Remove FetchRequestData::Tainting

We had to calculate https://fetch.spec.whatwg.org/#concept-request-response-tainting in core/fetch because the CORS logic implemented in ThreadableLoader didin't support the concept. Now the CORS logic in /services/network calculates reponse's type, so we can use the value. Bug: None Change-Id: I98b56e1d79a73e364a7bec709e8cc4437131b261 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2537522 Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org> Auto-Submit: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Dominic Farolino <dom@chromium.org> Cr-Commit-Position: refs/heads/master@{#828064}

Remove FetchRequestData::Tainting
We had to calculate https://fetch.spec.whatwg.org/#concept-request-response-tainting in core/fetch because the CORS logic implemented in ThreadableLoader didin't support the concept. Now the CORS logic in /services/network calculates reponse's type, so we can use the value. Bug: None Change-Id: I98b56e1d79a73e364a7bec709e8cc4437131b261 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2537522 Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org> Auto-Submit: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Dominic Farolino <dom@chromium.org> Cr-Commit-Position: refs/heads/master@{#828064}
1044f0c9 · Yutaka Hirano · Commit Bot · 6a00a7e3 · 1044f0c9 · 1044f0c9
Commit 1044f0c9 authored Nov 17, 2020 by Yutaka Hirano Committed by Commit Bot Nov 17, 2020
6 changed files
--- a/third_party/blink/renderer/core/fetch/fetch_manager.cc
+++ b/third_party/blink/renderer/core/fetch/fetch_manager.cc
@@ -466,78 +466,6 @@ void FetchManager::Loader::DidReceiveResponse(
  ScriptState::Scope scope(script_state);
  response_http_status_code_ = response.HttpStatusCode();
-  FetchRequestData::Tainting tainting = fetch_request_data_->ResponseTainting();
-  if (response.CurrentRequestUrl().ProtocolIsData()) {
-    if (fetch_request_data_->Url() == response.CurrentRequestUrl()) {
-      // A direct request to data.
-      tainting = FetchRequestData::kBasicTainting;
-    } else {
-      // A redirect to data: scheme occured.
-      // Redirects to data URLs are rejected by the spec because
-      // same-origin data-URL flag is unset, except for no-cors mode.
-      // TODO(hiroshige): currently redirects to data URLs in no-cors
-      // mode is also rejected by Chromium side.
-      switch (fetch_request_data_->Mode()) {
-        case RequestMode::kNoCors:
-          tainting = FetchRequestData::kOpaqueTainting;
-          break;
-        case RequestMode::kSameOrigin:
-        case RequestMode::kCors:
-        case RequestMode::kCorsWithForcedPreflight:
-        case RequestMode::kNavigate:
-          PerformNetworkError(
-              "Fetch API cannot load " +
-                  fetch_request_data_->Url().GetString() +
-                  ". Redirects to data: URL are allowed only when "
-                  "mode is \"no-cors\".",
-              FailedReason::kRedirectToDataUrlWithImpermissibleFetchMode);
-          return;
-      }
-    }
-  } else if (!fetch_request_data_->Origin()->CanReadContent(
-                 response.CurrentRequestUrl())) {
-    // Recompute the tainting if the request was redirected to a different
-    // origin.
-    switch (fetch_request_data_->Mode()) {
-      case RequestMode::kSameOrigin:
-        NOTREACHED();
-        break;
-      case RequestMode::kNoCors:
-        tainting = FetchRequestData::kOpaqueTainting;
-        break;
-      case RequestMode::kCors:
