::EnsureRegistered();
788 }
789
790 void ResourceDispatcherHostImpl::OnShutdown() {
791 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
792
793 is_shutdown_ = true;
794 pending_loaders_.clear();
795
796 // Make sure we shutdown the timer now, otherwise by the time our destructor
797 // runs if the timer is still running the Task is deleted twice (once by
798 // the MessageLoop and the second time by RepeatingTimer).
799 update_load_states_timer_.reset();
800
801 // Clear blocked requests if any left.
802 // Note that we have to do this in 2 passes as we cannot call
803 // CancelBlockedRequestsForRoute while iterating over
804 // blocked_loaders_map_, as it modifies it.
805 std::set<GlobalRoutingID> ids;
806 for (BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.begin();
807 iter != blocked_loaders_map_.end(); ++iter) {
808 std::pair<std::set<GlobalRoutingID>::iterator, bool> result =
809 ids.insert(iter->first);
810 // We should not have duplicates.
811 DCHECK(result.second);
812 }
813 for (std::set<GlobalRoutingID>::const_iterator iter = ids.begin();
814 iter != ids.end(); ++iter) {
815 CancelBlockedRequestsForRoute(iter->child_id, iter->route_id);
816 }
817
818 scheduler_.reset();
819 }
820
821 bool ResourceDispatcherHostImpl::OnMessageReceived(
822 const IPC::Message& message,
823 ResourceMessageFilter* filter,
824 bool* message_was_ok) {
825 filter_ = filter;
826 bool handled = true;
827 IPC_BEGIN_MESSAGE_MAP_EX(ResourceDispatcherHostImpl, message, *message_was_ok)
828 IPC_MESSAGE_HANDLER(ResourceHostMsg_RequestResource, OnRequestResource)
829 IPC_MESSAGE_HANDLER_DELAY_REPLY(ResourceHostMsg_SyncLoad, OnSyncLoad)
830 IPC_MESSAGE_HANDLER(ResourceHostMsg_ReleaseDownloadedFile,
831 OnReleaseDownloadedFile)
832 IPC_MESSAGE_HANDLER(ResourceHostMsg_DataDownloaded_ACK, OnDataDownloadedACK)
833 IPC_MESSAGE_HANDLER(ResourceHostMsg_UploadProgress_ACK, OnUploadProgressACK)
834 IPC_MESSAGE_HANDLER(ResourceHostMsg_CancelRequest, OnCancelRequest)
835 IPC_MESSAGE_UNHANDLED(handled = false)
836 IPC_END_MESSAGE_MAP_EX()
837
838 if (!handled && IPC_MESSAGE_ID_CLASS(message.type()) == ResourceMsgStart) {
839 PickleIterator iter(message);
840 int request_id = -1;
841 bool ok = iter.ReadInt(&request_id);
842 DCHECK(ok);
843 GlobalRequestID id(filter_->child_id(), request_id);
844 DelegateMap::iterator it = delegate_map_.find(id);
845 if (it != delegate_map_.end()) {
846 ObserverList<ResourceMessageDelegate>::Iterator del_it(*it->second);
847 ResourceMessageDelegate* delegate;
848 while (!handled && (delegate = del_it.GetNext()) != NULL) {
849 handled = delegate->OnMessageReceived(message, message_was_ok);
850 }
851 }
852 }
853
854 filter_ = NULL;
855 return handled;
856 }
857
858 void ResourceDispatcherHostImpl::OnRequestResource(
859 const IPC::Message& message,
860 int request_id,
861 const ResourceHostMsg_Request& request_data) {
862 BeginRequest(request_id, request_data, NULL, message.routing_id());
863 }
864
865 // Begins a resource request with the given params on behalf of the specified
866 // child process. Responses will be dispatched through the given receiver. The
867 // process ID is used to lookup WebContentsImpl from routing_id's in the case of
868 // a request from a renderer. request_context is the cookie/cache context to be
869 // used for this request.
870 //
871 // If sync_result is non-null, then a SyncLoad reply will be generated, else
872 // a normal asynchronous set of response messages will be generated.
873 void ResourceDispatcherHostImpl::OnSyncLoad(
874 int request_id,
875 const ResourceHostMsg_Request& request_data,
876 IPC::Message* sync_result) {
877 BeginRequest(request_id, request_data, sync_result,
878 sync_result->routing_id());
879 }
880
881 void ResourceDispatcherHostImpl::BeginRequest(
882 int request_id,
883 const ResourceHostMsg_Request& request_data,
884 IPC::Message* sync_result, // only valid for sync
885 int route_id) {
886 int process_type = filter_->process_type();
887 int child_id = filter_->child_id();
888
889 // Reject invalid priority.
890 int priority = static_cast<int>(request_data.priority);
891 if (priority < net::MINIMUM_PRIORITY || priority >= net::NUM_PRIORITIES) {
892 RecordAction(UserMetricsAction("BadMessageTerminate_RDH"));
893 filter_->BadMessageReceived();
894 return;
895 }
896
897 // If we crash here, figure out what URL the renderer was requesting.
898 // http://crbug.com/91398
899 char url_buf[128];
900 base::strlcpy(url_buf, request_data.url.spec().c_str(), arraysize(url_buf));
901 base::debug::Alias(url_buf);
902
903 // If the request that's coming in is being transferred from another process,
904 // we want to reuse and resume the old loader rather than start a new one.
