Reland "Unify allow_credentials and credentials_mode on network::ResourceRequest"
This is a reland of 1ccc5eeed0
Original change's description:
> Unify allow_credentials and credentials_mode on network::ResourceRequest
>
> Remove allow_credentials, map allow_credentials: false to
> credentials_mode: kOmit and map allow_credentials: true to
> credentials_mode: kInclude.
>
> network::URLLoader cannot handle kSameOrigin. This CL doesn't change
> that. CORSURLLoader translates the value to either kOmit or kInclude.
>
> This works correctly even when OOR-CORS is disabled because in that
> case load flags are set in the renderer. One caveat is we will not
> be able to remove the load flags until we remove the blink-side CORS
> code (M78? M79?) with this change.
>
> This CL removes a validity check for credentials related settings in
> CorsURLLoaderFactory. Originally the check was introduced to check the
> inconsistency between credentials_mode and load flags. After that
> allow_credentials was introduced, and at
> https://crrev.com/c/chromium/src/+/1443976 the logic was changed to
> check the inconsistency between credentials_mode and allow_credentials.
> Now they are merged and we don't need the check.
>
> Bug: 799935
> Change-Id: Ic05b2d41456d91fd3f48416a3a3e8fc98e235756
> Tbr: bsimonnet@chromium.org, dimich@chromium.org, groby@chromium.org, markusheintz@chromium.org, olka@chromium.org, satorux@chromium.org, tbansal@chromium.org
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1695341
> Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
> Reviewed-by: Tom Sepez <tsepez@chromium.org>
> Reviewed-by: Greg Levin <glevin@chromium.org>
> Reviewed-by: Nico Weber <thakis@chromium.org>
> Reviewed-by: Nicolas Ouellet-Payeur <nicolaso@chromium.org>
> Reviewed-by: Friedrich [CET] <fhorschig@chromium.org>
> Reviewed-by: Marc Treib <treib@chromium.org>
> Reviewed-by: Sylvain Defresne <sdefresne@chromium.org>
> Reviewed-by: Vasilii Sukhanov <vasilii@chromium.org>
> Reviewed-by: Alexei Svitkine <asvitkine@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Reviewed-by: Kyle Milka <kmilka@chromium.org>
> Reviewed-by: Wei-Yin Chen (陳威尹) <wychen@chromium.org>
> Reviewed-by: Mark Pearson <mpearson@chromium.org>
> Reviewed-by: Rebekah Potter <rbpotter@chromium.org>
> Reviewed-by: Emily Stark <estark@chromium.org>
> Reviewed-by: John Rummell <jrummell@chromium.org>
> Reviewed-by: Ganggui Tang <gogerald@chromium.org>
> Reviewed-by: Michael Martis <martis@chromium.org>
> Reviewed-by: Mathias Carlen <mcarlen@chromium.org>
> Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
> Reviewed-by: Patrick Noland <pnoland@chromium.org>
> Reviewed-by: Tommy Nyquist <nyquist@chromium.org>
> Reviewed-by: Matt Reynolds <mattreynolds@chromium.org>
> Reviewed-by: Scott Violet <sky@chromium.org>
> Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org>
> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
> Reviewed-by: David Benjamin <davidben@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#681698}
TBR=sky@chromium.org,horo@chromium.org,mpearson@chromium.org,davidben@chromium.org,thakis@chromium.org,toyoshim@chromium.org,nyquist@chromium.org,markusheintz@chromium.org,vasilii@chromium.org,jrummell@chromium.org,asvitkine@chromium.org,groby@chromium.org,bsimonnet@chromium.org,noel@chromium.org,rsorokin@chromium.org,glevin@chromium.org,yhirano@chromium.org,dimich@chromium.org,mmenke@chromium.org,nhiroki@chromium.org,sdefresne@chromium.org,tsepez@chromium.org,treib@chromium.org,estark@chromium.org,tbansal@chromium.org,gogerald@chromium.org,mattreynolds@chromium.org,wychen@chromium.org,olka@chromium.org,satorux@chromium.org,rbpotter@chromium.org,pnoland@chromium.org,fhorschig@chromium.org,martis@chromium.org,kmilka@chromium.org,jselover@chromium.org,nicolaso@chromium.org,mcarlen@chromium.org
Bug: 799935
Change-Id: Iec8067b3fed29bd6845077f5dc9c564d6640b6ff
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1722274
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#681719}
This commit is contained in:

committed by
Commit Bot

parent
ff2fb3d15b
commit
3d80498323
chrome/browser
android
contextualsearch
feedback
rlz
webapk
availability
browser_switcher
chromeos
backdrop_wallpaper_handlers
customization
wilco_dtc_supportd
media
router
discovery
printing
cloud_print
search
background
one_google_bar
promos
ssl
chromeos
geolocation
printing
services
assistant
timezone
components
autofill_assistant
browser
captive_portal
data_reduction_proxy
content
core
feed
feedback
gcm_driver
history
core
browser
image_fetcher
invalidation
metrics
network_time
ntp_snippets
remote
ntp_tiles
offline_pages
core
prefetch
omnibox
optimization_guide
password_manager
core
browser
payments
policy
quirks
rappor
safe_search_api
safe_search
signin
internal
identity_manager
spellcheck
browser
suggestions
sync
driver
variations
service
content/browser
service_worker
speech
web_package
signed_exchange_cert_fetcher.ccsigned_exchange_cert_fetcher_unittest.ccsigned_exchange_validity_pinger.cc
worker_host
rlz/lib
services
device
geolocation
image_annotation
network
cors
cors_url_loader.cccors_url_loader_factory.cccors_url_loader_factory_unittest.cccors_url_loader_unittest.ccpreflight_controller.ccpreflight_controller_unittest.cc
origin_policy
public
cpp
resource_request.ccresource_request.hurl_request_mojom_traits.ccurl_request_mojom_traits.hurl_request_mojom_traits_unittest.cc
mojom
@@ -166,7 +166,7 @@ void ContextualSearchDelegate::ResolveSearchTermFromContext() {
|
||||
GetDiscourseContext(*context_));
|
||||
|
||||
// Disable cookies for this request.
