OOR-CORS: join split OOR/Blink CORS code paths

To make changes following to support OOR-CORS understandable, join split CORS code paths again. DocumentThreadableLoader still has |out_of_blink_cors_| flag to switch behaviors. At this point, it differentiates response handling since CORS checks in OOR-CORS mode are always performed in Network Service side. This patch should not change any behavior in both CORS modes. Bug: 803766 Change-Id: Iffd4e56be95df0ce70afb94a2bfe8ca77001f684 Reviewed-on: https://chromium-review.googlesource.com/999460 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#549148}

OOR-CORS: join split OOR/Blink CORS code paths
To make changes following to support OOR-CORS understandable, join split CORS code paths again. DocumentThreadableLoader still has |out_of_blink_cors_| flag to switch behaviors. At this point, it differentiates response handling since CORS checks in OOR-CORS mode are always performed in Network Service side. This patch should not change any behavior in both CORS modes. Bug: 803766 Change-Id: Iffd4e56be95df0ce70afb94a2bfe8ca77001f684 Reviewed-on: https://chromium-review.googlesource.com/999460 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#549148}
5d8e1a05 · Takashi Toyoshima · Commit Bot · 3a6aeb23 · 5d8e1a05 · 5d8e1a05
Commit 5d8e1a05 authored Apr 09, 2018 by Takashi Toyoshima Committed by Commit Bot Apr 09, 2018
2 changed files
--- a/third_party/blink/renderer/core/loader/document_threadable_loader.cc
+++ b/third_party/blink/renderer/core/loader/document_threadable_loader.cc
@@ -254,82 +254,6 @@ DocumentThreadableLoader::DocumentThreadableLoader(
 }

 void DocumentThreadableLoader::Start(const ResourceRequest& request) {
-  if (out_of_blink_cors_)
-    StartOutOfBlinkCORS(request);
-  else
-    StartBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::StartOutOfBlinkCORS(
-    const ResourceRequest& request) {
-  DCHECK(out_of_blink_cors_);
-
-  // TODO(toyoshim) replace this delegation with an implementation that does not
-  // perform CORS checks but relies on CORSURLLoader for CORS
-  // (https://crbug.com/736308).
-  StartBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::DispatchInitialRequestOutOfBlinkCORS(
-    ResourceRequest& request) {
-  DCHECK(out_of_blink_cors_);
-
-  // TODO(toyoshim) replace this delegation with an implementation that does not
-  // perform CORS checks but relies on CORSURLLoader for CORS
-  // (https://crbug.com/736308).
-  DispatchInitialRequestBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::HandleResponseOutOfBlinkCORS(
-    unsigned long identifier,
-    network::mojom::FetchRequestMode request_mode,
-    network::mojom::FetchCredentialsMode credentials_mode,
-    const ResourceResponse& response,
-    std::unique_ptr<WebDataConsumerHandle> handle) {
-  DCHECK(client_);
-  // Out of Blink CORS access check is implemented. But we still need some
-  // additional code to work with unfinished preflight support in Blink.
-  // TODO(toyoshim): Remove following workaround code to support preflight.
-  // (https://crbug.com/736308).
-  if (!actual_request_.IsNull()) {
-    ReportResponseReceived(identifier, response);
-    HandlePreflightResponse(response);
-    return;
-  }
-
-  // TODO(toyoshim): Support Service Worker. (https://crbug.com/736308).
-  if (response.WasFetchedViaServiceWorker()) {
-    HandleResponseBlinkCORS(identifier, request_mode, credentials_mode,
-                            response, std::move(handle));
-    return;
-  }
-
-  client_->DidReceiveResponse(identifier, response, std::move(handle));
-}
-
-bool DocumentThreadableLoader::RedirectReceivedOutOfBlinkCORS(
-    Resource* resource,
-    const ResourceRequest& new_request,
-    const ResourceResponse& redirect_response) {
-  DCHECK(out_of_blink_cors_);
-
-  // TODO(toyoshim) replace this delegation with an implementation that does not
-  // perform CORS checks but relies on CORSURLLoader for CORS
-  // (https://crbug.com/736308).
-  return RedirectReceivedBlinkCORS(resource, new_request, redirect_response);
-}
-
-void DocumentThreadableLoader::MakeCrossOriginAccessRequestOutOfBlinkCORS(
-    const ResourceRequest& request) {
-  DCHECK(out_of_blink_cors_);
-
-  // TODO(toyoshim) replace this delegation with an implementation that does not
-  // perform CORS checks but relies on CORSURLLoader for CORS
-  // (https://crbug.com/736308).
-  MakeCrossOriginAccessRequestBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::StartBlinkCORS(const ResourceRequest& request) {
  // Setting an outgoing referer is only supported in the async code path.
  DCHECK(async_ || request.HttpReferrer().IsEmpty());