-      case RequestMode::kCorsWithForcedPreflight:
-        tainting = FetchRequestData::kCorsTainting;
-        break;
-      case RequestMode::kNavigate:
-        LOG(FATAL);
-        break;
-    }
-  }
-  if (response.WasFetchedViaServiceWorker()) {
-    switch (response.GetType()) {
-      case FetchResponseType::kBasic:
-      case FetchResponseType::kDefault:
-        tainting = FetchRequestData::kBasicTainting;
-        break;
-      case FetchResponseType::kCors:
-        tainting = FetchRequestData::kCorsTainting;
-        break;
-      case FetchResponseType::kOpaque:
-        tainting = FetchRequestData::kOpaqueTainting;
-        break;
-      case FetchResponseType::kOpaqueRedirect:
-        DCHECK(
-            network_utils::IsRedirectResponseCode(response_http_status_code_));
-        break;  // The code below creates an opaque-redirect filtered response.
-      case FetchResponseType::kError:
-        LOG(FATAL) << "When ServiceWorker respond to the request from fetch() "
-                      "with an error response, FetchManager::Loader::didFail() "
-                      "must be called instead.";
-        break;
-    }
-  }
  if (response.MimeType() == "application/wasm" &&
      response.CurrentRequestUrl().ProtocolIsInHTTPFamily()) {
@@ -557,7 +485,7 @@ void FetchManager::Loader::DidReceiveResponse(
  response_data->InitFromResourceResponse(
      url_list_, fetch_request_data_->Method(),
-      fetch_request_data_->Credentials(), tainting, response);
+      fetch_request_data_->Credentials(), response);
  FetchResponseData* tainted_response = nullptr;
@@ -569,20 +497,25 @@ void FetchManager::Loader::DidReceiveResponse(
      fetch_request_data_->Redirect() == RedirectMode::kManual) {
    tainted_response = response_data->CreateOpaqueRedirectFilteredResponse();
  } else {
-    switch (tainting) {
+    switch (response.GetType()) {
-      case FetchRequestData::kBasicTainting:
+      case FetchResponseType::kBasic:
+      case FetchResponseType::kDefault:
        tainted_response = response_data->CreateBasicFilteredResponse();
        break;
-      case FetchRequestData::kCorsTainting: {
+      case FetchResponseType::kCors: {
        HTTPHeaderSet header_names = cors::ExtractCorsExposedHeaderNamesList(
            fetch_request_data_->Credentials(), response);
        tainted_response =
            response_data->CreateCorsFilteredResponse(header_names);
        break;
      }
-      case FetchRequestData::kOpaqueTainting:
+      case FetchResponseType::kOpaque:
        tainted_response = response_data->CreateOpaqueFilteredResponse();
        break;
+      case FetchResponseType::kOpaqueRedirect:
+      case FetchResponseType::kError:
+        NOTREACHED();
+        break;
    }
  }
@@ -752,7 +685,9 @@ void FetchManager::Loader::Start() {
    }
    // "Set |request|'s response tainting to |opaque|."
-    fetch_request_data_->SetResponseTainting(FetchRequestData::kOpaqueTainting);
+    // Response tainting is calculated in the CORS module in the network
+    // service.
+    //
    // "The result of performing a scheme fetch using |request|."
    PerformSchemeFetch();
    return;
@@ -772,7 +707,8 @@ void FetchManager::Loader::Start() {
  }
  // "Set |request|'s response tainting to |CORS|."
-  fetch_request_data_->SetResponseTainting(FetchRequestData::kCorsTainting);
+  // Response tainting is calculated in the CORS module in the network
+  // service.
  // "The result of performing an HTTP fetch using |request| with the
  // |CORS flag| set."