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
// Add Chrome experiment state to the request headers.
|
||||
// Reset will delete any previous loader, and we won't get any callback.
|
||||
|
@@ -131,7 +131,7 @@ ConnectivityChecker::ConnectivityChecker(
|
||||
void ConnectivityChecker::StartAsyncCheck() {
|
||||
auto request = std::make_unique<network::ResourceRequest>();
|
||||
request->url = url_;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
request->load_flags = net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(request),
|
||||
NO_TRAFFIC_ANNOTATION_YET);
|
||||
|
@@ -115,7 +115,7 @@ void RlzPingHandler::Ping(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = request_url;
|
||||
resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -695,7 +695,7 @@ void WebApkInstaller::SendRequest(
|
||||
request->url = server_url_;
|
||||
request->method = "POST";
|
||||
request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
loader_ = network::SimpleURLLoader::Create(std::move(request),
|
||||
NO_TRAFFIC_ANNOTATION_YET);
|
||||
loader_->AttachStringForUpload(*serialized_proto, kProtoMimeType);
|
||||
|
@@ -396,7 +396,7 @@ void AvailabilityProber::CreateAndStartURLLoader() {
|
||||
request->method = HttpMethodToString(http_method_);
|
||||
request->headers = headers_;
|
||||
request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
url_loader_ =
|
||||
network::SimpleURLLoader::Create(std::move(request), traffic_annotation_);
|
||||
|
@@ -179,7 +179,8 @@ class AvailabilityProberTest : public testing::Test {
|
||||
EXPECT_EQ(testing_header, "Hello world");
|
||||
EXPECT_EQ(request->request.method, "GET");
|
||||
EXPECT_EQ(request->request.load_flags, net::LOAD_DISABLE_CACHE);
|
||||
EXPECT_FALSE(request->request.allow_credentials);
|
||||
EXPECT_EQ(request->request.credentials_mode,
|
||||
network::mojom::CredentialsMode::kOmit);
|
||||
if (expect_random_guid) {
|
||||
EXPECT_NE(request->request.url, kTestUrl);
|
||||
EXPECT_TRUE(request->request.url.query().find("guid=") !=
|
||||
|
@@ -136,7 +136,7 @@ void XmlDownloader::FetchXml() {
|
||||
auto request = std::make_unique<network::ResourceRequest>();
|
||||
request->url = source.url;
|
||||
request->load_flags = net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
source.url_loader = network::SimpleURLLoader::Create(std::move(request),
|
||||
traffic_annotation);
|
||||
source.url_loader->SetRetryOptions(
|
||||
|
@@ -87,7 +87,7 @@ class BackdropFetcher {
|
||||
resource_request->method = "POST";
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
simple_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -581,7 +581,7 @@ void ServicesCustomizationDocument::DoStartFileFetch() {
|
||||
auto request = std::make_unique<network::ResourceRequest>();
|
||||
request->url = url_;
|
||||
request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
request->headers.SetHeader("Accept", "application/json");
|
||||
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(request),
|
||||
|
@@ -89,7 +89,7 @@ void CustomizationWallpaperDownloader::StartRequest() {
|
||||
resource_request->url = wallpaper_url_;
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
// TODO(crbug.com/833390): Add a real traffic annotation here.
|
||||
simple_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
MISSING_TRAFFIC_ANNOTATION);
|
||||
|
@@ -162,7 +162,7 @@ void WilcoDtcSupportdWebRequestService::PerformRequest(
|
||||
request->request = std::make_unique<network::ResourceRequest>();
|
||||
request->request->method = http_method_str;
|
||||
request->request->url = std::move(url);
|
||||
request->request->allow_credentials = false;
|
||||
request->request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
request->request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
for (auto header : headers) {
|
||||
request->request->headers.AddHeaderFromString(header);
|
||||
|
@@ -118,7 +118,7 @@ void IntranetRedirectDetector::FinishSleep() {
|
||||
resource_request->method = "HEAD";
|
||||
// We don't want these fetches to affect existing state in the profile.
|
||||
resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
network::mojom::URLLoaderFactory* loader_factory =
|
||||
g_browser_process->system_network_context_manager()
|
||||
->GetURLLoaderFactory();
|
||||
|
@@ -116,7 +116,7 @@ void DialURLFetcher::Start(const GURL& url,
|
||||
// help.
|
||||
// net::LOAD_DISABLE_CACHE: The request should not touch the cache.
|
||||
request->load_flags = net::LOAD_BYPASS_PROXY | net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
loader_ = network::SimpleURLLoader::Create(std::move(request),
|
||||
kDialUrlFetcherTrafficAnnotation);
|
||||
|
@@ -155,7 +155,7 @@ void PrivetURLLoader::Try() {
|
||||
request->method = request_type_;
|
||||
// Privet requests are relevant to hosts on local network only.
|
||||
request->load_flags = net::LOAD_BYPASS_PROXY | net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
std::string token = GetPrivetAccessToken();
|
||||
if (token.empty())
|
||||
|
@@ -104,7 +104,7 @@ void NtpBackgroundService::FetchCollectionInfo() {
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = collections_api_url_;
|
||||
resource_request->method = "POST";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
collections_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
@@ -197,7 +197,7 @@ void NtpBackgroundService::FetchCollectionImageInfo(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = collection_images_api_url_;
|
||||
resource_request->method = "POST";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
collections_image_info_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
@@ -294,7 +294,7 @@ void NtpBackgroundService::FetchNextCollectionImage(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = next_image_api_url_;
|
||||
resource_request->method = "POST";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
next_image_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -244,7 +244,8 @@ void OneGoogleBarLoaderImpl::AuthenticatedURLLoader::Start() {
|
||||
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = api_url_;
|
||||
resource_request->allow_credentials = true;
|
||||
resource_request->credentials_mode =
|
||||
network::mojom::CredentialsMode::kInclude;
|
||||
SetRequestHeaders(resource_request.get());
|
||||
resource_request->request_initiator =
|
||||
url::Origin::Create(GURL(chrome::kChromeUINewTabURL));
|
||||
|
@@ -129,7 +129,7 @@ void PromoService::Refresh() {
|
||||
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = GetApiUrl();
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->request_initiator =
|
||||
url::Origin::Create(GURL(chrome::kChromeUINewTabURL));
|
||||
|
||||
|
@@ -81,7 +81,7 @@ void CommonNameMismatchHandler::CheckSuggestedUrl(
|
||||
// since then the connection may be reused without checking the cert.
