1/*
2 * Copyright (C) 2006-2018 Apple Inc. All rights reserved.
3 * Copyright (C) 2011 Google Inc. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Neither the name of Apple Inc. ("Apple") nor the names of
15 * its contributors may be used to endorse or promote products derived
16 * from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
19 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
21 * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
22 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
25 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30#include "config.h"
31#include "DocumentLoader.h"
32
33#include "ApplicationCacheHost.h"
34#include "Archive.h"
35#include "ArchiveResourceCollection.h"
36#include "CachedPage.h"
37#include "CachedRawResource.h"
38#include "CachedResourceLoader.h"
39#include "ContentExtensionError.h"
40#include "ContentSecurityPolicy.h"
41#include "CustomHeaderFields.h"
42#include "DOMWindow.h"
43#include "Document.h"
44#include "DocumentParser.h"
45#include "DocumentWriter.h"
46#include "ElementChildIterator.h"
47#include "Event.h"
48#include "EventNames.h"
49#include "ExtensionStyleSheets.h"
50#include "FormState.h"
51#include "Frame.h"
52#include "FrameLoader.h"
53#include "FrameLoaderClient.h"
54#include "FrameTree.h"
55#include "HTMLFormElement.h"
56#include "HTMLFrameOwnerElement.h"
57#include "HTTPHeaderNames.h"
58#include "HistoryItem.h"
59#include "HistoryController.h"
60#include "IconLoader.h"
61#include "InspectorInstrumentation.h"
62#include "LinkIconCollector.h"
63#include "LinkIconType.h"
64#include "LoaderStrategy.h"
65#include "Logging.h"
66#include "MemoryCache.h"
67#include "NetworkLoadMetrics.h"
68#include "Page.h"
69#include "PingLoader.h"
70#include "PlatformStrategies.h"
71#include "PolicyChecker.h"
72#include "ProgressTracker.h"
73#include "ResourceHandle.h"
74#include "ResourceLoadObserver.h"
75#include "RuntimeEnabledFeatures.h"
76#include "SWClientConnection.h"
77#include "SchemeRegistry.h"
78#include "ScriptableDocumentParser.h"
79#include "SecurityPolicy.h"
80#include "ServiceWorker.h"
81#include "ServiceWorkerClientData.h"
82#include "ServiceWorkerProvider.h"
83#include "Settings.h"
84#include "SubresourceLoader.h"
85#include "TextResourceDecoder.h"
86#include <wtf/Assertions.h>
87#include <wtf/CompletionHandler.h>
88#include <wtf/NeverDestroyed.h>
89#include <wtf/Ref.h>
90#include <wtf/text/CString.h>
91#include <wtf/text/WTFString.h>
92
93#if ENABLE(APPLICATION_MANIFEST)
94#include "ApplicationManifestLoader.h"
95#include "HTMLHeadElement.h"
96#include "HTMLLinkElement.h"
97#endif
98
99#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
100#include "ArchiveFactory.h"
101#endif
102
103#if ENABLE(CONTENT_FILTERING)
104#include "ContentFilter.h"
105#endif
106
107#if USE(QUICK_LOOK)
108#include "PreviewConverter.h"
109#include "QuickLook.h"
110#endif
111
112#define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - DocumentLoader::" fmt, this, ##__VA_ARGS__)
113
114namespace WebCore {
115
116static void cancelAll(const ResourceLoaderMap& loaders)
117{
118 for (auto& loader : copyToVector(loaders.values()))
119 loader->cancel();
120}
121
122static void setAllDefersLoading(const ResourceLoaderMap& loaders, bool defers)
123{
124 for (auto& loader : copyToVector(loaders.values()))
125 loader->setDefersLoading(defers);
126}
127
128static bool areAllLoadersPageCacheAcceptable(const ResourceLoaderMap& loaders)
129{
130 for (auto& loader : copyToVector(loaders.values())) {
131 if (!loader->frameLoader() || !loader->frameLoader()->frame().page())
132 return false;
133
134 CachedResource* cachedResource = MemoryCache::singleton().resourceForRequest(loader->request(), loader->frameLoader()->frame().page()->sessionID());
135 if (!cachedResource)
136 return false;
137
138 // Only image and XHR loads do prevent the page from entering the PageCache.
139 // All non-image loads will prevent the page from entering the PageCache.