905 linked_ptr<ResourceLoader> deferred_loader;
906 {
907 LoaderMap::iterator it = pending_loaders_.find(
908 GlobalRequestID(request_data.transferred_request_child_id,
909 request_data.transferred_request_request_id));
910 if (it != pending_loaders_.end()) {
911 if (it->second->is_transferring()) {
912 deferred_loader = it->second;
913 IncrementOutstandingRequestsMemory(-1,
914 *deferred_loader->GetRequestInfo());
915 pending_loaders_.erase(it);
916 } else {
917 RecordAction(UserMetricsAction("BadMessageTerminate_RDH"));
918 filter_->BadMessageReceived();
919 return;
920 }
921 }
922 }
923
924 ResourceContext* resource_context = NULL;
925 net::URLRequestContext* request_context = NULL;
926 filter_->GetContexts(request_data, &resource_context, &request_context);
927 // http://crbug.com/90971
928 CHECK(ContainsKey(active_resource_contexts_, resource_context));
929
930 if (is_shutdown_ ||
931 !ShouldServiceRequest(process_type, child_id, request_data,
932 filter_->file_system_context())) {
933 AbortRequestBeforeItStarts(filter_, sync_result, request_id);
934 return;
935 }
936
937 const Referrer referrer(request_data.referrer, request_data.referrer_policy);
938
939 // Allow the observer to block/handle the request.
940 if (delegate_ && !delegate_->ShouldBeginRequest(child_id,
941 route_id,
942 request_data.method,
943 request_data.url,
944 request_data.resource_type,
945 resource_context)) {
946 AbortRequestBeforeItStarts(filter_, sync_result, request_id);
947 return;
948 }
949
950 bool is_sync_load = sync_result != NULL;
951 int load_flags =
952 BuildLoadFlagsForRequest(request_data, child_id, is_sync_load);
953
954 GlobalRoutingID id(child_id, route_id);
955 if (!offline_policy_map_[id])
956 offline_policy_map_[id] = new OfflinePolicy();
957 load_flags |= offline_policy_map_[id]->GetAdditionalLoadFlags(
958 load_flags, request_data.resource_type == ResourceType::MAIN_FRAME);
959
960 // Construct the request.
961 scoped_ptr<net::URLRequest> new_request;
962 net::URLRequest* request;
963 if (deferred_loader.get()) {
964 request = deferred_loader->request();
965
966 // Give the ResourceLoader (or any of the ResourceHandlers held by it) a
967 // chance to reset some state before we complete the transfer.
968 deferred_loader->WillCompleteTransfer();
969 } else {
970 new_request.reset(request_context->CreateRequest(request_data.url, NULL));
971 request = new_request.get();
972
973 request->set_method(request_data.method);
974 request->set_first_party_for_cookies(request_data.first_party_for_cookies);
975 SetReferrerForRequest(request, referrer);
976
977 net::HttpRequestHeaders headers;
978 headers.AddHeadersFromString(request_data.headers);
979 request->SetExtraRequestHeaders(headers);
980 }
981
982 // TODO(darin): Do we really need all of these URLRequest setters in the
983 // transferred navigation case?
984
985 request->set_load_flags(load_flags);
986 request->SetPriority(request_data.priority);
987
988 // Resolve elements from request_body and prepare upload data.
989 if (request_data.request_body.get()) {
990 webkit_blob::BlobStorageContext* blob_context = NULL;
991 if (filter_->blob_storage_context())
992 blob_context = filter_->blob_storage_context()->context();
993 request->set_upload(UploadDataStreamBuilder::Build(
994 request_data.request_body.get(),
995 blob_context,
996 filter_->file_system_context(),
997 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE)
998 .get()));
999 }
1000
1001 bool allow_download = request_data.allow_download &&
1002 ResourceType::IsFrame(request_data.resource_type);
1003
1004 // Make extra info and read footer (contains request ID).
1005 ResourceRequestInfoImpl* extra_info =
1006 new ResourceRequestInfoImpl(
1007 process_type,
1008 child_id,
1009 route_id,
1010 request_data.origin_pid,
1011 request_id,
1012 request_data.is_main_frame,
1013 request_data.frame_id,
1014 request_data.parent_is_main_frame,
1015 request_data.parent_frame_id,
1016 request_data.resource_type,
1017 request_data.transition_type,
1018 false, // is download
1019 false, // is stream
1020 allow_download,
1021 request_data.has_user_gesture,
1022 request_data.referrer_policy,
1023 resource_context,
1024 !is_sync_load);
1025 extra_info->AssociateWithRequest(request); // Request takes ownership.
1026
1027 if (request->url().SchemeIs(chrome::kBlobScheme)) {
1028 // Hang on to a reference to ensure the blob is not released prior
1029 // to the job being started.
1030 webkit_blob::BlobProtocolHandler::SetRequestedBlobDataHandle(
1031 request,
1032 filter_->blob_storage_context()->context()->
1033 GetBlobDataFromPublicURL(request->url()));
1034 }
1035
1036 // Have the appcache associate its extra info with the request.
1037 appcache::AppCacheInterceptor::SetExtraRequestInfo(
1038 request, filter_->appcache_service(), child_id,
1039 request_data.appcache_host_id, request_data.resource_type);
1040
1041 // Construct the IPC resource handler.
1042 scoped_ptr<ResourceHandler> handler;
1043 if (sync_result) {
1044 handler.reset(new SyncResourceHandler(
1045 filter_, resource_context, request, sync_result, this));
1046 } else {
1047 handler.reset(new AsyncResourceHandler(
1048 filter_, resource_context, request, this));
1049 }
1050
1051 // The RedirectToFileResourceHandler depends on being next in the chain.
1052 if (request_data.download_to_file) {
1053 handler.reset(
1054 new RedirectToFileResourceHandler(handler.Pass(), child_id, this));
1055 }
1056
1057 // Install a CrossSiteResourceHandler if this request is coming from a
1058 // RenderViewHost with a pending cross-site request. We only check this for
1059 // MAIN_FRAME requests. Unblock requests only come from a blocked page, do
1060 // not count as cross-site, otherwise it gets blocked indefinitely.