|
||||
resource_request->url = check_url_;
|
||||
resource_request->method = "HEAD";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -442,7 +442,7 @@ void SimpleGeolocationRequest::StartRequest() {
|
||||
request->url = request_url_;
|
||||
request->method = "POST";
|
||||
request->load_flags = net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(request), NO_TRAFFIC_ANNOTATION_YET);
|
||||
|
@@ -775,7 +775,8 @@ class PpdProviderImpl : public PpdProvider {
|
||||
resource_request->url = url;
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode =
|
||||
network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
// TODO(luum): confirm correct traffic annotation
|
||||
fetcher_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
|
@@ -161,7 +161,7 @@ void ChromiumHttpConnection::Start() {
|
||||
resource_request->method = "HEAD";
|
||||
break;
|
||||
}
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
const bool chunked_upload =
|
||||
!chunked_upload_content_type_.empty() && method_ == Method::POST;
|
||||
|
@@ -344,7 +344,7 @@ void TimeZoneRequest::StartRequest() {
|
||||
auto request = std::make_unique<network::ResourceRequest>();
|
||||
request->url = request_url_;
|
||||
request->load_flags = net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(request),
|
||||
NO_TRAFFIC_ANNOTATION_YET);
|
||||
|
||||
|
@@ -171,7 +171,7 @@ void ServiceImpl::StartLoader(Loader* loader) {
|
||||
auto resource_request = std::make_unique<::network::ResourceRequest>();
|
||||
resource_request->method = "POST";
|
||||
resource_request->redirect_mode = ::network::mojom::RedirectMode::kError;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = ::network::mojom::CredentialsMode::kOmit;
|
||||
if (access_token_.empty()) {
|
||||
std::string query_str = base::StrCat({"key=", api_key_});
|
||||
// query_str must remain valid until ReplaceComponents() has returned.
|
||||
|
@@ -81,7 +81,7 @@ void CaptivePortalDetector::StartProbe(
|
||||
// Can't safely use net::LOAD_DISABLE_CERT_NETWORK_FETCHES here,
|
||||
// since then the connection may be reused without checking the cert.
|
||||
resource_request->load_flags = net::LOAD_BYPASS_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
simple_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -443,7 +443,7 @@ void DataReductionProxyPingbackClientImpl::CreateLoaderForDataAndStart() {
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = pingback_url_;
|
||||
resource_request->load_flags = net::LOAD_BYPASS_PROXY;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
// Attach variations headers.
|
||||
variations::AppendVariationsHeader(
|
||||
|
@@ -474,7 +474,7 @@ void DataReductionProxyConfigServiceClient::RetrieveRemoteConfig() {
|
||||
resource_request->url = config_service_url_;
|
||||
resource_request->method = "POST";
|
||||
resource_request->load_flags = net::LOAD_BYPASS_PROXY;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
// Attach variations headers.
|
||||
url_loader_ = variations::CreateSimpleURLLoaderWithVariationsHeader(
|
||||
std::move(resource_request), variations::InIncognito::kNo,
|
||||
|
@@ -97,7 +97,7 @@ void SecureProxyChecker::CheckIfSecureProxyIsAllowed(
|
||||
resource_request->url = params::GetSecureProxyCheckURL();
|
||||
resource_request->load_flags =
|
||||
net::LOAD_DISABLE_CACHE | net::LOAD_BYPASS_PROXY;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
||||
|
@@ -195,7 +195,7 @@ std::unique_ptr<network::SimpleURLLoader> NetworkFetch::MakeLoader() {
|
||||
resource_request->url = url;
|
||||
|
||||
resource_request->load_flags = net::LOAD_BYPASS_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = request_type_;
|
||||
SetRequestHeaders(resource_request.get());
|
||||
|
||||
|
@@ -159,7 +159,7 @@ void FeedbackUploader::DispatchReport() {
|
||||
})");
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = feedback_post_url_;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
|
||||
// Tell feedback server about the variation state of this install.
|
||||
|
@@ -107,7 +107,7 @@ void GCMChannelStatusRequest::Start() {
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
|
||||
resource_request->url = request_url;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
resource_request->headers.SetHeader(net::HttpRequestHeaders::kUserAgent,
|
||||
user_agent_);
|
||||
|
@@ -138,7 +138,7 @@ class RequestImpl : public WebHistoryService::Request {
|
||||
})");
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url_;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = post_data_ ? "POST" : "GET";
|
||||
resource_request->headers.SetHeader(net::HttpRequestHeaders::kAuthorization,
|
||||
"Bearer " + access_token_info.token);
|
||||
|
@@ -81,7 +81,9 @@ void ImageDataFetcher::FetchImageData(
|
||||
request->url = image_url;
|
||||
request->referrer_policy = referrer_policy;
|
||||
request->referrer = GURL(referrer);
|
||||
request->allow_credentials = send_cookies;
|
||||
request->credentials_mode = send_cookies
|
||||
? network::mojom::CredentialsMode::kInclude
|
||||
: network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
std::unique_ptr<network::SimpleURLLoader> loader =
|
||||
network::SimpleURLLoader::Create(std::move(request), traffic_annotation);
|
||||
|
@@ -82,7 +82,8 @@ TEST_F(ImageDataFetcherTest, FetchImageData) {
|
||||
// provide a response.
|
||||
const network::ResourceRequest* pending_request;
|
||||
EXPECT_TRUE(test_url_loader_factory_.IsPending(kImageURL, &pending_request));
|
||||
EXPECT_FALSE(pending_request->allow_credentials);
|
||||
EXPECT_EQ(pending_request->credentials_mode,
|
||||
network::mojom::CredentialsMode::kOmit);
|
||||
|
||||
network::ResourceResponseHead head;
|
||||
std::string raw_header =
|
||||
@@ -115,7 +116,8 @@ TEST_F(ImageDataFetcherTest, FetchImageDataWithCookies) {
|
||||
// provide a response.
|
||||
const network::ResourceRequest* pending_request;
|
||||
EXPECT_TRUE(test_url_loader_factory_.IsPending(kImageURL, &pending_request));
|
||||
EXPECT_TRUE(pending_request->allow_credentials);
|
||||
EXPECT_EQ(pending_request->credentials_mode,
|
||||
network::mojom::CredentialsMode::kInclude);
|
||||
|
||||
network::ResourceResponseHead head;
|
||||
std::string raw_header =
|
||||
|
@@ -262,7 +262,7 @@ void GCMNetworkChannel::OnGetTokenComplete(
|
||||
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = BuildUrl(registration_id_);
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
resource_request->headers.SetHeader(net::HttpRequestHeaders::kAuthorization,
|
||||
"Bearer " + access_token_);
|
||||
|
@@ -254,7 +254,7 @@ void NetMetricsLogUploader::UploadLogToURL(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url;
|
||||
// Drop cookies and auth data.