140 if (!cachedResource->isImage() && !cachedResource->areAllClientsXMLHttpRequests())
141 return false;
142 }
143 return true;
144}
145
146DocumentLoader::DocumentLoader(const ResourceRequest& request, const SubstituteData& substituteData)
147 : FrameDestructionObserver(nullptr)
148 , m_cachedResourceLoader(CachedResourceLoader::create(this))
149 , m_originalRequest(request)
150 , m_substituteData(substituteData)
151 , m_originalRequestCopy(request)
152 , m_request(request)
153 , m_originalSubstituteDataWasValid(substituteData.isValid())
154 , m_substituteResourceDeliveryTimer(*this, &DocumentLoader::substituteResourceDeliveryTimerFired)
155 , m_dataLoadTimer(*this, &DocumentLoader::handleSubstituteDataLoadNow)
156 , m_applicationCacheHost(std::make_unique<ApplicationCacheHost>(*this))
157{
158}
159
160FrameLoader* DocumentLoader::frameLoader() const
161{
162 if (!m_frame)
163 return nullptr;
164 return &m_frame->loader();
165}
166
167SubresourceLoader* DocumentLoader::mainResourceLoader() const
168{
169 if (!m_mainResource)
170 return nullptr;
171 return m_mainResource->loader();
172}
173
174DocumentLoader::~DocumentLoader()
175{
176 ASSERT(!m_frame || !isLoading() || frameLoader()->activeDocumentLoader() != this);
177 ASSERT_WITH_MESSAGE(!m_waitingForContentPolicy, "The content policy callback should never outlive its DocumentLoader.");
178 ASSERT_WITH_MESSAGE(!m_waitingForNavigationPolicy, "The navigation policy callback should never outlive its DocumentLoader.");
179
180 m_cachedResourceLoader->clearDocumentLoader();
181 clearMainResource();
182}
183
184RefPtr<SharedBuffer> DocumentLoader::mainResourceData() const
185{
186 if (m_substituteData.isValid())
187 return m_substituteData.content()->copy();
188 if (m_mainResource)
189 return m_mainResource->resourceBuffer();
190 return nullptr;
191}
192
193Document* DocumentLoader::document() const
194{
195 if (m_frame && m_frame->loader().documentLoader() == this)
196 return m_frame->document();
197 return nullptr;
198}
199
200void DocumentLoader::replaceRequestURLForSameDocumentNavigation(const URL& url)
201{
202 m_originalRequestCopy.setURL(url);
203 m_request.setURL(url);
204}
205
206void DocumentLoader::setRequest(const ResourceRequest& req)
207{
208 // Replacing an unreachable URL with alternate content looks like a server-side
209 // redirect at this point, but we can replace a committed dataSource.
210 bool handlingUnreachableURL = false;
211
212 handlingUnreachableURL = m_substituteData.isValid() && !m_substituteData.failingURL().isEmpty();
213
214 bool shouldNotifyAboutProvisionalURLChange = false;
215 if (handlingUnreachableURL)
216 m_committed = false;
217 else if (isLoadingMainResource() && req.url() != m_request.url())
218 shouldNotifyAboutProvisionalURLChange = true;
219
220 // We should never be getting a redirect callback after the data
221 // source is committed, except in the unreachable URL case. It
222 // would be a WebFoundation bug if it sent a redirect callback after commit.
223 ASSERT(!m_committed);
224
225 m_request = req;
226 if (shouldNotifyAboutProvisionalURLChange)
227 frameLoader()->client().dispatchDidChangeProvisionalURL();
228}
229
230void DocumentLoader::setMainDocumentError(const ResourceError& error)
231{
232 if (!error.isNull())
233 RELEASE_LOG_IF_ALLOWED("setMainDocumentError: (frame = %p, main = %d, type = %d, code = %d)", m_frame, m_frame->isMainFrame(), static_cast<int>(error.type()), error.errorCode());
234
235 m_mainDocumentError = error;
236 frameLoader()->client().setMainDocumentError(this, error);
237}
238
239void DocumentLoader::mainReceivedError(const ResourceError& error)
240{
241 ASSERT(!error.isNull());
242
243 if (!frameLoader())
244 return;
245
246 if (!error.isNull())
247 RELEASE_LOG_IF_ALLOWED("mainReceivedError: (frame = %p, main = %d, type = %d, code = %d)", m_frame, m_frame->isMainFrame(), static_cast<int>(error.type()), error.errorCode());
248
249 if (m_identifierForLoadWithoutResourceLoader) {
250 ASSERT(!mainResourceLoader());
251 frameLoader()->client().dispatchDidFailLoading(this, m_identifierForLoadWithoutResourceLoader, error);
252 }
253
254 // There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
255 // See <rdar://problem/6304600> for more details.
256#if !USE(CF)
257 ASSERT(!mainResourceLoader() || !mainResourceLoader()->defersLoading());
258#endif
259
260 m_applicationCacheHost->failedLoadingMainResource();
261
262 setMainDocumentError(error);
263 clearMainResourceLoader();
264 frameLoader()->receivedMainResourceError(error);
265}
266
267// Cancels the data source's pending loads. Conceptually, a data source only loads
268// one document at a time, but one document may have many related resources.
269// stopLoading will stop all loads initiated by the data source,
270// but not loads initiated by child frames' data sources -- that's the WebFrame's job.
271void DocumentLoader::stopLoading()
272{
273 RefPtr<Frame> protectedFrame(m_frame);
274 Ref<DocumentLoader> protectedThis(*this);
275
276 // In some rare cases, calling FrameLoader::stopLoading could cause isLoading() to return false.
277 // (This can happen when there's a single XMLHttpRequest currently loading and stopLoading causes it
278 // to stop loading. Because of this, we need to save it so we don't return early.
279 bool loading = isLoading();
280
281 // We may want to audit the existing subresource loaders when we are on a page which has completed
282 // loading but there are subresource loads during cancellation. This must be done before the
283 // frame->stopLoading() call, which may evict the CachedResources, which we rely on to check
284 // the type of the resource loads.
285 if (loading && m_committed && !mainResourceLoader() && !m_subresourceLoaders.isEmpty())
286 m_subresourceLoadersArePageCacheAcceptable = areAllLoadersPageCacheAcceptable(m_subresourceLoaders);
287
288 if (m_committed) {
289 // Attempt to stop the frame if the document loader is loading, or if it is done loading but
290 // still parsing. Failure to do so can cause a world leak.