1061 if (request_data.resource_type == ResourceType::MAIN_FRAME &&
1062 process_type == PROCESS_TYPE_RENDERER &&
1063 CrossSiteRequestManager::GetInstance()->
1064 HasPendingCrossSiteRequest(child_id, route_id)) {
1065 // Wrap the event handler to be sure the current page's onunload handler
1066 // has a chance to run before we render the new page.
1067 handler.reset(new CrossSiteResourceHandler(handler.Pass(), child_id,
1068 route_id, request));
1069 }
1070
1071 // Insert a buffered event handler before the actual one.
1072 handler.reset(
1073 new BufferedResourceHandler(handler.Pass(), this, request));
1074
1075 ScopedVector<ResourceThrottle> throttles;
1076 if (delegate_) {
1077 bool is_continuation_of_transferred_request =
1078 (deferred_loader.get() != NULL);
1079
1080 delegate_->RequestBeginning(request,
1081 resource_context,
1082 filter_->appcache_service(),
1083 request_data.resource_type,
1084 child_id,
1085 route_id,
1086 is_continuation_of_transferred_request,
1087 &throttles);
1088 }
1089
1090 if (request->has_upload()) {
1091 // Block power save while uploading data.
1092 throttles.push_back(new PowerSaveBlockResourceThrottle());
1093 }
1094
1095 if (request_data.resource_type == ResourceType::MAIN_FRAME) {
1096 throttles.insert(
1097 throttles.begin(),
1098 new TransferNavigationResourceThrottle(request));
1099 }
1100
1101 throttles.push_back(
1102 scheduler_->ScheduleRequest(child_id, route_id, request).release());
1103
1104 handler.reset(
1105 new ThrottlingResourceHandler(handler.Pass(), child_id, request_id,
1106 throttles.Pass()));
1107
1108 if (deferred_loader.get()) {
1109 pending_loaders_[extra_info->GetGlobalRequestID()] = deferred_loader;
1110 IncrementOutstandingRequestsMemory(1, *extra_info);
1111 deferred_loader->CompleteTransfer(handler.Pass());
1112 } else {
1113 BeginRequestInternal(new_request.Pass(), handler.Pass());
1114 }
1115 }
1116
1117 void ResourceDispatcherHostImpl::OnReleaseDownloadedFile(int request_id) {
1118 UnregisterDownloadedTempFile(filter_->child_id(), request_id);
1119 }
1120
1121 void ResourceDispatcherHostImpl::OnDataDownloadedACK(int request_id) {
1122 // TODO(michaeln): maybe throttle DataDownloaded messages
1123 }
1124
1125 void ResourceDispatcherHostImpl::RegisterDownloadedTempFile(
1126 int child_id, int request_id, ShareableFileReference* reference) {
1127 registered_temp_files_[child_id][request_id] = reference;
1128 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
1129 child_id, reference->path());
1130
1131 // When the temp file is deleted, revoke permissions that the renderer has
1132 // to that file. This covers an edge case where the file is deleted and then
1133 // the same name is re-used for some other purpose, we don't want the old
1134 // renderer to still have access to it.
1135 //
1136 // We do this when the file is deleted because the renderer can take a blob
1137 // reference to the temp file that outlives the url loaded that it was
1138 // loaded with to keep the file (and permissions) alive.
1139 reference->AddFinalReleaseCallback(
1140 base::Bind(&RemoveDownloadFileFromChildSecurityPolicy,
1141 child_id));
1142 }
1143
1144 void ResourceDispatcherHostImpl::UnregisterDownloadedTempFile(
1145 int child_id, int request_id) {
1146 DeletableFilesMap& map = registered_temp_files_[child_id];
1147 DeletableFilesMap::iterator found = map.find(request_id);
1148 if (found == map.end())
1149 return;
1150
1151 map.erase(found);
1152
1153 // Note that we don't remove the security bits here. This will be done
1154 // when all file refs are deleted (see RegisterDownloadedTempFile).
1155 }
1156
1157 bool ResourceDispatcherHostImpl::Send(IPC::Message* message) {
1158 delete message;
1159 return false;
1160 }
1161
1162 void ResourceDispatcherHostImpl::OnUploadProgressACK(int request_id) {
1163 ResourceLoader* loader = GetLoader(filter_->child_id(), request_id);
1164 if (loader)
1165 loader->OnUploadProgressACK();
1166 }
1167
1168 void ResourceDispatcherHostImpl::OnCancelRequest(int request_id) {
1169 CancelRequest(filter_->child_id(), request_id, true);
1170 }
1171
1172 ResourceRequestInfoImpl* ResourceDispatcherHostImpl::CreateRequestInfo(
1173 int child_id,
1174 int route_id,
1175 bool download,
1176 ResourceContext* context) {
1177 return new ResourceRequestInfoImpl(
1178 PROCESS_TYPE_RENDERER,
1179 child_id,
1180 route_id,
1181 0,
1182 request_id_,
1183 false, // is_main_frame
1184 -1, // frame_id
1185 false, // parent_is_main_frame
1186 -1, // parent_frame_id
1187 ResourceType::SUB_RESOURCE,
1188 PAGE_TRANSITION_LINK,
1189 download, // is_download
1190 false, // is_stream
1191 download, // allow_download
1192 false, // has_user_gesture
1193 WebKit::WebReferrerPolicyDefault,
1194 context,
1195 true); // is_async
1196 }
1197
1198 void ResourceDispatcherHostImpl::OnRenderViewHostCreated(
1199 int child_id,
1200 int route_id) {
1201 scheduler_->OnClientCreated(child_id, route_id);
1202 }
1203
1204 void ResourceDispatcherHostImpl::OnRenderViewHostDeleted(
1205 int child_id,
1206 int route_id) {
1207 scheduler_->OnClientDeleted(child_id, route_id);
1208 CancelRequestsForRoute(child_id, route_id);
1209 }
1210
1211 // This function is only used for saving feature.
