1 /* 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010 Apple Inc. All rights reserved. 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmobile.com/) 5 * Copyright (C) 2009 Adam Barth. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 17 * its contributors may be used to endorse or promote products derived 18 * from this software without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY 21 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 22 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 23 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY 24 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 27 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 #include "config.h" 33 #include "core/loader/NavigationScheduler.h" 34 35 #include "bindings/v8/ScriptController.h" 36 #include "core/events/Event.h" 37 #include "core/html/HTMLFormElement.h" 38 #include "core/inspector/InspectorInstrumentation.h" 39 #include "core/loader/DocumentLoader.h" 40 #include "core/loader/FormState.h" 41 #include "core/loader/FormSubmission.h" 42 #include "core/loader/FrameLoadRequest.h" 43 #include "core/loader/FrameLoader.h" 44 #include "core/loader/FrameLoaderClient.h" 45 #include "core/loader/FrameLoaderStateMachine.h" 46 #include "core/frame/Frame.h" 47 #include "core/page/BackForwardClient.h" 48 #include "core/page/Page.h" 49 #include "platform/UserGestureIndicator.h" 50 #include "wtf/CurrentTime.h" 51 52 namespace WebCore { 53 54 unsigned NavigationDisablerForBeforeUnload::s_navigationDisableCount = 0; 55 56 class ScheduledNavigation { 57 WTF_MAKE_NONCOPYABLE(ScheduledNavigation); WTF_MAKE_FAST_ALLOCATED; 58 public: 59 ScheduledNavigation(double delay, bool lockBackForwardList, bool isLocationChange) 60 : m_delay(delay) 61 , m_lockBackForwardList(lockBackForwardList) 62 , m_isLocationChange(isLocationChange) 63 , m_wasUserGesture(UserGestureIndicator::processingUserGesture()) 64 { 65 if (m_wasUserGesture) 66 m_userGestureToken = UserGestureIndicator::currentToken(); 67 } 68 virtual ~ScheduledNavigation() { } 69 70 virtual void fire(Frame*) = 0; 71 72 virtual bool shouldStartTimer(Frame*) { return true; } 73 74 double delay() const { return m_delay; } 75 bool lockBackForwardList() const { return m_lockBackForwardList; } 76 bool isLocationChange() const { return m_isLocationChange; } 77 PassOwnPtr<UserGestureIndicator> createUserGestureIndicator() 78 { 79 if (m_wasUserGesture && m_userGestureToken) 80 return adoptPtr(new UserGestureIndicator(m_userGestureToken)); 81 return adoptPtr(new UserGestureIndicator(DefinitelyNotProcessingUserGesture)); 82 } 83 84 virtual bool isForm() const { return false; } 85 86 protected: 87 void clearUserGesture() { m_wasUserGesture = false; } 88 89 private: 90 double m_delay; 91 bool m_lockBackForwardList; 92 bool m_isLocationChange; 93 bool m_wasUserGesture; 94 RefPtr<UserGestureToken> m_userGestureToken; 95 }; 96 97 class ScheduledURLNavigation : public ScheduledNavigation { 98 protected: 99 ScheduledURLNavigation(double delay, Document* originDocument, const String& url, const String& referrer, bool lockBackForwardList, bool isLocationChange) 100 : ScheduledNavigation(delay, lockBackForwardList, isLocationChange) 101 , m_originDocument(originDocument) 102 , m_url(url) 103 , m_referrer(referrer) 104 { 105 } 106 107 virtual void fire(Frame* frame) 108 { 109 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator(); 110 FrameLoadRequest request(m_originDocument.get(), ResourceRequest(KURL(ParsedURLString, m_url), m_referrer), "_self"); 111 request.setLockBackForwardList(lockBackForwardList()); 112 request.setClientRedirect(ClientRedirect); 113 frame->loader().load(request); 114 } 115 116 Document* originDocument() const { return m_originDocument.get(); } 117 String url() const { return m_url; } 118 String referrer() const { return m_referrer; } 119 120 private: 121 RefPtr<Document> m_originDocument; 122 String m_url; 123 String m_referrer; 124 }; 125 126 class ScheduledRedirect : public ScheduledURLNavigation { 127 public: 128 ScheduledRedirect(double delay, Document* originDocument, const String& url, bool lockBackForwardList) 129 : ScheduledURLNavigation(delay, originDocument, url, String(), lockBackForwardList, false) 130 { 131 clearUserGesture(); 132 } 133 134 virtual bool shouldStartTimer(Frame* frame) { return frame->loader().allAncestorsAreComplete(); } 135 136 virtual void fire(Frame* frame) 137 { 138 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator(); 139 FrameLoadRequest request(originDocument(), ResourceRequest(KURL(ParsedURLString, url()), referrer()), "_self"); 140 request.setLockBackForwardList(lockBackForwardList()); 141 if (equalIgnoringFragmentIdentifier(frame->document()->url(), request.resourceRequest().url())) 142 