291 Document* doc = m_frame->document();
292
293 if (loading || doc->parsing())
294 m_frame->loader().stopLoading(UnloadEventPolicyNone);
295 }
296
297 for (auto callbackIdentifier : m_iconLoaders.values())
298 notifyFinishedLoadingIcon(callbackIdentifier, nullptr);
299 m_iconLoaders.clear();
300 m_iconsPendingLoadDecision.clear();
301
302#if ENABLE(APPLICATION_MANIFEST)
303 for (auto callbackIdentifier : m_applicationManifestLoaders.values())
304 notifyFinishedLoadingApplicationManifest(callbackIdentifier, WTF::nullopt);
305 m_applicationManifestLoaders.clear();
306#endif
307
308 // Always cancel multipart loaders
309 cancelAll(m_multipartSubresourceLoaders);
310
311 // Appcache uses ResourceHandle directly, DocumentLoader doesn't count these loads.
312 m_applicationCacheHost->stopLoadingInFrame(*m_frame);
313
314#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
315 clearArchiveResources();
316#endif
317
318 if (!loading) {
319 // If something above restarted loading we might run into mysterious crashes like
320 // https://bugs.webkit.org/show_bug.cgi?id=62764 and <rdar://problem/9328684>
321 ASSERT(!isLoading());
322 return;
323 }
324
325 // We might run in to infinite recursion if we're stopping loading as the result of
326 // detaching from the frame, so break out of that recursion here.
327 // See <rdar://problem/9673866> for more details.
328 if (m_isStopping)
329 return;
330
331 m_isStopping = true;
332
333 // The frame may have been detached from this document by the onunload handler
334 if (auto* frameLoader = DocumentLoader::frameLoader()) {
335 RELEASE_LOG_IF_ALLOWED("stopLoading: canceling load (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
336 if (isLoadingMainResource()) {
337 // Stop the main resource loader and let it send the cancelled message.
338 cancelMainResourceLoad(frameLoader->cancelledError(m_request));
339 } else if (!m_subresourceLoaders.isEmpty() || !m_plugInStreamLoaders.isEmpty()) {
340 // The main resource loader already finished loading. Set the cancelled error on the
341 // document and let the subresourceLoaders and pluginLoaders send individual cancelled messages below.
342 setMainDocumentError(frameLoader->cancelledError(m_request));
343 } else {
344 // If there are no resource loaders, we need to manufacture a cancelled message.
345 // (A back/forward navigation has no resource loaders because its resources are cached.)
346 mainReceivedError(frameLoader->cancelledError(m_request));
347 }
348 }
349
350 // We always need to explicitly cancel the Document's parser when stopping the load.
351 // Otherwise cancelling the parser while starting the next page load might result
352 // in unexpected side effects such as erroneous event dispatch. ( http://webkit.org/b/117112 )
353 if (Document* document = this->document())
354 document->cancelParsing();
355
356 stopLoadingSubresources();
357 stopLoadingPlugIns();
358
359 m_isStopping = false;
360}
361
362void DocumentLoader::commitIfReady()
363{
364 if (!m_committed) {
365 m_committed = true;
366 frameLoader()->commitProvisionalLoad();
367 }
368}
369
370bool DocumentLoader::isLoading() const
371{
372 // if (document() && document()->hasActiveParser())
373 // return true;
374 // FIXME: The above code should be enabled, but it seems to cause
375 // http/tests/security/feed-urls-from-remote.html to timeout on Mac WK1
376 // see http://webkit.org/b/110554 and http://webkit.org/b/110401
377
378 return isLoadingMainResource() || !m_subresourceLoaders.isEmpty() || !m_plugInStreamLoaders.isEmpty();
379}
380
381void DocumentLoader::notifyFinished(CachedResource& resource)
382{
383 ASSERT(isMainThread());
384#if ENABLE(CONTENT_FILTERING)
385 if (m_contentFilter && !m_contentFilter->continueAfterNotifyFinished(resource))
386 return;
387#endif
388
389 ASSERT_UNUSED(resource, m_mainResource == &resource);
390 ASSERT(m_mainResource);
391 if (!m_mainResource->errorOccurred() && !m_mainResource->wasCanceled()) {
392 finishedLoading();
393 return;
394 }
395
396 if (m_request.cachePolicy() == ResourceRequestCachePolicy::ReturnCacheDataDontLoad && !m_mainResource->wasCanceled()) {
397 frameLoader()->retryAfterFailedCacheOnlyMainResourceLoad();
398 return;
399 }
400
401 if (!m_mainResource->resourceError().isNull())
402 RELEASE_LOG_IF_ALLOWED("notifyFinished: canceling load (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
403
404 mainReceivedError(m_mainResource->resourceError());
405}
406
407void DocumentLoader::finishedLoading()
408{
409 // There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
410 // See <rdar://problem/6304600> for more details.
411#if !USE(CF)
412 ASSERT(!m_frame->page()->defersLoading() || frameLoader()->stateMachine().creatingInitialEmptyDocument() || InspectorInstrumentation::isDebuggerPaused(m_frame));
413#endif
414
415 Ref<DocumentLoader> protectedThis(*this);
416
417 if (m_identifierForLoadWithoutResourceLoader) {
418 // A didFinishLoading delegate might try to cancel the load (despite it
419 // being finished). Clear m_identifierForLoadWithoutResourceLoader
420 // before calling dispatchDidFinishLoading so that we don't later try to
421 // cancel the already-finished substitute load.