1212 void ResourceDispatcherHostImpl::BeginSaveFile(
1213 const GURL& url,
1214 const Referrer& referrer,
1215 int child_id,
1216 int route_id,
1217 ResourceContext* context) {
1218 if (is_shutdown_)
1219 return;
1220
1221 // http://crbug.com/90971
1222 char url_buf[128];
1223 base::strlcpy(url_buf, url.spec().c_str(), arraysize(url_buf));
1224 base::debug::Alias(url_buf);
1225 CHECK(ContainsKey(active_resource_contexts_, context));
1226
1227 scoped_ptr<ResourceHandler> handler(
1228 new SaveFileResourceHandler(child_id,
1229 route_id,
1230 url,
1231 save_file_manager_.get()));
1232 request_id_--;
1233
1234 const net::URLRequestContext* request_context = context->GetRequestContext();
1235 bool known_proto =
1236 request_context->job_factory()->IsHandledURL(url);
1237 if (!known_proto) {
1238 // Since any URLs which have non-standard scheme have been filtered
1239 // by save manager(see GURL::SchemeIsStandard). This situation
1240 // should not happen.
1241 NOTREACHED();
1242 return;
1243 }
1244
1245 scoped_ptr<net::URLRequest> request(
1246 request_context->CreateRequest(url, NULL));
1247 request->set_method("GET");
1248 SetReferrerForRequest(request.get(), referrer);
1249
1250 // So far, for saving page, we need fetch content from cache, in the
1251 // future, maybe we can use a configuration to configure this behavior.
1252 request->set_load_flags(net::LOAD_PREFERRING_CACHE);
1253
1254 // No need to get offline load flags for save files, but make sure
1255 // we have an OfflinePolicy to receive request completions.
1256 GlobalRoutingID id(child_id, route_id);
1257 if (!offline_policy_map_[id])
1258 offline_policy_map_[id] = new OfflinePolicy();
1259
1260 // Since we're just saving some resources we need, disallow downloading.
1261 ResourceRequestInfoImpl* extra_info =
1262 CreateRequestInfo(child_id, route_id, false, context);
1263 extra_info->AssociateWithRequest(request.get()); // Request takes ownership.
1264
1265 BeginRequestInternal(request.Pass(), handler.Pass());
1266 }
1267
1268 void ResourceDispatcherHostImpl::MarkAsTransferredNavigation(
1269 const GlobalRequestID& id, const GURL& target_url) {
1270 GetLoader(id)->MarkAsTransferring(target_url);
1271 }
1272
1273 void ResourceDispatcherHostImpl::ResumeDeferredNavigation(
1274 const GlobalRequestID& id) {
1275 ResourceLoader* loader = GetLoader(id);
1276 if (loader) {
1277 // The response we were meant to resume could have already been canceled.
1278 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
1279 if (info->cross_site_handler())
1280 info->cross_site_handler()->ResumeResponse();
1281 }
1282 }
1283
1284 // The object died, so cancel and detach all requests associated with it except
1285 // for downloads, which belong to the browser process even if initiated via a
1286 // renderer.
1287 void ResourceDispatcherHostImpl::CancelRequestsForProcess(int child_id) {
1288 CancelRequestsForRoute(child_id, -1 /* cancel all */);
1289 registered_temp_files_.erase(child_id);
1290 }
1291
1292 void ResourceDispatcherHostImpl::CancelRequestsForRoute(int child_id,
1293 int route_id) {
1294 // Since pending_requests_ is a map, we first build up a list of all of the
1295 // matching requests to be cancelled, and then we cancel them. Since there
1296 // may be more than one request to cancel, we cannot simply hold onto the map
1297 // iterators found in the first loop.
1298
1299 // Find the global ID of all matching elements.
1300 std::vector<GlobalRequestID> matching_requests;
1301 for (LoaderMap::const_iterator i = pending_loaders_.begin();
1302 i != pending_loaders_.end(); ++i) {
1303 if (i->first.child_id != child_id)
1304 continue;
1305
1306 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1307
1308 GlobalRequestID id(child_id, i->first.request_id);
1309 DCHECK(id == i->first);
1310
1311 // Don't cancel navigations that are transferring to another process,
1312 // since they belong to another process now.
1313 if (!info->is_download() && !info->is_stream() &&
1314 !IsTransferredNavigation(id) &&
1315 (route_id == -1 || route_id == info->GetRouteID())) {
1316 matching_requests.push_back(id);
1317 }
1318 }
1319
1320 // Remove matches.
1321 for (size_t i = 0; i < matching_requests.size(); ++i) {
1322 LoaderMap::iterator iter = pending_loaders_.find(matching_requests[i]);
1323 // Although every matching request was in pending_requests_ when we built
1324 // matching_requests, it is normal for a matching request to be not found
1325 // in pending_requests_ after we have removed some matching requests from
1326 // pending_requests_. For example, deleting a net::URLRequest that has
1327 // exclusive (write) access to an HTTP cache entry may unblock another
1328 // net::URLRequest that needs exclusive access to the same cache entry, and
1329 // that net::URLRequest may complete and remove itself from
1330 // pending_requests_. So we need to check that iter is not equal to
1331 // pending_requests_.end().
1332 if (iter != pending_loaders_.end())
1333 RemovePendingLoader(iter);
1334 }
1335
1336 // Now deal with blocked requests if any.
1337 if (route_id != -1) {
1338 if (blocked_loaders_map_.find(GlobalRoutingID(child_id, route_id)) !=
1339 blocked_loaders_map_.end()) {
1340 CancelBlockedRequestsForRoute(child_id, route_id);
1341 }
1342 } else {
1343 // We have to do all render views for the process |child_id|.
1344 // Note that we have to do this in 2 passes as we cannot call
1345 // CancelBlockedRequestsForRoute while iterating over
1346 // blocked_loaders_map_, as it modifies it.