@@ -415,7 +339,7 @@ void DocumentThreadableLoader::StartBlinkCORS(const ResourceRequest& request) {
      !SchemeRegistry::ShouldTreatURLSchemeAsAllowingServiceWorkers(
          new_request.Url().Protocol()) ||
      !loading_context_->GetResourceFetcher()->IsControlledByServiceWorker()) {
-    DispatchInitialRequestBlinkCORS(new_request);
+    DispatchInitialRequest(new_request);
    return;
  }

@@ -433,14 +357,6 @@ void DocumentThreadableLoader::StartBlinkCORS(const ResourceRequest& request) {

 void DocumentThreadableLoader::DispatchInitialRequest(
    ResourceRequest& request) {
-  if (out_of_blink_cors_)
-    DispatchInitialRequestOutOfBlinkCORS(request);
-  else
-    DispatchInitialRequestBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::DispatchInitialRequestBlinkCORS(
-    ResourceRequest& request) {
  if (!request.IsExternalRequest() && !cors_flag_) {
    LoadRequest(request, resource_loader_options_);
    return;
@@ -483,14 +399,6 @@ void DocumentThreadableLoader::LoadPreflightRequest(

 void DocumentThreadableLoader::MakeCrossOriginAccessRequest(
    const ResourceRequest& request) {
-  if (out_of_blink_cors_)
-    MakeCrossOriginAccessRequestOutOfBlinkCORS(request);
-  else
-    MakeCrossOriginAccessRequestBlinkCORS(request);
-}
-
-void DocumentThreadableLoader::MakeCrossOriginAccessRequestBlinkCORS(
-    const ResourceRequest& request) {
  DCHECK(CORS::IsCORSEnabledRequestMode(request.GetFetchRequestMode()) ||
         request.IsExternalRequest());
  DCHECK(client_);
@@ -657,25 +565,14 @@ void DocumentThreadableLoader::Clear() {
  ClearResource();
 }

-bool DocumentThreadableLoader::RedirectReceived(
-    Resource* resource,
-    const ResourceRequest& new_request,
-    const ResourceResponse& redirect_response) {
-  if (out_of_blink_cors_) {
-    return RedirectReceivedOutOfBlinkCORS(resource, new_request,
-                                          redirect_response);
-  } else {
-    return RedirectReceivedBlinkCORS(resource, new_request, redirect_response);
-  }
-}
-
 // In this method, we can clear |request| to tell content::WebURLLoaderImpl of
 // Chromium not to follow the redirect. This works only when this method is
 // called by RawResource::willSendRequest(). If called by
 // RawResource::didAddClient(), clearing |request| won't be propagated to
 // content::WebURLLoaderImpl. So, this loader must also get detached from the
 // resource by calling clearResource().
-bool DocumentThreadableLoader::RedirectReceivedBlinkCORS(
+// TODO(toyoshim): Implement OOR-CORS mode specific redirect code.
+bool DocumentThreadableLoader::RedirectReceived(
    Resource* resource,
    const ResourceRequest& new_request,
    const ResourceResponse& redirect_response) {
@@ -976,23 +873,17 @@ void DocumentThreadableLoader::HandleResponse(
    network::mojom::FetchCredentialsMode credentials_mode,
    const ResourceResponse& response,
    std::unique_ptr<WebDataConsumerHandle> handle) {
-  if (out_of_blink_cors_) {
-    HandleResponseOutOfBlinkCORS(identifier, request_mode, credentials_mode,
-                                 response, std::move(handle));
-  } else {
-    HandleResponseBlinkCORS(identifier, request_mode, credentials_mode,
-                            response, std::move(handle));
-  }
-}
-
-void DocumentThreadableLoader::HandleResponseBlinkCORS(
-    unsigned long identifier,
-    network::mojom::FetchRequestMode request_mode,
-    network::mojom::FetchCredentialsMode credentials_mode,
-    const ResourceResponse& response,
-    std::unique_ptr<WebDataConsumerHandle> handle) {
  DCHECK(client_);