422 NetworkLoadMetrics emptyMetrics;
423 unsigned long identifier = m_identifierForLoadWithoutResourceLoader;
424 m_identifierForLoadWithoutResourceLoader = 0;
425 frameLoader()->notifier().dispatchDidFinishLoading(this, identifier, emptyMetrics, nullptr);
426 }
427
428 maybeFinishLoadingMultipartContent();
429
430 MonotonicTime responseEndTime = m_timeOfLastDataReceived ? m_timeOfLastDataReceived : MonotonicTime::now();
431 timing().setResponseEnd(responseEndTime);
432
433 commitIfReady();
434 if (!frameLoader())
435 return;
436
437 if (!maybeCreateArchive()) {
438 // If this is an empty document, it will not have actually been created yet. Commit dummy data so that
439 // DocumentWriter::begin() gets called and creates the Document.
440 if (!m_gotFirstByte)
441 commitData(0, 0);
442 frameLoader()->client().finishedLoading(this);
443 }
444
445 m_writer.end();
446 if (!m_mainDocumentError.isNull())
447 return;
448 clearMainResourceLoader();
449 if (!frameLoader())
450 return;
451 if (!frameLoader()->stateMachine().creatingInitialEmptyDocument())
452 frameLoader()->checkLoadComplete();
453
454 // If the document specified an application cache manifest, it violates the author's intent if we store it in the memory cache
455 // and deny the appcache the chance to intercept it in the future, so remove from the memory cache.
456 if (m_frame) {
457 if (m_mainResource && m_frame->document()->hasManifest())
458 MemoryCache::singleton().remove(*m_mainResource);
459 }
460 m_applicationCacheHost->finishedLoadingMainResource();
461}
462
463bool DocumentLoader::isPostOrRedirectAfterPost(const ResourceRequest& newRequest, const ResourceResponse& redirectResponse)
464{
465 if (newRequest.httpMethod() == "POST")
466 return true;
467
468 int status = redirectResponse.httpStatusCode();
469 if (((status >= 301 && status <= 303) || status == 307)
470 && m_originalRequest.httpMethod() == "POST")
471 return true;
472
473 return false;
474}
475
476void DocumentLoader::handleSubstituteDataLoadNow()
477{
478 ResourceResponse response = m_substituteData.response();
479 if (response.url().isEmpty())
480 response = ResourceResponse(m_request.url(), m_substituteData.mimeType(), m_substituteData.content()->size(), m_substituteData.textEncoding());
481
482 responseReceived(response, nullptr);
483}
484
485void DocumentLoader::startDataLoadTimer()
486{
487 m_dataLoadTimer.startOneShot(0_s);
488
489#if HAVE(RUNLOOP_TIMER)
490 if (SchedulePairHashSet* scheduledPairs = m_frame->page()->scheduledRunLoopPairs())
491 m_dataLoadTimer.schedule(*scheduledPairs);
492#endif
493}
494
495#if ENABLE(SERVICE_WORKER)
496void DocumentLoader::matchRegistration(const URL& url, SWClientConnection::RegistrationCallback&& callback)
497{
498 auto shouldTryLoadingThroughServiceWorker = !frameLoader()->isReloadingFromOrigin() && m_frame->page() && RuntimeEnabledFeatures::sharedFeatures().serviceWorkerEnabled() && SchemeRegistry::canServiceWorkersHandleURLScheme(url.protocol().toStringWithoutCopying());
499 if (!shouldTryLoadingThroughServiceWorker) {
500 callback(WTF::nullopt);
501 return;
502 }
503
504 auto origin = (!m_frame->isMainFrame() && m_frame->document()) ? m_frame->document()->topOrigin().data() : SecurityOriginData::fromURL(url);
505 auto sessionID = m_frame->page()->sessionID();
506 auto& provider = ServiceWorkerProvider::singleton();
507 if (!provider.mayHaveServiceWorkerRegisteredForOrigin(sessionID, origin)) {
508 callback(WTF::nullopt);
509 return;
510 }
511
512 auto& connection = ServiceWorkerProvider::singleton().serviceWorkerConnectionForSession(sessionID);
513 connection.matchRegistration(WTFMove(origin), url, WTFMove(callback));
514}
515
516static inline bool areRegistrationsEqual(const Optional<ServiceWorkerRegistrationData>& a, const Optional<ServiceWorkerRegistrationData>& b)
517{
518 if (!a)
519 return !b;
520 if (!b)
521 return false;
522 return a->identifier == b->identifier;
523}
524#endif
525
526void DocumentLoader::redirectReceived(CachedResource& resource, ResourceRequest&& request, const ResourceResponse& redirectResponse, CompletionHandler<void(ResourceRequest&&)>&& completionHandler)
527{
528 ASSERT_UNUSED(resource, &resource == m_mainResource);
529#if ENABLE(SERVICE_WORKER)
530 bool isRedirectionFromServiceWorker = redirectResponse.source() == ResourceResponse::Source::ServiceWorker;
531 willSendRequest(WTFMove(request), redirectResponse, [isRedirectionFromServiceWorker, completionHandler = WTFMove(completionHandler), protectedThis = makeRef(*this), this] (auto&& request) mutable {
532 ASSERT(!m_substituteData.isValid());
533 if (request.isNull() || !m_mainDocumentError.isNull() || !m_frame) {
534 completionHandler({ });
535 return;
536 }
537
538 auto url = request.url();
539 this->matchRegistration(url, [request = WTFMove(request), isRedirectionFromServiceWorker, completionHandler = WTFMove(completionHandler), protectedThis = WTFMove(protectedThis), this] (auto&& registrationData) mutable {
540 if (!m_mainDocumentError.isNull() || !m_frame) {
541 completionHandler({ });
542 return;
543 }
544
545 if (!registrationData && this->tryLoadingRedirectRequestFromApplicationCache(request)) {
546 completionHandler({ });
547 return;
548 }
549
550 bool shouldContinueLoad = areRegistrationsEqual(m_serviceWorkerRegistrationData, registrationData)
551 && isRedirectionFromServiceWorker == !!registrationData;
552
553 if (shouldContinueLoad) {
554 completionHandler(WTFMove(request));
555 return;
556 }
557
558 this->restartLoadingDueToServiceWorkerRegistrationChange(WTFMove(request), WTFMove(registrationData));
559 completionHandler({ });
560 return;
561 });
562 });
563#else
564 willSendRequest(WTFMove(request), redirectResponse, WTFMove(completionHandler));
565#endif
566}
567
568void DocumentLoader::willSendRequest(ResourceRequest&& newRequest, const ResourceResponse& redirectResponse, CompletionHandler<void(ResourceRequest&&)>&& completionHandler)
569{
570 // Note that there are no asserts here as there are for the other callbacks. This is due to the
571 // fact that this "callback" is sent when starting every load, and the state of callback
572 // deferrals plays less of a part in this function in preventing the bad behavior deferring
573 // callbacks is meant to prevent.