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
|
||||
std::string reporting_info_string = SerializeReportingInfo(reporting_info);
|
||||
|
@@ -472,7 +472,7 @@ void NetworkTimeTracker::CheckTime() {
|
||||
// Not expecting any cookies, but just in case.
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
// This cancels any outstanding fetch.
|
||||
time_fetcher_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -290,7 +290,7 @@ std::unique_ptr<network::ResourceRequest>
|
||||
JsonRequest::Builder::BuildResourceRequest() const {
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url_;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
resource_request->headers.SetHeader("Content-Type",
|
||||
"application/json; charset=UTF-8");
|
||||
|
@@ -443,7 +443,7 @@ void PopularSitesImpl::FetchPopularSites() {
|
||||
})");
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = pending_url_;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
simple_url_loader_->SetRetryOptions(
|
||||
|
@@ -86,7 +86,7 @@ PrefetchRequestFetcher::PrefetchRequestFetcher(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url;
|
||||
resource_request->method = message.empty() ? "GET" : "POST";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
std::string experiment_header = PrefetchExperimentHeader();
|
||||
if (!experiment_header.empty())
|
||||
|
@@ -283,7 +283,7 @@ void RemoteSuggestionsService::CreateExperimentalRequest(
|
||||
std::string request_body =
|
||||
FormatRequestBodyExperimentalService(current_url, visit_time);
|
||||
AddVariationHeaders(request.get());
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
// If authentication services are unavailable or if this request is still
|
||||
// waiting for an oauth2 token, run the remote service without access
|
||||
|
@@ -99,7 +99,7 @@ bool HintsFetcher::FetchOptimizationGuideServiceHints(
|
||||
|
||||
resource_request->method = "POST";
|
||||
resource_request->load_flags = net::LOAD_BYPASS_PROXY;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -113,7 +113,7 @@ void AffiliationFetcher::StartRequest() {
|
||||
resource_request->url = BuildQueryURL();
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -172,7 +172,7 @@ void PasswordRequirementsSpecFetcherImpl::Fetch(GURL origin,
|
||||
})");
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = GetUrlForRequirementsSpec(version_, hash_prefix);
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
lookup->url_loader = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
lookup->url_loader->DownloadToStringOfUnboundedSizeUntilCrashAndDie(
|
||||
|
@@ -320,7 +320,7 @@ void PaymentManifestDownloader::InitiateDownload(
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url;
|
||||
resource_request->method = method;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
std::unique_ptr<network::SimpleURLLoader> loader =
|
||||
network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -278,7 +278,7 @@ JobConfigurationBase::GetResourceRequest(bool bypass_proxy, int last_error) {
|
||||
rr->method = "POST";
|
||||
rr->load_flags =
|
||||
net::LOAD_DISABLE_CACHE | (bypass_proxy ? net::LOAD_BYPASS_PROXY : 0);
|
||||
rr->allow_credentials = false;
|
||||
rr->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
// If auth data is specified, use it to build the request.
|
||||
if (auth_data_) {
|
||||
|
@@ -92,7 +92,7 @@ void ExternalPolicyDataFetcher::Job::Start(
|
||||
resource_request->url = url;
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
net::NetworkTrafficAnnotationTag traffic_annotation =
|
||||
net::DefineNetworkTrafficAnnotation("external_policy_fetcher", R"(
|
||||
|
@@ -69,7 +69,7 @@ void UserInfoFetcher::Start(const std::string& access_token) {
|
||||
resource_request->url = GaiaUrls::GetInstance()->oauth_user_info_url();
|
||||
resource_request->headers.SetHeader(net::HttpRequestHeaders::kAuthorization,
|
||||
MakeAuthorizationHeader(access_token));
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -90,7 +90,7 @@ void QuirksClient::StartDownload() {
|
||||
resource_request->url = GURL(url);
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
net::NetworkTrafficAnnotationTag traffic_annotation =
|
||||
net::DefineNetworkTrafficAnnotation("quirks_display_fetcher", R"(
|
||||
|
@@ -147,7 +147,7 @@ void LogUploader::StartScheduledUpload() {
|
||||
resource_request->url = server_url_;
|
||||
// We already drop cookies server-side, but we might as well strip them out
|
||||
// client-side as well.
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
simple_url_loader_ = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -113,7 +113,7 @@ void SafeSearchURLCheckerClient::CheckURL(const GURL& url,
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = GURL(kSafeSearchApiUrl);
|
||||
resource_request->method = "POST";
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
std::unique_ptr<network::SimpleURLLoader> simple_url_loader =
|
||||
network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation_);
|
||||
|
@@ -346,7 +346,7 @@ GaiaCookieManagerService::ExternalCcResultFetcher::CreateAndStartLoader(
|
||||
|
||||
auto request = std::make_unique<network::ResourceRequest>();
|
||||
request->url = url;
|
||||
request->allow_credentials = false;
|
||||
request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
std::unique_ptr<network::SimpleURLLoader> loader =
|
||||
network::SimpleURLLoader::Create(std::move(request), traffic_annotation);
|
||||
|
@@ -167,7 +167,7 @@ bool SpellingServiceClient::RequestTextCheck(
|
||||
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = BuildEndpointUrl(type);
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
|
||||
std::unique_ptr<network::SimpleURLLoader> simple_url_loader =
|
||||
|
@@ -420,7 +420,7 @@ SuggestionsServiceImpl::CreateSuggestionsRequest(
|
||||
resource_request->url = url;
|
||||
resource_request->method = "GET";
|
||||
resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
// Add Chrome experiment state to the request headers.
