OOR-CORS: Remove unused CORS method plumbing

As some of methods in blink::cors:: are not used any more, this patch removes them from the Blink. Bug: 1053866 Change-Id: If3565084c20ba805d8b7d6a253366d67599c121f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2550141 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#829224}

OOR-CORS: Remove unused CORS method plumbing
As some of methods in blink::cors:: are not used any more, this patch removes them from the Blink. Bug: 1053866 Change-Id: If3565084c20ba805d8b7d6a253366d67599c121f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2550141 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#829224}
1fa9ddd9 · Takashi Toyoshima · Commit Bot · 36a38113 · 1fa9ddd9 · 1fa9ddd9
Commit 1fa9ddd9 authored Nov 19, 2020 by Takashi Toyoshima Committed by Commit Bot Nov 19, 2020
3 changed files
--- a/third_party/blink/renderer/platform/loader/cors/cors.cc
+++ b/third_party/blink/renderer/platform/loader/cors/cors.cc
--- a/third_party/blink/renderer/platform/loader/cors/cors.h
+++ b/third_party/blink/renderer/platform/loader/cors/cors.h
@@ -31,78 +31,17 @@ enum class CorsFlag : uint8_t {
 namespace cors {
 // Thin wrapper functions below are for calling ::network::cors functions from
-// Blink core. Once Out-of-renderer CORS is enabled, following functions will
+// Blink core.
-// be removed.
-PLATFORM_EXPORT base::Optional<network::CorsErrorStatus> CheckAccess(
-    const KURL&,
-    const HTTPHeaderMap&,
-    network::mojom::CredentialsMode,
-    const SecurityOrigin&);
-PLATFORM_EXPORT base::Optional<network::CorsErrorStatus> CheckPreflightAccess(
-    const KURL&,
-    const int response_status_code,
-    const HTTPHeaderMap&,
-    network::mojom::CredentialsMode,
-    const SecurityOrigin&);
-PLATFORM_EXPORT base::Optional<network::CorsErrorStatus> CheckRedirectLocation(
-    const KURL&,
-    network::mojom::RequestMode,
-    const SecurityOrigin*,
-    CorsFlag);
-PLATFORM_EXPORT base::Optional<network::CorsErrorStatus> CheckExternalPreflight(
-    const HTTPHeaderMap&);
 PLATFORM_EXPORT bool IsCorsEnabledRequestMode(network::mojom::RequestMode);
-PLATFORM_EXPORT base::Optional<network::CorsErrorStatus>
-EnsurePreflightResultAndCacheOnSuccess(
-    const HTTPHeaderMap& response_header_map,
-    const String& origin,
-    const KURL& request_url,
-    const String& request_method,
-    const HTTPHeaderMap& request_header_map,
-    network::mojom::CredentialsMode request_credentials_mode);
-PLATFORM_EXPORT bool CheckIfRequestCanSkipPreflight(
-    const String& origin,
-    const KURL&,
-    network::mojom::CredentialsMode,
-    const String& method,
-    const HTTPHeaderMap& request_header_map);
-// Returns the response tainting value
-// (https://fetch.spec.whatwg.org/#concept-request-response-tainting) for a
-// request and the CORS flag, as specified in
-// https://fetch.spec.whatwg.org/#main-fetch.
-PLATFORM_EXPORT network::mojom::FetchResponseType CalculateResponseTainting(
-    const KURL& url,
-    network::mojom::RequestMode request_mode,
-    const SecurityOrigin* origin,
-    const SecurityOrigin* isolated_world_origin,
-    CorsFlag cors_flag);
-PLATFORM_EXPORT bool CalculateCredentialsFlag(
-    network::mojom::CredentialsMode credentials_mode,
-    network::mojom::FetchResponseType response_tainting);
-// Thin wrapper functions that will not be removed even after out-of-renderer
-// CORS is enabled.
 PLATFORM_EXPORT bool IsCorsSafelistedMethod(const String& method);
 PLATFORM_EXPORT bool IsCorsSafelistedContentType(const String&);
 PLATFORM_EXPORT bool IsNoCorsSafelistedHeader(const String& name,
                                              const String& value);
 PLATFORM_EXPORT bool IsPrivilegedNoCorsHeaderName(const String& name);
 PLATFORM_EXPORT bool IsNoCorsSafelistedHeaderName(const String& name);
-PLATFORM_EXPORT Vector<String> CorsUnsafeRequestHeaderNames(
-    const HTTPHeaderMap& headers);
 PLATFORM_EXPORT Vector<String> PrivilegedNoCorsHeaderNames();
 PLATFORM_EXPORT bool IsForbiddenHeaderName(const String& name);
 PLATFORM_EXPORT bool ContainsOnlyCorsSafelistedHeaders(const HTTPHeaderMap&);
-PLATFORM_EXPORT bool ContainsOnlyCorsSafelistedOrForbiddenHeaders(
-    const HTTPHeaderMap&);
 PLATFORM_EXPORT bool IsOkStatus(int status);
@@ -114,7 +53,6 @@ PLATFORM_EXPORT bool IsOkStatus(int status);
 // |kNavigate|.
 // This should be identical to CalculateCorsFlag defined in
 // //services/network/cors/cors_url_loader.cc.
-// This function will be removed when out-of-renderer CORS is enabled.
 PLATFORM_EXPORT bool CalculateCorsFlag(
    const KURL& url,
    const SecurityOrigin* initiator_origin,