574 ASSERT(!newRequest.isNull());
575
576 bool didReceiveRedirectResponse = !redirectResponse.isNull();
577 if (!frameLoader()->checkIfFormActionAllowedByCSP(newRequest.url(), didReceiveRedirectResponse)) {
578 RELEASE_LOG_IF_ALLOWED("willSendRequest: canceling - form action not allowed by CSP (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
579 cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
580 return completionHandler(WTFMove(newRequest));
581 }
582
583 ASSERT(timing().fetchStart());
584 if (didReceiveRedirectResponse) {
585 // If the redirecting url is not allowed to display content from the target origin,
586 // then block the redirect.
587 Ref<SecurityOrigin> redirectingOrigin(SecurityOrigin::create(redirectResponse.url()));
588 if (!redirectingOrigin.get().canDisplay(newRequest.url())) {
589 RELEASE_LOG_IF_ALLOWED("willSendRequest: canceling - redirecting URL not allowed to display content from target(frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
590 FrameLoader::reportLocalLoadFailed(m_frame, newRequest.url().string());
591 cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
592 return completionHandler(WTFMove(newRequest));
593 }
594 if (!portAllowed(newRequest.url())) {
595 RELEASE_LOG_IF_ALLOWED("willSendRequest: canceling - port not allowed (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
596 FrameLoader::reportBlockedPortFailed(m_frame, newRequest.url().string());
597 cancelMainResourceLoad(frameLoader()->blockedError(newRequest));
598 return completionHandler(WTFMove(newRequest));
599 }
600 timing().addRedirect(redirectResponse.url(), newRequest.url());
601 }
602
603 ASSERT(m_frame);
604
605 Frame& topFrame = m_frame->tree().top();
606
607 ASSERT(m_frame->document());
608 ASSERT(topFrame.document());
609
610 // Update cookie policy base URL as URL changes, except for subframes, which use the
611 // URL of the main frame which doesn't change when we redirect.
612 if (m_frame->isMainFrame())
613 newRequest.setFirstPartyForCookies(newRequest.url());
614
615 FrameLoader::addSameSiteInfoToRequestIfNeeded(newRequest, m_frame->document());
616
617 if (!didReceiveRedirectResponse)
618 frameLoader()->client().dispatchWillChangeDocument(m_frame->document()->url(), newRequest.url());
619
620 // If we're fielding a redirect in response to a POST, force a load from origin, since
621 // this is a common site technique to return to a page viewing some data that the POST
622 // just modified.
623 // Also, POST requests always load from origin, but this does not affect subresources.
624 if (newRequest.cachePolicy() == ResourceRequestCachePolicy::UseProtocolCachePolicy && isPostOrRedirectAfterPost(newRequest, redirectResponse))
625 newRequest.setCachePolicy(ResourceRequestCachePolicy::ReloadIgnoringCacheData);
626
627 if (&topFrame != m_frame) {
628 if (!m_frame->loader().mixedContentChecker().canDisplayInsecureContent(m_frame->document()->securityOrigin(), MixedContentChecker::ContentType::Active, newRequest.url(), MixedContentChecker::AlwaysDisplayInNonStrictMode::Yes)) {
629 cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
630 return completionHandler(WTFMove(newRequest));
631 }
632 if (!frameLoader()->mixedContentChecker().canDisplayInsecureContent(topFrame.document()->securityOrigin(), MixedContentChecker::ContentType::Active, newRequest.url())) {
633 cancelMainResourceLoad(frameLoader()->cancelledError(newRequest));
634 return completionHandler(WTFMove(newRequest));
635 }
636 }
637
638#if ENABLE(CONTENT_FILTERING)
639 if (m_contentFilter && !m_contentFilter->continueAfterWillSendRequest(newRequest, redirectResponse))
640 return completionHandler(WTFMove(newRequest));
641#endif
642
643 setRequest(newRequest);
644
645 if (!didReceiveRedirectResponse)
646 return completionHandler(WTFMove(newRequest));
647
648 auto navigationPolicyCompletionHandler = [this, protectedThis = makeRef(*this), completionHandler = WTFMove(completionHandler)] (ResourceRequest&& request, WeakPtr<FormState>&&, NavigationPolicyDecision navigationPolicyDecision) mutable {
649 m_waitingForNavigationPolicy = false;
650 switch (navigationPolicyDecision) {
651 case NavigationPolicyDecision::IgnoreLoad:
652 case NavigationPolicyDecision::StopAllLoads:
653 stopLoadingForPolicyChange();
654 break;
655 case NavigationPolicyDecision::ContinueLoad:
656 break;
657 }
658
659 completionHandler(WTFMove(request));
660 };
661
662 ASSERT(!m_waitingForNavigationPolicy);
663 m_waitingForNavigationPolicy = true;
664
665 // FIXME: Add a load type check.