|
||||
// TODO: We should call AppendVariationHeaders with explicit
|
||||
// variations::SignedIn::kNo If the access_token is empty
|
||||
|
@@ -92,7 +92,7 @@ void SyncStoppedReporter::ReportSyncStopped(const std::string& access_token,
|
||||
resource_request->url = sync_event_url_;
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request->method = "POST";
|
||||
resource_request->headers.SetHeader(
|
||||
net::HttpRequestHeaders::kAuthorization,
|
||||
|
@@ -535,7 +535,7 @@ bool VariationsService::DoFetchFromURL(const GURL& url, bool is_http_retry) {
|
||||
})");
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = url;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
bool enable_deltas = false;
|
||||
std::string serial_number =
|
||||
field_trial_creator_.seed_store()->GetLatestSerialNumber();
|
||||
|
@@ -157,7 +157,6 @@ ServiceWorkerSingleScriptUpdateChecker::ServiceWorkerSingleScriptUpdateChecker(
|
||||
// default value.
|
||||
// TODO(https://crbug.com/972458): Need the test.
|
||||
resource_request.credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request.allow_credentials = false;
|
||||
|
||||
// |fetch_request_context_type| and |resource_type| roughly correspond to
|
||||
// the request's |destination| in the Fetch spec.
|
||||
|
@@ -559,7 +559,7 @@ SpeechRecognitionEngine::ConnectBothStreams(const FSMEventArgs&) {
|
||||
}
|
||||
})");
|
||||
auto downstream_request = std::make_unique<network::ResourceRequest>();
|
||||
downstream_request->allow_credentials = false;
|
||||
downstream_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
downstream_request->url = downstream_url;
|
||||
downstream_loader_ = std::make_unique<DownstreamLoader>(
|
||||
std::move(downstream_request), downstream_traffic_annotation,
|
||||
@@ -657,7 +657,7 @@ SpeechRecognitionEngine::ConnectBothStreams(const FSMEventArgs&) {
|
||||
upstream_request->url = upstream_url;
|
||||
upstream_request->method = "POST";
|
||||
upstream_request->referrer = GURL(config_.origin_url);
|
||||
upstream_request->allow_credentials = false;
|
||||
upstream_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
if (use_framed_post_data_) {
|
||||
upstream_request->headers.SetHeader(net::HttpRequestHeaders::kContentType,
|
||||
"application/octet-stream");
|
||||
|
@@ -120,7 +120,7 @@ SignedExchangeCertFetcher::SignedExchangeCertFetcher(
|
||||
static_cast<int>(ResourceType::kSubResource);
|
||||
// Cert requests should not send credential informartion, because the default
|
||||
// credentials mode of Fetch is "omit".
|
||||
resource_request_->allow_credentials = false;
|
||||
resource_request_->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
resource_request_->headers.SetHeader(network::kAcceptHeader,
|
||||
kCertChainMimeType);
|
||||
if (force_fetch) {
|
||||
|
@@ -268,7 +268,8 @@ TEST_F(SignedExchangeCertFetcherTest, Simple) {
|
||||
EXPECT_EQ(url_, mock_loader_factory_.url_request()->url);
|
||||
EXPECT_EQ(static_cast<int>(ResourceType::kSubResource),
|
||||
mock_loader_factory_.url_request()->resource_type);
|
||||
EXPECT_FALSE(mock_loader_factory_.url_request()->allow_credentials);
|
||||
EXPECT_EQ(mock_loader_factory_.url_request()->credentials_mode,
|
||||
network::mojom::CredentialsMode::kOmit);
|
||||
EXPECT_TRUE(mock_loader_factory_.url_request()->request_initiator->opaque());
|
||||
std::string accept;
|
||||
EXPECT_TRUE(
|
||||
@@ -326,7 +327,8 @@ TEST_F(SignedExchangeCertFetcherTest, ForceFetchAndFail) {
|
||||
mock_loader_factory_.url_request()->resource_type);
|
||||
EXPECT_EQ(net::LOAD_DISABLE_CACHE | net::LOAD_BYPASS_CACHE,
|
||||
mock_loader_factory_.url_request()->load_flags);
|
||||
EXPECT_FALSE(mock_loader_factory_.url_request()->allow_credentials);
|
||||
EXPECT_EQ(mock_loader_factory_.url_request()->credentials_mode,
|
||||
network::mojom::CredentialsMode::kOmit);
|
||||
|
||||
mock_loader_factory_.client_ptr()->OnComplete(
|
||||
network::URLLoaderCompletionStatus(net::ERR_INVALID_SIGNED_EXCHANGE));
|
||||
|
@@ -91,7 +91,7 @@ void SignedExchangeValidityPinger::Start(
|
||||
static_cast<int>(ResourceType::kSubResource);
|
||||
// Set empty origin as the initiator and attach no cookies.
|
||||
resource_request->request_initiator = url::Origin();
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
// Always hit the network as it's meant to be a liveliness check.
|
||||
// (While we don't check the result yet)
|
||||
resource_request->load_flags |=
|
||||
|
@@ -143,6 +143,7 @@ void WorkerScriptFetchInitiator::Start(
|
||||
resource_request->referrer_policy = Referrer::ReferrerPolicyForUrlRequest(
|
||||
outside_fetch_client_settings_object->referrer_policy);
|
||||
resource_request->resource_type = static_cast<int>(resource_type);
|
||||
resource_request->credentials_mode = credentials_mode;
|
||||
|
||||
// For a classic worker script request:
|
||||
// https://html.spec.whatwg.org/C/#fetch-a-classic-worker-script
|
||||
@@ -155,20 +156,6 @@ void WorkerScriptFetchInitiator::Start(
|
||||
// module fetch flag is set, then set request's mode to "same-origin"."
|
||||
resource_request->mode = network::mojom::RequestMode::kSameOrigin;
|
||||
|
||||
// When the credentials mode is "omit", clear |allow_credentials| and set
|
||||
// load flags to disable sending credentials according to the comments in
|
||||
// CorsURLLoaderFactory::IsSane().
|
||||
// TODO(https://crbug.com/799935): Unify |LOAD_DO_NOT_*| into
|
||||
// |allow_credentials|.