1347 std::set<int> route_ids;
1348 for (BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.begin();
1349 iter != blocked_loaders_map_.end(); ++iter) {
1350 if (iter->first.child_id == child_id)
1351 route_ids.insert(iter->first.route_id);
1352 }
1353 for (std::set<int>::const_iterator iter = route_ids.begin();
1354 iter != route_ids.end(); ++iter) {
1355 CancelBlockedRequestsForRoute(child_id, *iter);
1356 }
1357 }
1358
1359 // Cleanup the offline state for the route.
1360 if (-1 != route_id) {
1361 OfflineMap::iterator it = offline_policy_map_.find(
1362 GlobalRoutingID(child_id, route_id));
1363 if (offline_policy_map_.end() != it) {
1364 delete it->second;
1365 offline_policy_map_.erase(it);
1366 }
1367 } else {
1368 for (OfflineMap::iterator it = offline_policy_map_.begin();
1369 offline_policy_map_.end() != it;) {
1370 // Increment iterator so deletion doesn't invalidate it.
1371 OfflineMap::iterator current_it = it++;
1372
1373 if (child_id == current_it->first.child_id) {
1374 delete current_it->second;
1375 offline_policy_map_.erase(current_it);
1376 }
1377 }
1378 }
1379 }
1380
1381 // Cancels the request and removes it from the list.
1382 void ResourceDispatcherHostImpl::RemovePendingRequest(int child_id,
1383 int request_id) {
1384 LoaderMap::iterator i = pending_loaders_.find(
1385 GlobalRequestID(child_id, request_id));
1386 if (i == pending_loaders_.end()) {
1387 NOTREACHED() << "Trying to remove a request that's not here";
1388 return;
1389 }
1390 RemovePendingLoader(i);
1391 }
1392
1393 void ResourceDispatcherHostImpl::RemovePendingLoader(
1394 const LoaderMap::iterator& iter) {
1395 ResourceRequestInfoImpl* info = iter->second->GetRequestInfo();
1396
1397 // Remove the memory credit that we added when pushing the request onto
1398 // the pending list.
1399 IncrementOutstandingRequestsMemory(-1, *info);
1400
1401 pending_loaders_.erase(iter);
1402
1403 // If we have no more pending requests, then stop the load state monitor
1404 if (pending_loaders_.empty() && update_load_states_timer_)
1405 update_load_states_timer_->Stop();
1406 }
1407
1408 void ResourceDispatcherHostImpl::CancelRequest(int child_id,
1409 int request_id,
1410 bool from_renderer) {
1411 if (from_renderer) {
1412 // When the old renderer dies, it sends a message to us to cancel its
1413 // requests.
1414 if (IsTransferredNavigation(GlobalRequestID(child_id, request_id)))
1415 return;
1416 }
1417
1418 ResourceLoader* loader = GetLoader(child_id, request_id);
1419 if (!loader) {
1420 // We probably want to remove this warning eventually, but I wanted to be
1421 // able to notice when this happens during initial development since it
1422 // should be rare and may indicate a bug.
1423 DVLOG(1) << "Canceling a request that wasn't found";
1424 return;
1425 }
1426
1427 loader->CancelRequest(from_renderer);
1428 }
1429
1430 ResourceDispatcherHostImpl::OustandingRequestsStats
1431 ResourceDispatcherHostImpl::GetOutstandingRequestsStats(
1432 const ResourceRequestInfoImpl& info) {
1433 OutstandingRequestsStatsMap::iterator entry =
1434 outstanding_requests_stats_map_.find(info.GetChildID());
1435 OustandingRequestsStats stats = { 0, 0 };
1436 if (entry != outstanding_requests_stats_map_.end())
1437 stats = entry->second;
1438 return stats;
1439 }
1440
1441 void ResourceDispatcherHostImpl::UpdateOutstandingRequestsStats(
1442 const ResourceRequestInfoImpl& info,
1443 const OustandingRequestsStats& stats) {
1444 if (stats.memory_cost == 0 && stats.num_requests == 0)
1445 outstanding_requests_stats_map_.erase(info.GetChildID());
1446 else
1447 outstanding_requests_stats_map_[info.GetChildID()] = stats;
1448 }
1449
1450 ResourceDispatcherHostImpl::OustandingRequestsStats
1451 ResourceDispatcherHostImpl::IncrementOutstandingRequestsMemory(
1452 int count,
1453 const ResourceRequestInfoImpl& info) {
1454 DCHECK_EQ(1, abs(count));
1455
1456 // Retrieve the previous value (defaulting to 0 if not found).
1457 OustandingRequestsStats stats = GetOutstandingRequestsStats(info);
1458
1459 // Insert/update the total; delete entries when their count reaches 0.
1460 stats.memory_cost += count * info.memory_cost();
1461 DCHECK_GE(stats.memory_cost, 0);
1462 UpdateOutstandingRequestsStats(info, stats);
1463
1464 return stats;
1465 }
1466
1467 ResourceDispatcherHostImpl::OustandingRequestsStats
1468 ResourceDispatcherHostImpl::IncrementOutstandingRequestsCount(
1469 int count,
1470 const ResourceRequestInfoImpl& info) {
1471 DCHECK_EQ(1, abs(count));
1472 num_in_flight_requests_ += count;
1473
1474 OustandingRequestsStats stats = GetOutstandingRequestsStats(info);
1475 stats.num_requests += count;
1476 DCHECK_GE(stats.num_requests, 0);
1477 UpdateOutstandingRequestsStats(info, stats);
1478
1479 return stats;
1480 }
1481
1482 bool ResourceDispatcherHostImpl::HasSufficientResourcesForRequest(
1483 const net::URLRequest* request_) {
1484 const ResourceRequestInfoImpl* info =
1485 ResourceRequestInfoImpl::ForRequest(request_);
1486 OustandingRequestsStats stats = IncrementOutstandingRequestsCount(1, *info);
1487
1488 if (stats.num_requests > max_num_in_flight_requests_per_process_)
1489 return false;
1490 if (num_in_flight_requests_ > max_num_in_flight_requests_)
1491 return false;
1492
1493 return true;
1494 }
1495
1496 void ResourceDispatcherHostImpl::FinishedWithResourcesForRequest(
1497 const net::URLRequest* request_) {
1498 const ResourceRequestInfoImpl* info =
1499 ResourceRequestInfoImpl::ForRequest(request_);
1500 IncrementOutstandingRequestsCount(-1, *info);
1501 }
1502
1503 // static
1504 int ResourceDispatcherHostImpl::CalculateApproximateMemoryCost(
1505 net::URLRequest* request) {
1506 // The following fields should be a minor size contribution (experimentally
1507 // on the order of 100). However since they are variable length, it could
1508 // in theory be a sizeable contribution.