request.resourceRequest().setCachePolicy(ReloadIgnoringCacheData); 143 request.setClientRedirect(ClientRedirect); 144 frame->loader().load(request); 145 } 146 }; 147 148 class ScheduledLocationChange : public ScheduledURLNavigation { 149 public: 150 ScheduledLocationChange(Document* originDocument, const String& url, const String& referrer, bool lockBackForwardList) 151 : ScheduledURLNavigation(0.0, originDocument, url, referrer, lockBackForwardList, true) { } 152 }; 153 154 class ScheduledRefresh : public ScheduledURLNavigation { 155 public: 156 ScheduledRefresh(Document* originDocument, const String& url, const String& referrer) 157 : ScheduledURLNavigation(0.0, originDocument, url, referrer, true, true) 158 { 159 } 160 161 virtual void fire(Frame* frame) 162 { 163 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator(); 164 FrameLoadRequest request(originDocument(), ResourceRequest(KURL(ParsedURLString, url()), referrer(), ReloadIgnoringCacheData), "_self"); 165 request.setLockBackForwardList(lockBackForwardList()); 166 request.setClientRedirect(ClientRedirect); 167 frame->loader().load(request); 168 } 169 }; 170 171 class ScheduledHistoryNavigation : public ScheduledNavigation { 172 public: 173 explicit ScheduledHistoryNavigation(int historySteps) 174 : ScheduledNavigation(0, false, true) 175 , m_historySteps(historySteps) 176 { 177 } 178 179 virtual void fire(Frame* frame) 180 { 181 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator(); 182 183 if (!m_historySteps) { 184 FrameLoadRequest frameRequest(frame->document(), ResourceRequest(frame->document()->url())); 185 frameRequest.setLockBackForwardList(lockBackForwardList()); 186 // Special case for go(0) from a frame -> reload only the frame 187 // To follow Firefox and IE's behavior, history reload can only navigate the self frame. 188 frame->loader().load(frameRequest); 189 return; 190 } 191 // go(i!=0) from a frame navigates into the history of the frame only, 192 // in both IE and NS (but not in Mozilla). We can't easily do that. 193 frame->page()->mainFrame()->loader().client()->navigateBackForward(m_historySteps); 194 } 195 196 private: 197 int m_historySteps; 198 }; 199 200 class ScheduledFormSubmission : public ScheduledNavigation { 201 public: 202 ScheduledFormSubmission(PassRefPtr<FormSubmission> submission, bool lockBackForwardList) 203 : ScheduledNavigation(0, lockBackForwardList, true) 204 , m_submission(submission) 205 { 206 ASSERT(m_submission->state()); 207 } 208 209 virtual void fire(Frame* frame) 210 { 211 OwnPtr<UserGestureIndicator> gestureIndicator = createUserGestureIndicator(); 212 FrameLoadRequest frameRequest(m_submission->state()->sourceDocument()); 213 m_submission->populateFrameLoadRequest(frameRequest); 214 frameRequest.setLockBackForwardList(lockBackForwardList()); 215 frameRequest.setTriggeringEvent(m_submission->event()); 216 frameRequest.setFormState(m_submission->state()); 217 frame->loader().load(frameRequest); 218 } 219 220 virtual bool isForm() const { return true; } 221 FormSubmission* submission() const { return m_submission.get(); } 222 223 private: 224 RefPtr<FormSubmission> m_submission; 225 }; 226 227 NavigationScheduler::NavigationScheduler(Frame* frame) 228 : m_frame(frame) 229 , m_timer(this, &NavigationScheduler::timerFired) 230 { 231 } 232 233 NavigationScheduler::~NavigationScheduler() 234 { 235 } 236 237 bool NavigationScheduler::locationChangePending() 238 { 239 return m_redirect && m_redirect->isLocationChange(); 240 } 241 242 void NavigationScheduler::clear() 243 { 244 if (m_timer.isActive()) 245 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame); 246 m_timer.stop(); 247 m_redirect.clear(); 248 } 249 250 inline bool NavigationScheduler::shouldScheduleNavigation() const 251 { 252 return m_frame->page(); 253 } 254 255 inline bool NavigationScheduler::shouldScheduleNavigation(const String& url) const 256 { 257 return shouldScheduleNavigation() && (protocolIsJavaScript(url) || NavigationDisablerForBeforeUnload::isNavigationAllowed()); 258 } 259 260 void NavigationScheduler::scheduleRedirect(double delay, const String& url) 261 { 262 if (!shouldScheduleNavigation(url)) 263 return; 264 if (delay < 0 || delay > INT_MAX / 1000) 265 return; 266 if (url.isEmpty()) 267 return; 268 269 // We want a new back/forward list item if the refresh timeout is > 1 second. 270 if (!m_redirect || delay <= m_redirect->delay()) 271 schedule(adoptPtr(new ScheduledRedirect(delay, m_frame->document(), url, delay <= 1))); 272 } 273 274 bool NavigationScheduler::mustLockBackForwardList(Frame* targetFrame) 275 { 276 // Non-user navigation before the page has finished firing onload should not create a new back/forward item. 277 // See https://webkit.org/b/42861 for the original motivation for this. 278 if (!UserGestureIndicator::processingUserGesture() && !targetFrame->document()->loadEventFinished()) 279 return true; 280 281 // From the HTML5 spec for location.assign(): 282 // "If the browsing context's session history contains only one Document, 283 // and that was the about:blank Document created when the browsing context 284 // was created, then the navigation must be done with replacement enabled." 