666 auto& policyChecker = frameLoader()->policyChecker();
667 RELEASE_ASSERT(!isBackForwardLoadType(policyChecker.loadType()) || frameLoader()->history().provisionalItem());
668 policyChecker.checkNavigationPolicy(WTFMove(newRequest), redirectResponse, WTFMove(navigationPolicyCompletionHandler));
669}
670
671bool DocumentLoader::tryLoadingRequestFromApplicationCache()
672{
673 m_applicationCacheHost->maybeLoadMainResource(m_request, m_substituteData);
674 return tryLoadingSubstituteData();
675}
676
677bool DocumentLoader::tryLoadingSubstituteData()
678{
679 if (!m_substituteData.isValid() || !m_frame->page())
680 return false;
681
682 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Returning substitute data (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
683 m_identifierForLoadWithoutResourceLoader = m_frame->page()->progress().createUniqueIdentifier();
684 frameLoader()->notifier().assignIdentifierToInitialRequest(m_identifierForLoadWithoutResourceLoader, this, m_request);
685 frameLoader()->notifier().dispatchWillSendRequest(this, m_identifierForLoadWithoutResourceLoader, m_request, ResourceResponse());
686
687 if (!m_deferMainResourceDataLoad || frameLoader()->loadsSynchronously())
688 handleSubstituteDataLoadNow();
689 else
690 startDataLoadTimer();
691
692 return true;
693}
694
695bool DocumentLoader::tryLoadingRedirectRequestFromApplicationCache(const ResourceRequest& request)
696{
697 m_applicationCacheHost->maybeLoadMainResourceForRedirect(request, m_substituteData);
698 if (!m_substituteData.isValid())
699 return false;
700
701 RELEASE_ASSERT(m_mainResource);
702 auto* loader = m_mainResource->loader();
703 m_identifierForLoadWithoutResourceLoader = loader ? loader->identifier() : m_mainResource->identifierForLoadWithoutResourceLoader();
704
705 // We need to remove our reference to the CachedResource in favor of a SubstituteData load, which can triger the cancellation of the underyling ResourceLoader.
706 // If the ResourceLoader is indeed cancelled, it would normally send resource load callbacks.
707 // Therefore, sever our relationship with the network load but prevent the ResourceLoader from sending ResourceLoadNotifier callbacks.
708
709 auto resourceLoader = makeRefPtr(mainResourceLoader());
710 if (resourceLoader) {
711 ASSERT(resourceLoader->shouldSendResourceLoadCallbacks());
712 resourceLoader->setSendCallbackPolicy(SendCallbackPolicy::DoNotSendCallbacks);
713 }
714
715 clearMainResource();
716
717 if (resourceLoader)
718 resourceLoader->setSendCallbackPolicy(SendCallbackPolicy::SendCallbacks);
719
720 handleSubstituteDataLoadNow();
721 return true;
722}
723
724#if ENABLE(SERVICE_WORKER)
725void DocumentLoader::restartLoadingDueToServiceWorkerRegistrationChange(ResourceRequest&& request, Optional<ServiceWorkerRegistrationData>&& registrationData)
726{
727 clearMainResource();
728
729 ASSERT(!isCommitted());
730 m_serviceWorkerRegistrationData = WTFMove(registrationData);
731 loadMainResource(WTFMove(request));
732
733 if (m_mainResource)
734 frameLoader()->client().dispatchDidReceiveServerRedirectForProvisionalLoad();
735}
736#endif
737
738void DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(unsigned long identifier, const ResourceResponse& response)
739{
740 Ref<DocumentLoader> protectedThis { *this };
741 InspectorInstrumentation::continueAfterXFrameOptionsDenied(*m_frame, identifier, *this, response);
742 m_frame->document()->enforceSandboxFlags(SandboxOrigin);
743 if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement())
744 ownerElement->dispatchEvent(Event::create(eventNames().loadEvent, Event::CanBubble::No, Event::IsCancelable::No));
745
746 // The load event might have detached this frame. In that case, the load will already have been cancelled during detach.