1509 int strings_cost = request->extra_request_headers().ToString().size() +
1510 request->original_url().spec().size() +
1511 request->referrer().size() +
1512 request->method().size();
1513
1514 // Note that this expression will typically be dominated by:
1515 // |kAvgBytesPerOutstandingRequest|.
1516 return kAvgBytesPerOutstandingRequest + strings_cost;
1517 }
1518
1519 void ResourceDispatcherHostImpl::BeginRequestInternal(
1520 scoped_ptr<net::URLRequest> request,
1521 scoped_ptr<ResourceHandler> handler) {
1522 DCHECK(!request->is_pending());
1523 ResourceRequestInfoImpl* info =
1524 ResourceRequestInfoImpl::ForRequest(request.get());
1525
1526 if ((TimeTicks::Now() - last_user_gesture_time_) <
1527 TimeDelta::FromMilliseconds(kUserGestureWindowMs)) {
1528 request->set_load_flags(
1529 request->load_flags() | net::LOAD_MAYBE_USER_GESTURE);
1530 }
1531
1532 // Add the memory estimate that starting this request will consume.
1533 info->set_memory_cost(CalculateApproximateMemoryCost(request.get()));
1534
1535 // If enqueing/starting this request will exceed our per-process memory
1536 // bound, abort it right away.
1537 OustandingRequestsStats stats = IncrementOutstandingRequestsMemory(1, *info);
1538 if (stats.memory_cost > max_outstanding_requests_cost_per_process_) {
1539 // We call "CancelWithError()" as a way of setting the net::URLRequest's
1540 // status -- it has no effect beyond this, since the request hasn't started.
1541 request->CancelWithError(net::ERR_INSUFFICIENT_RESOURCES);
1542
1543 if (!handler->OnResponseCompleted(info->GetRequestID(), request->status(),
1544 std::string())) {
1545 // TODO(darin): The handler is not ready for us to kill the request. Oops!
1546 NOTREACHED();
1547 }
1548
1549 IncrementOutstandingRequestsMemory(-1, *info);
1550
1551 // A ResourceHandler must not outlive its associated URLRequest.
1552 handler.reset();
1553 return;
1554 }
1555
1556 linked_ptr<ResourceLoader> loader(
1557 new ResourceLoader(request.Pass(), handler.Pass(), this));
1558
1559 GlobalRoutingID id(info->GetGlobalRoutingID());
1560 BlockedLoadersMap::const_iterator iter = blocked_loaders_map_.find(id);
1561 if (iter != blocked_loaders_map_.end()) {
1562 // The request should be blocked.
1563 iter->second->push_back(loader);
1564 return;
1565 }
1566
1567 StartLoading(info, loader);
1568 }
1569
1570 void ResourceDispatcherHostImpl::StartLoading(
1571 ResourceRequestInfoImpl* info,
1572 const linked_ptr<ResourceLoader>& loader) {
1573 pending_loaders_[info->GetGlobalRequestID()] = loader;
1574
1575 loader->StartRequest();
1576 }
1577
1578 void ResourceDispatcherHostImpl::OnUserGesture(WebContentsImpl* contents) {
1579 last_user_gesture_time_ = TimeTicks::Now();
1580 }
1581
1582 net::URLRequest* ResourceDispatcherHostImpl::GetURLRequest(
1583 const GlobalRequestID& id) {
1584 ResourceLoader* loader = GetLoader(id);
1585 if (!loader)
1586 return NULL;
1587
1588 return loader->request();
1589 }
1590
1591 namespace {
1592
1593 // This function attempts to return the "more interesting" load state of |a|
1594 // and |b|. We don't have temporal information about these load states
1595 // (meaning we don't know when we transitioned into these states), so we just
1596 // rank them according to how "interesting" the states are.
1597 //
1598 // We take advantage of the fact that the load states are an enumeration listed
1599 // in the order in which they occur during the lifetime of a request, so we can
1600 // regard states with larger numeric values as being further along toward
1601 // completion. We regard those states as more interesting to report since they
1602 // represent progress.
1603 //
1604 // For example, by this measure "tranferring data" is a more interesting state
1605 // than "resolving host" because when we are transferring data we are actually
1606 // doing something that corresponds to changes that the user might observe,
1607 // whereas waiting for a host name to resolve implies being stuck.
1608 //
1609 const net::LoadStateWithParam& MoreInterestingLoadState(
1610 const net::LoadStateWithParam& a, const net::LoadStateWithParam& b) {
1611 return (a.state < b.state) ? b : a;
1612 }
1613
1614 // Carries information about a load state change.
1615 struct LoadInfo {
1616 GURL url;
1617 net::LoadStateWithParam load_state;
1618 uint64 upload_position;
1619 uint64 upload_size;
1620 };
1621
1622 // Map from ProcessID+RouteID pair to LoadState
1623 typedef std::map<GlobalRoutingID, LoadInfo> LoadInfoMap;
1624
1625 // Used to marshal calls to LoadStateChanged from the IO to UI threads. We do
1626 // them all as a single callback to avoid spamming the UI thread.