285 if (!targetFrame->loader().stateMachine()->committedMultipleRealLoads() 286 && equalIgnoringCase(targetFrame->document()->url(), blankURL())) 287 return true; 288 289 // Navigation of a subframe during loading of an ancestor frame does not create a new back/forward item. 290 // The definition of "during load" is any time before all handlers for the load event have been run. 291 // See https://bugs.webkit.org/show_bug.cgi?id=14957 for the original motivation for this. 292 return targetFrame->tree().parent() && !targetFrame->tree().parent()->loader().allAncestorsAreComplete(); 293 } 294 295 void NavigationScheduler::scheduleLocationChange(Document* originDocument, const String& url, const String& referrer, bool lockBackForwardList) 296 { 297 if (!shouldScheduleNavigation(url)) 298 return; 299 if (url.isEmpty()) 300 return; 301 302 lockBackForwardList = lockBackForwardList || mustLockBackForwardList(m_frame); 303 304 // If the URL we're going to navigate to is the same as the current one, except for the 305 // fragment part, we don't need to schedule the location change. We'll skip this 306 // optimization for cross-origin navigations to minimize the navigator's ability to 307 // execute timing attacks. 308 if (originDocument->securityOrigin()->canAccess(m_frame->document()->securityOrigin())) { 309 KURL parsedURL(ParsedURLString, url); 310 if (parsedURL.hasFragmentIdentifier() && equalIgnoringFragmentIdentifier(m_frame->document()->url(), parsedURL)) { 311 FrameLoadRequest request(originDocument, ResourceRequest(m_frame->document()->completeURL(url), referrer), "_self"); 312 request.setLockBackForwardList(lockBackForwardList); 313 request.setClientRedirect(ClientRedirect); 314 m_frame->loader().load(request); 315 return; 316 } 317 } 318 319 schedule(adoptPtr(new ScheduledLocationChange(originDocument, url, referrer, lockBackForwardList))); 320 } 321 322 void NavigationScheduler::scheduleFormSubmission(PassRefPtr<FormSubmission> submission) 323 { 324 ASSERT(m_frame->page()); 325 schedule(adoptPtr(new ScheduledFormSubmission(submission, mustLockBackForwardList(m_frame)))); 326 } 327 328 void NavigationScheduler::scheduleRefresh() 329 { 330 if (!shouldScheduleNavigation()) 331 return; 332 const KURL& url = m_frame->document()->url(); 333 if (url.isEmpty()) 334 return; 335 336 schedule(adoptPtr(new ScheduledRefresh(m_frame->document(), url.string(), m_frame->document()->outgoingReferrer()))); 337 } 338 339 void NavigationScheduler::scheduleHistoryNavigation(int steps) 340 { 341 if (!shouldScheduleNavigation()) 342 return; 343 344 // Invalid history navigations (such as history.forward() during a new load) have the side effect of cancelling any scheduled 345 // redirects. We also avoid the possibility of cancelling the current load by avoiding the scheduled redirection altogether. 346 BackForwardClient& backForward = m_frame->page()->backForward(); 347 if (steps > backForward.forwardListCount() || -steps > backForward.backListCount()) { 348 cancel(); 349 return; 350 } 351 352 // In all other cases, schedule the history traversal to occur asynchronously. 353 schedule(adoptPtr(new ScheduledHistoryNavigation(steps))); 354 } 355 356 void NavigationScheduler::timerFired(Timer<NavigationScheduler>*) 357 { 358 if (!m_frame->page()) 359 return; 360 if (m_frame->page()->defersLoading()) { 361 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame); 362 return; 363 } 364 365 RefPtr<Frame> protect(m_frame); 366 367 OwnPtr<ScheduledNavigation> redirect(m_redirect.release()); 368 redirect->fire(m_frame); 369 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame); 370 } 371 372 void NavigationScheduler::schedule(PassOwnPtr<ScheduledNavigation> redirect) 373 { 374 ASSERT(m_frame->page()); 375 cancel(); 376 m_redirect = redirect; 377 startTimer(); 378 } 379 380 void NavigationScheduler::startTimer() 381 { 382 if (!m_redirect) 383 return; 384 385 ASSERT(m_frame->page()); 386 if (m_timer.isActive()) 387 return; 388 if (!m_redirect->shouldStartTimer(m_frame)) 389 return; 390 391 m_timer.startOneShot(m_redirect->delay()); 392 InspectorInstrumentation::frameScheduledNavigation(m_frame, m_redirect->delay()); 393 } 394 395 void NavigationScheduler::cancel() 396 { 397 if (m_timer.isActive()) 398 InspectorInstrumentation::frameClearedScheduledNavigation(m_frame); 399 m_timer.stop(); 400 m_redirect.clear(); 401 } 402 403 } // namespace WebCore 404