|
||||
resource_request->credentials_mode = credentials_mode;
|
||||
if (credentials_mode == network::mojom::CredentialsMode::kOmit) {
|
||||
resource_request->allow_credentials = false;
|
||||
const auto load_flags_pattern = net::LOAD_DO_NOT_SAVE_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_AUTH_DATA;
|
||||
resource_request->load_flags |= load_flags_pattern;
|
||||
}
|
||||
|
||||
switch (resource_type) {
|
||||
case ResourceType::kWorker:
|
||||
resource_request->fetch_request_context_type =
|
||||
|
@@ -306,7 +306,7 @@ void PingRlzServer(std::string url,
|
||||
auto resource_request = std::make_unique<network::ResourceRequest>();
|
||||
resource_request->url = GURL(url);
|
||||
resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
auto url_loader = network::SimpleURLLoader::Create(
|
||||
std::move(resource_request), traffic_annotation);
|
||||
|
@@ -154,7 +154,7 @@ bool NetworkLocationRequest::MakeRequest(
|
||||
DCHECK(resource_request->url.is_valid());
|
||||
resource_request->load_flags =
|
||||
net::LOAD_BYPASS_CACHE | net::LOAD_DISABLE_CACHE;
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
url_loader_ = network::SimpleURLLoader::Create(std::move(resource_request),
|
||||
traffic_annotation);
|
||||
|
@@ -507,7 +507,7 @@ std::unique_ptr<network::SimpleURLLoader> Annotator::MakeRequestLoader(
|
||||
|
||||
resource_request->url = server_url;
|
||||
|
||||
resource_request->allow_credentials = false;
|
||||
resource_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
// Put API key in request's header if a key exists, and the endpoint is
|
||||
// trusted by Google.
|
||||
|
@@ -454,11 +454,6 @@ void CorsURLLoader::StartRequest() {
|
||||
request_.url, request_.mode, request_.request_initiator, fetch_cors_flag_,
|
||||
tainted_, origin_access_list_);
|
||||
|
||||
if (!CalculateCredentialsFlag(request_.credentials_mode,
|
||||
response_tainting_)) {
|
||||
request_.allow_credentials = false;
|
||||
}
|
||||
|
||||
// Note that even when |NeedsPreflight(request_)| holds we don't make a
|
||||
// preflight request when |fetch_cors_flag_| is false (e.g., when the origin
|
||||
// of the url is equal to the origin of the request.
|
||||
@@ -488,6 +483,15 @@ void CorsURLLoader::StartNetworkRequest(
|
||||
if (preflight_timing_info)
|
||||
preflight_timing_info_.push_back(*preflight_timing_info);
|
||||
|
||||
// Here we overwrite the credentials mode sent to URLLoader because
|
||||
// network::URLLoader doesn't understand |kSameOrigin|.
|
||||
// TODO(crbug.com/943939): Fix this.
|
||||
auto original_credentials_mode = request_.credentials_mode;
|
||||
request_.credentials_mode =
|
||||
CalculateCredentialsFlag(original_credentials_mode, response_tainting_)
|
||||
? mojom::CredentialsMode::kInclude
|
||||
: mojom::CredentialsMode::kOmit;
|
||||
|
||||
mojom::URLLoaderClientPtr network_client;
|
||||
network_client_binding_.Bind(mojo::MakeRequest(&network_client));
|
||||
// Binding |this| as an unretained pointer is safe because
|
||||
@@ -497,6 +501,8 @@ void CorsURLLoader::StartNetworkRequest(
|
||||
network_loader_factory_->CreateLoaderAndStart(
|
||||
mojo::MakeRequest(&network_loader_), routing_id_, request_id_, options_,
|
||||
request_, std::move(network_client), traffic_annotation_);
|
||||
|
||||
request_.credentials_mode = original_credentials_mode;
|
||||
}
|
||||
|
||||
void CorsURLLoader::HandleComplete(const URLLoaderCompletionStatus& status) {
|
||||
|
@@ -142,24 +142,6 @@ bool CorsURLLoaderFactory::IsSane(const NetworkContext* context,
|
||||
return false;
|
||||
}
|
||||
|
||||
const auto load_flags_pattern = net::LOAD_DO_NOT_SAVE_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_AUTH_DATA;
|
||||
// The Fetch credential mode and lower-level options should match. If the
|
||||
// Fetch mode is kOmit, then either |allow_credentials| must be false or
|
||||
// all three load flags must be set. https://crbug.com/799935 tracks
|
||||
// unifying |LOAD_DO_NOT_*| into |allow_credentials|.
|
||||
if (request.credentials_mode == mojom::CredentialsMode::kOmit &&
|
||||
request.allow_credentials &&
|
||||
(request.load_flags & load_flags_pattern) != load_flags_pattern) {
|
||||
LOG(WARNING) << "|credentials_mode| and |allow_credentials| or "
|
||||
"|load_flags| contradict each "
|
||||
"other.";
|
||||
mojo::ReportBadMessage(
|
||||
"CorsURLLoaderFactory: omit-credentials vs load_flags");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Ensure that renderer requests are covered either by CORS or CORB.