1627 void LoadInfoUpdateCallback(const LoadInfoMap& info_map) {
1628 LoadInfoMap::const_iterator i;
1629 for (i = info_map.begin(); i != info_map.end(); ++i) {
1630 RenderViewHostImpl* view =
1631 RenderViewHostImpl::FromID(i->first.child_id, i->first.route_id);
1632 if (view) // The view could be gone at this point.
1633 view->LoadStateChanged(i->second.url, i->second.load_state,
1634 i->second.upload_position,
1635 i->second.upload_size);
1636 }
1637 }
1638
1639 } // namespace
1640
1641 void ResourceDispatcherHostImpl::UpdateLoadStates() {
1642 // Populate this map with load state changes, and then send them on to the UI
1643 // thread where they can be passed along to the respective RVHs.
1644 LoadInfoMap info_map;
1645
1646 LoaderMap::const_iterator i;
1647
1648 // Determine the largest upload size of all requests
1649 // in each View (good chance it's zero).
1650 std::map<GlobalRoutingID, uint64> largest_upload_size;
1651 for (i = pending_loaders_.begin(); i != pending_loaders_.end(); ++i) {
1652 net::URLRequest* request = i->second->request();
1653 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1654 uint64 upload_size = request->GetUploadProgress().size();
1655 if (request->GetLoadState().state != net::LOAD_STATE_SENDING_REQUEST)
1656 upload_size = 0;
1657 GlobalRoutingID id(info->GetGlobalRoutingID());
1658 if (upload_size && largest_upload_size[id] < upload_size)
1659 largest_upload_size[id] = upload_size;
1660 }
1661
1662 for (i = pending_loaders_.begin(); i != pending_loaders_.end(); ++i) {
1663 net::URLRequest* request = i->second->request();
1664 ResourceRequestInfoImpl* info = i->second->GetRequestInfo();
1665 net::LoadStateWithParam load_state = request->GetLoadState();
1666 net::UploadProgress progress = request->GetUploadProgress();
1667
1668 // We also poll for upload progress on this timer and send upload
1669 // progress ipc messages to the plugin process.
1670 i->second->ReportUploadProgress();
1671
1672 GlobalRoutingID id(info->GetGlobalRoutingID());
1673
1674 // If a request is uploading data, ignore all other requests so that the
1675 // upload progress takes priority for being shown in the status bar.
1676 if (largest_upload_size.find(id) != largest_upload_size.end() &&
1677 progress.size() < largest_upload_size[id])
1678 continue;
1679
1680 net::LoadStateWithParam to_insert = load_state;
1681 LoadInfoMap::iterator existing = info_map.find(id);
1682 if (existing != info_map.end()) {
1683 to_insert =
1684 MoreInterestingLoadState(existing->second.load_state, load_state);
1685 if (to_insert.state == existing->second.load_state.state)
1686 continue;
1687 }
1688 LoadInfo& load_info = info_map[id];
1689 load_info.url = request->url();
1690 load_info.load_state = to_insert;
1691 load_info.upload_size = progress.size();
1692 load_info.upload_position = progress.position();
1693 }
1694
1695 if (info_map.empty())
1696 return;
1697
1698 BrowserThread::PostTask(
1699 BrowserThread::UI, FROM_HERE,
1700 base::Bind(&LoadInfoUpdateCallback, info_map));
1701 }
1702
1703 void ResourceDispatcherHostImpl::BlockRequestsForRoute(int child_id,
1704 int route_id) {
1705 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1706 GlobalRoutingID key(child_id, route_id);
1707 DCHECK(blocked_loaders_map_.find(key) == blocked_loaders_map_.end()) <<
1708 "BlockRequestsForRoute called multiple time for the same RVH";
1709 blocked_loaders_map_[key] = new BlockedLoadersList();
1710 }
1711
1712 void ResourceDispatcherHostImpl::ResumeBlockedRequestsForRoute(int child_id,
1713 int route_id) {
1714 ProcessBlockedRequestsForRoute(child_id, route_id, false);
1715 }
1716
1717 void ResourceDispatcherHostImpl::CancelBlockedRequestsForRoute(int child_id,
1718 int route_id) {
1719 ProcessBlockedRequestsForRoute(child_id, route_id, true);
1720 }
1721
1722 void ResourceDispatcherHostImpl::ProcessBlockedRequestsForRoute(
1723 int child_id,
1724 int route_id,
1725 bool cancel_requests) {
1726 BlockedLoadersMap::iterator iter = blocked_loaders_map_.find(
1727 GlobalRoutingID(child_id, route_id));
1728 if (iter == blocked_loaders_map_.end()) {
1729 // It's possible to reach here if the renderer crashed while an interstitial
1730 // page was showing.
1731 return;
1732 }
1733
1734 BlockedLoadersList* loaders = iter->second;
1735
1736 // Removing the vector from the map unblocks any subsequent requests.