+  // TODO(toyoshim): Support OOR-CORS preflight and Service Worker case.
+  // https://crbug.com/736308.
+  if (out_of_blink_cors_ && actual_request_.IsNull() &&
+      !response.WasFetchedViaServiceWorker()) {
+    client_->DidReceiveResponse(identifier, response, std::move(handle));
+    return;
+  }
+
+  // Code path for legacy Blink CORS.
  if (!actual_request_.IsNull()) {
    ReportResponseReceived(identifier, response);
    HandlePreflightResponse(response);
@@ -1157,10 +1048,7 @@ void DocumentThreadableLoader::LoadFallbackRequestForServiceWorker() {
  ClearResource();
  ResourceRequest fallback_request(fallback_request_for_service_worker_);
  fallback_request_for_service_worker_ = ResourceRequest();
-  if (out_of_blink_cors_)
-    DispatchInitialRequestOutOfBlinkCORS(fallback_request);
-  else
-    DispatchInitialRequestBlinkCORS(fallback_request);
+  DispatchInitialRequest(fallback_request);
 }

 void DocumentThreadableLoader::LoadActualRequest() {

--- a/third_party/blink/renderer/core/loader/document_threadable_loader.h
+++ b/third_party/blink/renderer/core/loader/document_threadable_loader.h
@@ -149,37 +149,6 @@ class CORE_EXPORT DocumentThreadableLoader final : public ThreadableLoader,
  void DispatchInitialRequest(ResourceRequest&);
  void MakeCrossOriginAccessRequest(const ResourceRequest&);

-  // TODO(hintzed): CORS handled out of Blink. Code in methods below named
-  // *OutOfBlinkCORS is to be moved back into the corresponding methods
-  // (e.g. those inherited from RawResourceClient) after
-  // https://crbug.com/736308 is fixed (i.e. when CORS is generally handled out
-  // of Blink).
-  void DispatchInitialRequestOutOfBlinkCORS(ResourceRequest&);
-  void MakeCrossOriginAccessRequestOutOfBlinkCORS(const ResourceRequest&);
-  void StartOutOfBlinkCORS(const ResourceRequest&);
-  bool RedirectReceivedOutOfBlinkCORS(Resource*,
-                                      const ResourceRequest&,
-                                      const ResourceResponse&);
-  void HandleResponseOutOfBlinkCORS(unsigned long identifier,
-                                    network::mojom::FetchRequestMode,
-                                    network::mojom::FetchCredentialsMode,
-                                    const ResourceResponse&,
-                                    std::unique_ptr<WebDataConsumerHandle>);
-  // TODO(toyoshim): CORS handled in Blink. Methods below named *BlinkCORS are
-  // to be removed after https://crbug.com/736308 is fixed (i.e. when CORS is
-  // handled out of Blink).
-  void DispatchInitialRequestBlinkCORS(ResourceRequest&);
-  void MakeCrossOriginAccessRequestBlinkCORS(const ResourceRequest&);
-  void StartBlinkCORS(const ResourceRequest&);
-  bool RedirectReceivedBlinkCORS(Resource*,
-                                 const ResourceRequest&,
-                                 const ResourceResponse&);
-  void HandleResponseBlinkCORS(unsigned long identifier,
-                               network::mojom::FetchRequestMode,
-                               network::mojom::FetchCredentialsMode,
-                               const ResourceResponse&,
-                               std::unique_ptr<WebDataConsumerHandle>);
-
  // Loads m_fallbackRequestForServiceWorker.
  void LoadFallbackRequestForServiceWorker();
  // Issues a CORS preflight.