|
||||
if (process_id_ != mojom::kBrowserProcessId) {
|
||||
switch (request.mode) {
|
||||
|
@@ -120,7 +120,6 @@ TEST_F(CorsURLLoaderFactoryTest, DestructionOrder) {
|
||||
GURL url("http://localhost");
|
||||
request.mode = mojom::RequestMode::kNoCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = net::HttpRequestHeaders::kGetMethod;
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(url);
|
||||
|
@@ -176,7 +176,6 @@ class CorsURLLoaderTest : public testing::Test {
|
||||
ResourceRequest request;
|
||||
request.mode = mode;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = net::HttpRequestHeaders::kGetMethod;
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -493,75 +492,6 @@ TEST_F(CorsURLLoaderTest, NavigateWithoutInitiator) {
|
||||
EXPECT_EQ(net::OK, client().completion_status().error_code);
|
||||
}
|
||||
|
||||
TEST_F(CorsURLLoaderTest, CredentialsModeAndLoadFlagsContradictEachOther1) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kNavigate;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.load_flags =
|
||||
net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES;
|
||||
request.url = GURL("http://example.com/");
|
||||
request.request_initiator = base::nullopt;
|
||||
|
||||
BadMessageTestHelper bad_message_helper;
|
||||
CreateLoaderAndStart(request);
|
||||
RunUntilComplete();
|
||||
|
||||
EXPECT_FALSE(IsNetworkLoaderStarted());
|
||||
EXPECT_FALSE(client().has_received_redirect());
|
||||
EXPECT_FALSE(client().has_received_response());
|
||||
EXPECT_TRUE(client().has_received_completion());
|
||||
EXPECT_EQ(net::ERR_INVALID_ARGUMENT, client().completion_status().error_code);
|
||||
EXPECT_THAT(bad_message_helper.bad_message_reports(),
|
||||
::testing::ElementsAre(
|
||||
"CorsURLLoaderFactory: omit-credentials vs load_flags"));
|
||||
}
|
||||
|
||||
TEST_F(CorsURLLoaderTest, CredentialsModeAndLoadFlagsContradictEachOther2) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kNavigate;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.load_flags =
|
||||
net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_AUTH_DATA;
|
||||
request.url = GURL("http://example.com/");
|
||||
request.request_initiator = base::nullopt;
|
||||
|
||||
BadMessageTestHelper bad_message_helper;
|
||||
CreateLoaderAndStart(request);
|
||||
RunUntilComplete();
|
||||
|
||||
EXPECT_FALSE(IsNetworkLoaderStarted());
|
||||
EXPECT_FALSE(client().has_received_redirect());
|
||||
EXPECT_FALSE(client().has_received_response());
|
||||
EXPECT_TRUE(client().has_received_completion());
|
||||
EXPECT_EQ(net::ERR_INVALID_ARGUMENT, client().completion_status().error_code);
|
||||
EXPECT_THAT(bad_message_helper.bad_message_reports(),
|
||||
::testing::ElementsAre(
|
||||
"CorsURLLoaderFactory: omit-credentials vs load_flags"));
|
||||
}
|
||||
|
||||
TEST_F(CorsURLLoaderTest, CredentialsModeAndLoadFlagsContradictEachOther3) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kNavigate;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.load_flags =
|
||||
net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SEND_AUTH_DATA;
|
||||
request.url = GURL("http://example.com/");
|
||||
request.request_initiator = base::nullopt;
|
||||
|
||||
BadMessageTestHelper bad_message_helper;
|
||||
CreateLoaderAndStart(request);
|
||||
RunUntilComplete();
|
||||
|
||||
EXPECT_FALSE(IsNetworkLoaderStarted());
|
||||
EXPECT_FALSE(client().has_received_redirect());
|
||||
EXPECT_FALSE(client().has_received_response());
|
||||
EXPECT_TRUE(client().has_received_completion());
|
||||
EXPECT_EQ(net::ERR_INVALID_ARGUMENT, client().completion_status().error_code);
|
||||
EXPECT_THAT(bad_message_helper.bad_message_reports(),
|
||||
::testing::ElementsAre(
|
||||
"CorsURLLoaderFactory: omit-credentials vs load_flags"));
|
||||
}
|
||||
|
||||
TEST_F(CorsURLLoaderTest, NavigationFromRenderer) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kNavigate;
|
||||
@@ -1024,7 +954,6 @@ TEST_F(CorsURLLoaderTest,
|
||||
ResourceRequest original_request;
|
||||
original_request.mode = mojom::RequestMode::kCors;
|
||||
original_request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
original_request.allow_credentials = false;
|
||||
original_request.method = "PATCH";
|
||||
original_request.url = url;
|
||||
original_request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1095,7 +1024,6 @@ TEST_F(CorsURLLoaderTest, RedirectInfoShouldBeUsed) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = "POST";
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1178,7 +1106,6 @@ TEST_F(CorsURLLoaderTest, FollowErrorRedirect) {
|
||||
ResourceRequest original_request;
|
||||
original_request.mode = mojom::RequestMode::kCors;
|
||||
original_request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
original_request.allow_credentials = false;
|
||||
original_request.redirect_mode = mojom::RedirectMode::kError;
|
||||
original_request.method = "GET";
|
||||
original_request.url = url;
|
||||
@@ -1401,7 +1328,6 @@ TEST_F(CorsURLLoaderTest, 304ForSimpleRevalidation) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = "GET";
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1431,7 +1357,6 @@ TEST_F(CorsURLLoaderTest, 304ForSimpleGet) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = "GET";
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1457,7 +1382,6 @@ TEST_F(CorsURLLoaderTest, 200ForSimpleRevalidation) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = "GET";
|
||||
request.url = url;
|
||||
request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1487,7 +1411,6 @@ TEST_F(CorsURLLoaderTest, RevalidationAndPreflight) {
|
||||
ResourceRequest original_request;
|
||||
original_request.mode = mojom::RequestMode::kCors;
|
||||
original_request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
original_request.allow_credentials = false;
|
||||
original_request.method = "GET";
|
||||
original_request.url = url;
|
||||
original_request.request_initiator = url::Origin::Create(origin);
|
||||
@@ -1630,7 +1553,6 @@ TEST_F(CorsURLLoaderTest, RequestWithHostHeaderFails) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = net::HttpRequestHeaders::kGetMethod;
|
||||
request.url = GURL("https://foo.test/path");
|
||||
request.request_initiator = url::Origin::Create(GURL("https://foo.test"));
|
||||
@@ -1648,7 +1570,6 @@ TEST_F(CorsURLLoaderTest, RequestWithProxyAuthorizationHeaderFails) {