--- a/third_party/blink/renderer/core/fetch/fetch_request_data.cc
+++ b/third_party/blink/renderer/core/fetch/fetch_request_data.cc
@@ -199,7 +199,6 @@ FetchRequestData* FetchRequestData::CloneExceptBody() {
  request->credentials_ = credentials_;
  request->cache_mode_ = cache_mode_;
  request->redirect_ = redirect_;
-  request->response_tainting_ = response_tainting_;
  request->mime_type_ = mime_type_;
  request->integrity_ = integrity_;
  request->priority_ = priority_;
@@ -260,7 +259,6 @@ FetchRequestData::FetchRequestData(ExecutionContext* execution_context)
      cache_mode_(mojom::FetchCacheMode::kDefault),
      redirect_(network::mojom::RedirectMode::kFollow),
      importance_(mojom::FetchImportanceMode::kImportanceAuto),
-      response_tainting_(kBasicTainting),
      priority_(ResourceLoadPriority::kUnresolved),
      keepalive_(false),
      url_loader_factory_(execution_context),

--- a/third_party/blink/renderer/core/fetch/fetch_request_data.h
+++ b/third_party/blink/renderer/core/fetch/fetch_request_data.h
@@ -36,7 +36,6 @@ class ScriptState;
 class CORE_EXPORT FetchRequestData final
    : public GarbageCollected<FetchRequestData> {
 public:
-  enum Tainting { kBasicTainting, kCorsTainting, kOpaqueTainting };
  enum class ForServiceWorkerFetchEvent { kFalse, kTrue };
  static FetchRequestData* Create(ScriptState*,
@@ -95,8 +94,6 @@ class CORE_EXPORT FetchRequestData final
    importance_ = importance;
  }
  mojom::FetchImportanceMode Importance() const { return importance_; }
-  void SetResponseTainting(Tainting tainting) { response_tainting_ = tainting; }
-  Tainting ResponseTainting() const { return response_tainting_; }
  FetchHeaderList* HeaderList() const { return header_list_.Get(); }
  void SetHeaderList(FetchHeaderList* header_list) {
    header_list_ = header_list;
@@ -171,7 +168,6 @@ class CORE_EXPORT FetchRequestData final
  base::Optional<network::mojom::blink::TrustTokenParams> trust_token_params_;
  // FIXME: Support m_useURLCredentialsFlag;
  // FIXME: Support m_redirectCount;
-  Tainting response_tainting_;
  Member<BodyStreamBuffer> buffer_;
  String mime_type_;
  String integrity_;

--- a/third_party/blink/renderer/core/fetch/fetch_response_data.cc
+++ b/third_party/blink/renderer/core/fetch/fetch_response_data.cc
@@ -292,7 +292,6 @@ void FetchResponseData::InitFromResourceResponse(
    const Vector<KURL>& request_url_list,
    const AtomicString& request_method,
    network::mojom::CredentialsMode request_credentials,
-    FetchRequestData::Tainting tainting,
    const ResourceResponse& response) {
  SetStatus(response.HttpStatusCode());
  if (response.CurrentRequestUrl().ProtocolIsAbout() ||
@@ -339,12 +338,13 @@ void FetchResponseData::InitFromResourceResponse(
  SetWasFetchedViaSpdy(response.WasFetchedViaSPDY());
-  // TODO(wanderview): Remove |tainting| and use |response.GetType()|
-  // instead once the OOR-CORS disabled path is removed.
  SetLoadedWithCredentials(
      request_credentials == network::mojom::CredentialsMode::kInclude ||
      (request_credentials == network::mojom::CredentialsMode::kSameOrigin &&
-       tainting == FetchRequestData::kBasicTainting));
+       (response.GetType() ==
+            network::mojom::blink::FetchResponseType::kBasic ||
+        response.GetType() ==
+            network::mojom::blink::FetchResponseType::kDefault)));
  SetHasRangeRequested(response.HasRangeRequested());
 }

--- a/third_party/blink/renderer/core/fetch/fetch_response_data.h
+++ b/third_party/blink/renderer/core/fetch/fetch_response_data.h
@@ -141,7 +141,6 @@ class CORE_EXPORT FetchResponseData final
      const Vector<KURL>& request_url_list,
      const AtomicString& request_method,
      network::mojom::CredentialsMode request_credentials,
-      FetchRequestData::Tainting tainting,
      const ResourceResponse& response);
  void Trace(Visitor*) const;

--- a/third_party/blink/renderer/modules/service_worker/fetch_event.cc
+++ b/third_party/blink/renderer/modules/service_worker/fetch_event.cc
@@ -161,7 +161,6 @@ void FetchEvent::OnNavigationPreloadResponse(
  response_data->InitFromResourceResponse(
      url_list, http_names::kGET, network::mojom::CredentialsMode::kInclude,
-      FetchRequestData::kBasicTainting,
      preload_response_->ToResourceResponse());
  FetchResponseData* tainted_response =