1737 blocked_loaders_map_.erase(iter);
1738
1739 for (BlockedLoadersList::iterator loaders_iter = loaders->begin();
1740 loaders_iter != loaders->end(); ++loaders_iter) {
1741 linked_ptr<ResourceLoader> loader = *loaders_iter;
1742 ResourceRequestInfoImpl* info = loader->GetRequestInfo();
1743 if (cancel_requests) {
1744 IncrementOutstandingRequestsMemory(-1, *info);
1745 } else {
1746 StartLoading(info, loader);
1747 }
1748 }
1749
1750 delete loaders;
1751 }
1752
1753 ResourceDispatcherHostImpl::HttpAuthRelationType
1754 ResourceDispatcherHostImpl::HttpAuthRelationTypeOf(
1755 const GURL& request_url,
1756 const GURL& first_party) {
1757 if (!first_party.is_valid())
1758 return HTTP_AUTH_RELATION_TOP;
1759
1760 if (net::registry_controlled_domains::SameDomainOrHost(
1761 first_party, request_url,
1762 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES))
1763 return HTTP_AUTH_RELATION_SAME_DOMAIN;
1764
1765 if (allow_cross_origin_auth_prompt())
1766 return HTTP_AUTH_RELATION_ALLOWED_CROSS;
1767
1768 return HTTP_AUTH_RELATION_BLOCKED_CROSS;
1769 }
1770
1771 bool ResourceDispatcherHostImpl::allow_cross_origin_auth_prompt() {
1772 return allow_cross_origin_auth_prompt_;
1773 }
1774
1775 bool ResourceDispatcherHostImpl::IsTransferredNavigation(
1776 const GlobalRequestID& id) const {
1777 ResourceLoader* loader = GetLoader(id);
1778 return loader ? loader->is_transferring() : false;
1779 }
1780
1781 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(
1782 const GlobalRequestID& id) const {
1783 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
1784
1785 LoaderMap::const_iterator i = pending_loaders_.find(id);
1786 if (i == pending_loaders_.end())
1787 return NULL;
1788
1789 return i->second.get();
1790 }
1791
1792 ResourceLoader* ResourceDispatcherHostImpl::GetLoader(int child_id,
1793 int request_id) const {
1794 return GetLoader(GlobalRequestID(child_id, request_id));
1795 }
1796
1797 void ResourceDispatcherHostImpl::RegisterResourceMessageDelegate(
1798 const GlobalRequestID& id, ResourceMessageDelegate* delegate) {
1799 DelegateMap::iterator it = delegate_map_.find(id);
1800 if (it == delegate_map_.end()) {
1801 it = delegate_map_.insert(
1802 std::make_pair(id, new ObserverList<ResourceMessageDelegate>)).first;
1803 }
1804 it->second->AddObserver(delegate);
1805 }
1806
1807 void ResourceDispatcherHostImpl::UnregisterResourceMessageDelegate(
1808 const GlobalRequestID& id, ResourceMessageDelegate* delegate) {
1809 DCHECK(ContainsKey(delegate_map_, id));
1810 DelegateMap::iterator it = delegate_map_.find(id);
1811 DCHECK(it->second->HasObserver(delegate));
1812 it->second->RemoveObserver(delegate);
1813 if (!it->second->might_have_observers()) {
1814 delete it->second;
1815 delegate_map_.erase(it);
1816 }
1817 }
1818
1819 int ResourceDispatcherHostImpl::BuildLoadFlagsForRequest(
1820 const ResourceHostMsg_Request& request_data,
1821 int child_id,
1822 bool is_sync_load) {
1823 int load_flags = request_data.load_flags;
1824
1825 // Although EV status is irrelevant to sub-frames and sub-resources, we have
1826 // to perform EV certificate verification on all resources because an HTTP
1827 // keep-alive connection created to load a sub-frame or a sub-resource could
1828 // be reused to load a main frame.
1829 load_flags |= net::LOAD_VERIFY_EV_CERT;
1830 if (request_data.resource_type == ResourceType::MAIN_FRAME) {
1831 load_flags |= net::LOAD_MAIN_FRAME;
1832 } else if (request_data.resource_type == ResourceType::SUB_FRAME) {
1833 load_flags |= net::LOAD_SUB_FRAME;
1834 } else if (request_data.resource_type == ResourceType::PREFETCH) {
1835 load_flags |= (net::LOAD_PREFETCH | net::LOAD_DO_NOT_PROMPT_FOR_LOGIN);
1836 } else if (request_data.resource_type == ResourceType::FAVICON) {
1837 load_flags |= net::LOAD_DO_NOT_PROMPT_FOR_LOGIN;
1838 } else if (request_data.resource_type == ResourceType::IMAGE) {
1839 // Prevent third-party image content from prompting for login, as this
1840 // is often a scam to extract credentials for another domain from the user.
1841 // Only block image loads, as the attack applies largely to the "src"
1842 // property of the <img> tag. It is common for web properties to allow
1843 // untrusted values for <img src>; this is considered a fair thing for an
1844 // HTML sanitizer to do. Conversely, any HTML sanitizer that didn't
1845 // filter sources for <script>, <link>, <embed>, <object>, <iframe> tags
1846 // would be considered vulnerable in and of itself.
1847 HttpAuthRelationType relation_type = HttpAuthRelationTypeOf(
1848 request_data.url, request_data.first_party_for_cookies);
1849 if (relation_type == HTTP_AUTH_RELATION_BLOCKED_CROSS) {
1850 load_flags |= (net::LOAD_DO_NOT_SEND_AUTH_DATA |
1851 net::LOAD_DO_NOT_PROMPT_FOR_LOGIN);
1852 }
1853 }
1854
1855 if (is_sync_load)
1856 load_flags |= net::LOAD_IGNORE_LIMITS;
1857
1858 ChildProcessSecurityPolicyImpl* policy =
1859 ChildProcessSecurityPolicyImpl::GetInstance();
1860 if (!policy->CanSendCookiesForOrigin(child_id, request_data.url)) {
1861 load_flags |= (net::LOAD_DO_NOT_SEND_COOKIES |
1862 net::LOAD_DO_NOT_SEND_AUTH_DATA |
1863 net::LOAD_DO_NOT_SAVE_COOKIES);
1864 }
1865
1866 // Raw headers are sensitive, as they include Cookie/Set-Cookie, so only
1867 // allow requesting them if requester has ReadRawCookies permission.
1868 if ((load_flags & net::LOAD_REPORT_RAW_HEADERS)
1869 && !policy->CanReadRawCookies(child_id)) {
1870 VLOG(1) << "Denied unauthorized request for raw headers";
1871 load_flags &= ~net::LOAD_REPORT_RAW_HEADERS;
1872 }
1873
1874 return load_flags;
1875 }
1876
1877 } // namespace content