|
||||
ResourceRequest request;
|
||||
request.mode = mojom::RequestMode::kCors;
|
||||
request.credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
request.allow_credentials = false;
|
||||
request.method = net::HttpRequestHeaders::kGetMethod;
|
||||
request.url = GURL("https://foo.test/path");
|
||||
request.request_initiator = url::Origin::Create(GURL("https://foo.test"));
|
||||
|
@@ -85,7 +85,6 @@ std::unique_ptr<ResourceRequest> CreatePreflightRequest(
|
||||
preflight_request->referrer_policy = request.referrer_policy;
|
||||
|
||||
preflight_request->credentials_mode = mojom::CredentialsMode::kOmit;
|
||||
preflight_request->allow_credentials = false;
|
||||
preflight_request->load_flags = RetrieveCacheFlags(request.load_flags);
|
||||
preflight_request->fetch_window_id = request.fetch_window_id;
|
||||
preflight_request->render_frame_id = request.render_frame_id;
|
||||
|
@@ -89,7 +89,6 @@ TEST(PreflightControllerCreatePreflightRequestTest, Credentials) {
|
||||
PreflightController::CreatePreflightRequestForTesting(request);
|
||||
|
||||
EXPECT_EQ(mojom::CredentialsMode::kOmit, preflight->credentials_mode);
|
||||
EXPECT_FALSE(preflight->allow_credentials);
|
||||
}
|
||||
|
||||
TEST(PreflightControllerCreatePreflightRequestTest,
|
||||
|
@@ -131,7 +131,7 @@ void OriginPolicyFetcher::FetchPolicy(mojom::URLLoaderFactory* factory) {
|
||||
std::make_unique<ResourceRequest>();
|
||||
policy_request->url = fetch_url_;
|
||||
policy_request->request_initiator = url::Origin::Create(fetch_url_);
|
||||
policy_request->allow_credentials = false;
|
||||
policy_request->credentials_mode = network::mojom::CredentialsMode::kOmit;
|
||||
|
||||
url_loader_ =
|
||||
SimpleURLLoader::Create(std::move(policy_request), traffic_annotation);
|
||||
|
@@ -31,7 +31,6 @@ bool ResourceRequest::EqualsForTesting(const ResourceRequest& request) const {
|
||||
cors_exempt_headers.ToString() ==
|
||||
request.cors_exempt_headers.ToString() &&
|
||||
load_flags == request.load_flags &&
|
||||
allow_credentials == request.allow_credentials &&
|
||||
plugin_child_id == request.plugin_child_id &&
|
||||
resource_type == request.resource_type &&
|
||||
priority == request.priority &&
|
||||
@@ -79,11 +78,13 @@ bool ResourceRequest::EqualsForTesting(const ResourceRequest& request) const {
|
||||
}
|
||||
|
||||
bool ResourceRequest::SendsCookies() const {
|
||||
return allow_credentials && !(load_flags & net::LOAD_DO_NOT_SEND_COOKIES);
|
||||
return credentials_mode == network::mojom::CredentialsMode::kInclude &&
|
||||
!(load_flags & net::LOAD_DO_NOT_SEND_COOKIES);
|
||||
}
|
||||
|
||||
bool ResourceRequest::SavesCookies() const {
|
||||
return allow_credentials && !(load_flags & net::LOAD_DO_NOT_SAVE_COOKIES);
|
||||
return credentials_mode == network::mojom::CredentialsMode::kInclude &&
|
||||
!(load_flags & net::LOAD_DO_NOT_SAVE_COOKIES);
|
||||
}
|
||||
|
||||
} // namespace network
|
||||
|
@@ -55,7 +55,6 @@ struct COMPONENT_EXPORT(NETWORK_CPP_BASE) ResourceRequest {
|
||||
net::HttpRequestHeaders headers;
|
||||
net::HttpRequestHeaders cors_exempt_headers;
|
||||
int load_flags = 0;
|
||||
bool allow_credentials = true;
|
||||
int plugin_child_id = -1;
|
||||
int resource_type = 0;
|
||||
net::RequestPriority priority = net::IDLE;
|
||||
|
@@ -189,7 +189,6 @@ bool StructTraits<
|
||||
data.update_first_party_url_on_redirect();
|
||||
out->is_prerendering = data.is_prerendering();
|
||||
out->load_flags = data.load_flags();
|
||||
out->allow_credentials = data.allow_credentials();
|
||||
out->plugin_child_id = data.plugin_child_id();
|
||||
out->resource_type = data.resource_type();
|
||||
out->should_reset_appcache = data.should_reset_appcache();
|
||||
|
@@ -102,9 +102,6 @@ struct COMPONENT_EXPORT(NETWORK_CPP_BASE)
|
||||
static int32_t load_flags(const network::ResourceRequest& request) {
|
||||
return request.load_flags;
|
||||
}
|
||||
static bool allow_credentials(const network::ResourceRequest& request) {
|
||||
return request.allow_credentials;
|
||||
}
|
||||
static int32_t plugin_child_id(const network::ResourceRequest& request) {
|
||||
return request.plugin_child_id;
|
||||
}
|
||||
|
@@ -65,7 +65,6 @@ TEST(URLRequestMojomTraitsTest, Roundtrips_ResourceRequest) {
|
||||
original.headers.SetHeader("Accept", "text/xml");
|
||||
original.cors_exempt_headers.SetHeader("X-Requested-With", "ForTesting");
|
||||
original.load_flags = 3;
|
||||
original.allow_credentials = true;
|
||||
original.plugin_child_id = 5;
|
||||
original.resource_type = 2;
|
||||
original.priority = net::IDLE;
|
||||
|
@@ -178,10 +178,6 @@ struct URLRequest {
|
||||
// net::URLRequest load flags.
|
||||
int32 load_flags;
|
||||
|
||||
// Whether to allow credentials for this request.
|
||||
// See net::URLRequest::set_allow_credentials.
|
||||
bool allow_credentials;
|
||||
|
||||
// If this request originated from a pepper plugin running in a child
|
||||
// process, this identifies which process it came from. Otherwise, it
|
||||
// is zero.
|
||||
@@ -241,9 +237,9 @@ struct URLRequest {
|
||||
RequestMode mode;
|
||||
|
||||
// https://fetch.spec.whatwg.org/#concept-request-credentials-mode
|
||||
// Used mainly by CORS handling (out-of-blink CORS), Service Worker.
|
||||
// If this member is kOmit, then DO_NOT_SAVE_COOKIES, DO_NOT_SEND_COOKIES,
|
||||
// and DO_NOT_SEND_AUTH_DATA must be set on load_flags.
|
||||
// Controls whether credentials are attached to this request.
|
||||
// Currently kSameOrigin does not work with |mode: kNavigate|.
|
||||
// TODO(yhirano): Fix this.
|
||||
CredentialsMode credentials_mode;
|
||||
|
||||
// https://fetch.spec.whatwg.org/#concept-request-redirect-mode
|
||||
|
@@ -461,8 +461,9 @@ URLLoader::URLLoader(
|
||||
url_request_->SetLoadFlags(request.load_flags);
|
||||
|
||||
// net::LOAD_DO_NOT_* are in the process of being converted to
|
||||
// allow_credentials. See https://crbug.com/799935.
|
||||
if (!request.allow_credentials) {
|
||||
// credentials_mode. See https://crbug.com/799935.
|
||||
// TODO(crbug.com/943939): Make this work with CredentialsMode::kSameOrigin.
|
||||
if (request.credentials_mode == mojom::CredentialsMode::kOmit) {
|
||||
const auto creds_mask = net::LOAD_DO_NOT_SAVE_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_COOKIES |
|
||||
net::LOAD_DO_NOT_SEND_AUTH_DATA;
|
||||
|
Reference in New Issue
Block a user