747 if (FrameLoader* frameLoader = this->frameLoader())
748 cancelMainResourceLoad(frameLoader->cancelledError(m_request));
749}
750
751void DocumentLoader::responseReceived(CachedResource& resource, const ResourceResponse& response, CompletionHandler<void()>&& completionHandler)
752{
753 ASSERT_UNUSED(resource, m_mainResource == &resource);
754 responseReceived(response, WTFMove(completionHandler));
755}
756
757void DocumentLoader::responseReceived(const ResourceResponse& response, CompletionHandler<void()>&& completionHandler)
758{
759 CompletionHandlerCallingScope completionHandlerCaller(WTFMove(completionHandler));
760
761#if ENABLE(CONTENT_FILTERING)
762 if (m_contentFilter && !m_contentFilter->continueAfterResponseReceived(response))
763 return;
764#endif
765
766 Ref<DocumentLoader> protectedThis(*this);
767 bool willLoadFallback = m_applicationCacheHost->maybeLoadFallbackForMainResponse(request(), response);
768
769 // The memory cache doesn't understand the application cache or its caching rules. So if a main resource is served
770 // from the application cache, ensure we don't save the result for future use.
771 if (willLoadFallback)
772 MemoryCache::singleton().remove(*m_mainResource);
773
774 if (willLoadFallback)
775 return;
776
777 ASSERT(m_identifierForLoadWithoutResourceLoader || m_mainResource);
778 unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier();
779 ASSERT(identifier);
780
781 if (m_substituteData.isValid() || !platformStrategies()->loaderStrategy()->havePerformedSecurityChecks(response)) {
782 auto url = response.url();
783 ContentSecurityPolicy contentSecurityPolicy(URL { url }, this);
784 contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders { response }, m_request.httpReferrer());
785 if (!contentSecurityPolicy.allowFrameAncestors(*m_frame, url)) {
786 stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response);
787 return;
788 }
789
790 if (!contentSecurityPolicy.overridesXFrameOptions()) {
791 String frameOptions = response.httpHeaderFields().get(HTTPHeaderName::XFrameOptions);
792 if (!frameOptions.isNull()) {
793 if (frameLoader()->shouldInterruptLoadForXFrameOptions(frameOptions, url, identifier)) {
794 String message = "Refused to display '" + url.stringCenterEllipsizedToLength() + "' in a frame because it set 'X-Frame-Options' to '" + frameOptions + "'.";
795 m_frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, identifier);
796 stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response);
797 return;
798 }
799 }
800 }
801 }
802
803 // There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
804 // See <rdar://problem/6304600> for more details.
805#if !USE(CF)
806 ASSERT(!mainResourceLoader() || !mainResourceLoader()->defersLoading());
807#endif
808
809 if (m_isLoadingMultipartContent) {
810 setupForReplace();
811 m_mainResource->clear();
812 } else if (response.isMultipart())
813 m_isLoadingMultipartContent = true;
814
815 m_response = response;
816
817 if (m_identifierForLoadWithoutResourceLoader) {
818 if (m_mainResource && m_mainResource->wasRedirected()) {
819 ASSERT(m_mainResource->status() == CachedResource::Status::Cached);
820 frameLoader()->client().dispatchDidReceiveServerRedirectForProvisionalLoad();
821 }
822 addResponse(m_response);
823 frameLoader()->notifier().dispatchDidReceiveResponse(this, m_identifierForLoadWithoutResourceLoader, m_response, 0);
824 }
825
826 ASSERT(!m_waitingForContentPolicy);
827 ASSERT(frameLoader());
828 m_waitingForContentPolicy = true;
829
830 // Always show content with valid substitute data.
831 if (m_substituteData.isValid()) {
832 continueAfterContentPolicy(PolicyAction::Use);
833 return;
834 }
835
836#if ENABLE(FTPDIR)
837 // Respect the hidden FTP Directory Listing pref so it can be tested even if the policy delegate might otherwise disallow it
838 if (m_frame->settings().forceFTPDirectoryListings() && m_response.mimeType() == "application/x-ftp-directory") {
839 continueAfterContentPolicy(PolicyAction::Use);
840 return;
841 }
842#endif
843
844 RefPtr<SubresourceLoader> mainResourceLoader = this->mainResourceLoader();
845 if (mainResourceLoader)
846 mainResourceLoader->markInAsyncResponsePolicyCheck();
847 auto requestIdentifier = PolicyCheckIdentifier::create();
848 frameLoader()->checkContentPolicy(m_response, requestIdentifier, [this, protectedThis = makeRef(*this), mainResourceLoader = WTFMove(mainResourceLoader),
849 completionHandler = completionHandlerCaller.release(), requestIdentifier] (PolicyAction policy, PolicyCheckIdentifier responseIdentifeir) mutable {
850 RELEASE_ASSERT(responseIdentifeir.isValidFor(requestIdentifier));
851 continueAfterContentPolicy(policy);
852 if (mainResourceLoader)
853 mainResourceLoader->didReceiveResponsePolicy();
854 if (completionHandler)
855 completionHandler();
856 });
857}
858
859// Prevent web archives from loading if
860// 1) it is remote;
861// 2) it is not the main frame;
862// 3) it is not any of { loaded by clients; loaded by drag; reloaded from any of the previous two };
863// because they can claim to be from any domain and thus avoid cross-domain security checks (4120255, 45524528, 47610130).
