1 /* 2 * Copyright (C) 2010 Google Inc. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are 6 * met: 7 * 8 * * Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * * Redistributions in binary form must reproduce the above 11 * copyright notice, this list of conditions and the following disclaimer 12 * in the documentation and/or other materials provided with the 13 * distribution. 14 * * Neither the name of Google Inc. nor the names of its 15 * contributors may be used to endorse or promote products derived from 16 * this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * 30 */ 31 32 #include "config.h" 33 #include "core/loader/PingLoader.h" 34 35 #include "core/dom/Document.h" 36 #include "core/inspector/InspectorInstrumentation.h" 37 #include "core/loader/FrameLoader.h" 38 #include "core/loader/FrameLoaderClient.h" 39 #include "core/loader/UniqueIdentifier.h" 40 #include "core/page/Frame.h" 41 #include "core/platform/chromium/support/WrappedResourceRequest.h" 42 #include "core/platform/network/FormData.h" 43 #include "core/platform/network/ResourceRequest.h" 44 #include "core/platform/network/ResourceResponse.h" 45 #include "public/platform/Platform.h" 46 #include "public/platform/WebURLLoader.h" 47 #include "weborigin/SecurityOrigin.h" 48 #include "weborigin/SecurityPolicy.h" 49 #include "wtf/OwnPtr.h" 50 #include "wtf/UnusedParam.h" 51 52 namespace WebCore { 53 54 void PingLoader::loadImage(Frame* frame, const KURL& url) 55 { 56 if (!frame->document()->securityOrigin()->canDisplay(url)) { 57 FrameLoader::reportLocalLoadFailed(frame, url.string()); 58 return; 59 } 60 61 ResourceRequest request(url); 62 request.setTargetType(ResourceRequest::TargetIsImage); 63 request.setHTTPHeaderField("Cache-Control", "max-age=0"); 64 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), request.url(), frame->loader()->outgoingReferrer()); 65 if (!referrer.isEmpty()) 66 request.setHTTPReferrer(referrer); 67 frame->loader()->addExtraFieldsToRequest(request); 68 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); 69 70 // Leak the ping loader, since it will kill itself as soon as it receives a response. 71 PingLoader* leakedPingLoader = pingLoader.leakPtr(); 72 UNUSED_PARAM(leakedPingLoader); 73 } 74 75 // http://www.whatwg.org/specs/web-apps/current-work/multipage/links.html#hyperlink-auditing 76 void PingLoader::sendPing(Frame* frame, const KURL& pingURL, const KURL& destinationURL) 77 { 78 ResourceRequest request(pingURL); 79 request.setTargetType(ResourceRequest::TargetIsSubresource); 80 request.setHTTPMethod("POST"); 81 request.setHTTPContentType("text/ping"); 82 request.setHTTPBody(FormData::create("PING")); 83 request.setHTTPHeaderField("Cache-Control", "max-age=0"); 84 frame->loader()->addExtraFieldsToRequest(request); 85 86 SecurityOrigin* sourceOrigin = frame->document()->securityOrigin(); 87 RefPtr<SecurityOrigin> pingOrigin = SecurityOrigin::create(pingURL); 88 FrameLoader::addHTTPOriginIfNeeded(request, sourceOrigin->toString()); 89 request.setHTTPHeaderField("Ping-To", destinationURL.string()); 90 if (!SecurityPolicy::shouldHideReferrer(pingURL, frame->loader()->outgoingReferrer())) { 91 request.setHTTPHeaderField("Ping-From", frame->document()->url().string()); 92 if (!sourceOrigin->isSameSchemeHostPort(pingOrigin.get())) { 93 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), pingURL, frame->loader()->outgoingReferrer()); 94 if (!referrer.isEmpty()) 95 request.setHTTPReferrer(referrer); 96 } 97 } 98 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request)); 99 100 // Leak the ping loader, since it will kill itself as soon as it receives a response. 101 PingLoader* leakedPingLoader = pingLoader.leakPtr(); 102 UNUSED_PARAM(leakedPingLoader); 103 } 104 105 void PingLoader::sendViolationReport(Frame* frame, const KURL& reportURL, PassRefPtr<FormData> report, ViolationReportType type) 106 { 107 ResourceRequest request(reportURL); 108 request.setTargetType(ResourceRequest::TargetIsSubresource); 109 request.setHTTPMethod("POST"); 110 request.setHTTPContentType(type == ContentSecurityPolicyViolationReport ? "application/csp-report" : "application/json"); 111 request.setHTTPBody(report); 112 frame->loader()->addExtraFieldsToRequest(request); 113 114 String referrer = SecurityPolicy::generateReferrerHeader(frame->document()->referrerPolicy(), reportURL, frame->loader()->outgoingReferrer()); 115 if (!referrer.isEmpty()) 116 request.setHTTPReferrer(referrer); 117 OwnPtr<PingLoader> pingLoader = adoptPtr(new PingLoader(frame, request, SecurityOrigin::create(reportURL)->isSameSchemeHostPort(frame->document()->securityOrigin()) ? AllowStoredCredentials : DoNotAllowStoredCredentials)); 118 119 // Leak the ping loader, since it will kill itself as soon as it receives a response. 120 PingLoader* leakedPingLoader = pingLoader.leakPtr(); 121 UNUSED_PARAM(leakedPingLoader); 122 } 123 124 PingLoader::PingLoader(Frame* frame, ResourceRequest& request, StoredCredentials credentialsAllowed) 125 : m_timeout(this, &PingLoader::timeout) 126 { 127 frame->loader()->client()->didDispatchPingLoader(request.url()); 128 129 unsigned long identifier = createUniqueIdentifier(); 130 m_loader = adoptPtr(WebKit::Platform::current()->createURLLoader()); 131 ASSERT(m_loader); 132 WebKit::WrappedResourceRequest wrappedRequest(request); 133 wrappedRequest.setAllowStoredCredentials(credentialsAllowed == AllowStoredCredentials); 134 m_loader->loadAsynchronously(wrappedRequest, this); 135 136 InspectorInstrumentation::continueAfterPingLoader(frame, identifier, frame->loader()->activeDocumentLoader(), request, ResourceResponse()); 137 138 // If the server never responds, FrameLoader won't be able to cancel this load and 139 // we'll sit here waiting forever. Set a very generous timeout, just in case. 140 m_timeout.startOneShot(60000); 141 } 142 143 PingLoader::~PingLoader() 144 { 145 if (m_loader) 146 m_loader->cancel(); 147 } 148 149 } 150