--- a/third_party/blink/renderer/platform/loader/cors/cors_test.cc
+++ b/third_party/blink/renderer/platform/loader/cors/cors_test.cc
@@ -7,7 +7,6 @@
 #include "testing/gtest/include/gtest/gtest.h"
 #include "third_party/blink/public/mojom/fetch/fetch_api_request.mojom-blink.h"
 #include "third_party/blink/renderer/platform/loader/fetch/resource_response.h"
-#include "third_party/blink/renderer/platform/weborigin/security_origin.h"
 namespace blink {
@@ -101,87 +100,6 @@ TEST_F(CorsExposedHeadersTest, Asterisk) {
            HTTPHeaderSet({"a", "b", "*"}));
 }
-// Keep this in sync with the CalculateResponseTainting test in
-// services/network/cors/cors_url_loader_unittest.cc.
-TEST(CorsTest, CalculateResponseTainting) {
-  using network::mojom::FetchResponseType;
-  using network::mojom::RequestMode;
-  const KURL same_origin_url("https://example.com/");
-  const KURL cross_origin_url("https://example2.com/");
-  scoped_refptr<SecurityOrigin> origin_refptr =
-      SecurityOrigin::Create(same_origin_url);
-  const SecurityOrigin* origin = origin_refptr.get();
-  const SecurityOrigin* no_origin = nullptr;
-  // CORS flag is false, same-origin request
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(same_origin_url, RequestMode::kSameOrigin,
-                                      origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(same_origin_url, RequestMode::kNoCors,
-                                      origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(FetchResponseType::kBasic,
-            cors::CalculateResponseTainting(same_origin_url, RequestMode::kCors,
-                                            origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(FetchResponseType::kBasic,
-            cors::CalculateResponseTainting(
-                same_origin_url, RequestMode::kCorsWithForcedPreflight, origin,
-                nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(same_origin_url, RequestMode::kNavigate,
-                                      origin, nullptr, CorsFlag::Unset));
-  // CORS flag is false, cross-origin request
-  EXPECT_EQ(
-      FetchResponseType::kOpaque,
-      cors::CalculateResponseTainting(cross_origin_url, RequestMode::kNoCors,
-                                      origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(cross_origin_url, RequestMode::kNavigate,
-                                      origin, nullptr, CorsFlag::Unset));
-  // CORS flag is true, same-origin request
-  EXPECT_EQ(FetchResponseType::kCors,
-            cors::CalculateResponseTainting(same_origin_url, RequestMode::kCors,
-                                            origin, nullptr, CorsFlag::Set));
-  EXPECT_EQ(FetchResponseType::kCors,
-            cors::CalculateResponseTainting(
-                same_origin_url, RequestMode::kCorsWithForcedPreflight, origin,
-                nullptr, CorsFlag::Set));
-  // CORS flag is true, cross-origin request
-  EXPECT_EQ(FetchResponseType::kCors, cors::CalculateResponseTainting(
-                                          cross_origin_url, RequestMode::kCors,
-                                          origin, nullptr, CorsFlag::Set));
-  EXPECT_EQ(FetchResponseType::kCors,
-            cors::CalculateResponseTainting(
-                cross_origin_url, RequestMode::kCorsWithForcedPreflight, origin,
-                nullptr, CorsFlag::Set));
-  // Origin is not provided.
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(same_origin_url, RequestMode::kNoCors,
-                                      no_origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(same_origin_url, RequestMode::kNavigate,
-                                      no_origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(cross_origin_url, RequestMode::kNoCors,
-                                      no_origin, nullptr, CorsFlag::Unset));
-  EXPECT_EQ(
-      FetchResponseType::kBasic,
-      cors::CalculateResponseTainting(cross_origin_url, RequestMode::kNavigate,
-                                      no_origin, nullptr, CorsFlag::Unset));
-}
 }  // namespace
 }  // namespace blink