864bool DocumentLoader::disallowWebArchive() const
865{
866 using MIMETypeHashSet = HashSet<String, ASCIICaseInsensitiveHash>;
867 static NeverDestroyed<MIMETypeHashSet> webArchiveMIMETypes {
868 MIMETypeHashSet {
869 "application/x-webarchive"_s,
870 "application/x-mimearchive"_s,
871 "multipart/related"_s,
872#if PLATFORM(GTK)
873 "message/rfc822"_s,
874#endif
875 }
876 };
877
878 String mimeType = m_response.mimeType();
879 if (mimeType.isNull() || !webArchiveMIMETypes.get().contains(mimeType))
880 return false;
881
882#if USE(QUICK_LOOK)
883 if (isQuickLookPreviewURL(m_response.url()))
884 return false;
885#endif
886
887 if (m_substituteData.isValid())
888 return false;
889
890 if (!SchemeRegistry::shouldTreatURLSchemeAsLocal(m_request.url().protocol().toStringWithoutCopying()))
891 return true;
892
893 if (!frame() || (frame()->isMainFrame() && m_allowsWebArchiveForMainFrame))
894 return false;
895
896 // On purpose of maintaining existing tests.
897 if (frame()->mainFrame().loader().alwaysAllowLocalWebarchive())
898 return false;
899 return true;
900}
901
902void DocumentLoader::continueAfterContentPolicy(PolicyAction policy)
903{
904 ASSERT(m_waitingForContentPolicy);
905 m_waitingForContentPolicy = false;
906 if (isStopping())
907 return;
908
909 switch (policy) {
910 case PolicyAction::Use: {
911 if (!frameLoader()->client().canShowMIMEType(m_response.mimeType()) || disallowWebArchive()) {
912 frameLoader()->policyChecker().cannotShowMIMEType(m_response);
913 // Check reachedTerminalState since the load may have already been canceled inside of _handleUnimplementablePolicyWithErrorCode::.
914 stopLoadingForPolicyChange();
915 return;
916 }
917 break;
918 }
919
920 case PolicyAction::Download: {
921 // m_mainResource can be null, e.g. when loading a substitute resource from application cache.
922 if (!m_mainResource) {
923 RELEASE_LOG_IF_ALLOWED("continueAfterContentPolicy: cannot show URL (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
924 mainReceivedError(frameLoader()->client().cannotShowURLError(m_request));
925 return;
926 }
927
928 if (ResourceLoader* mainResourceLoader = this->mainResourceLoader())
929 InspectorInstrumentation::continueWithPolicyDownload(*m_frame, mainResourceLoader->identifier(), *this, m_response);
930
931 // When starting the request, we didn't know that it would result in download and not navigation. Now we know that main document URL didn't change.
932 // Download may use this knowledge for purposes unrelated to cookies, notably for setting file quarantine data.
933 frameLoader()->setOriginalURLForDownloadRequest(m_request);
934
935 PAL::SessionID sessionID = PAL::SessionID::defaultSessionID();
936 if (frame() && frame()->page())
937 sessionID = frame()->page()->sessionID();
938
939 if (m_request.url().protocolIsData()) {
940 // We decode data URL internally, there is no resource load to convert.
941 frameLoader()->client().startDownload(m_request);
942 } else
943 frameLoader()->client().convertMainResourceLoadToDownload(this, sessionID, m_request, m_response);
944
945 // It might have gone missing
946 if (mainResourceLoader())
947 static_cast<ResourceLoader*>(mainResourceLoader())->didFail(interruptedForPolicyChangeError());
948 return;
949 }
950 case PolicyAction::StopAllLoads:
951 ASSERT_NOT_REACHED();
952#if ASSERT_DISABLED
953 FALLTHROUGH;
954#endif
955 case PolicyAction::Ignore:
956 if (ResourceLoader* mainResourceLoader = this->mainResourceLoader())
957 InspectorInstrumentation::continueWithPolicyIgnore(*m_frame, mainResourceLoader->identifier(), *this, m_response);
958 stopLoadingForPolicyChange();
959 return;
960 }
961
962 if (m_response.isHTTP()) {
963 int status = m_response.httpStatusCode(); // Status may be zero when loading substitute data, in particular from a WebArchive.
964 if (status && (status < 200 || status >= 300)) {
965 bool hostedByObject = frameLoader()->isHostedByObjectElement();
966
967 frameLoader()->handleFallbackContent();
968 // object elements are no longer rendered after we fallback, so don't
969 // keep trying to process data from their load
970
971 if (hostedByObject)
972 cancelMainResourceLoad(frameLoader()->cancelledError(m_request));
973 }
974 }
975
976 if (!isStopping() && m_substituteData.isValid() && isLoadingMainResource()) {
977 auto content = m_substituteData.content();
978 if (content && content->size())
979 dataReceived(content->data(), content->size());
980 if (isLoadingMainResource())
981 finishedLoading();
982
983 // Remove ourselves as a client of this CachedResource as we've decided to commit substitute data but the
984 // load may keep going and be useful to other clients of the CachedResource. If we did not do this, we
985 // may receive data later on even though this DocumentLoader has finished loading.
986 clearMainResource();
987 }
988}
989
990void DocumentLoader::commitLoad(const char* data, int length)
991{
992 // Both unloading the old page and parsing the new page may execute JavaScript which destroys the datasource
993 // by starting a new load, so retain temporarily.
994 RefPtr<Frame> protectedFrame(m_frame);
995 Ref<DocumentLoader> protectedThis(*this);
996
997 commitIfReady();
998 FrameLoader* frameLoader = DocumentLoader::frameLoader();
999 if (!frameLoader)
1000 return;
1001#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1002 if (ArchiveFactory::isArchiveMIMEType(response().mimeType()))
1003 return;
1004#endif
1005 frameLoader->client().committedLoad(this, data, length);
1006
1007 if (isMultipartReplacingLoad())
1008 frameLoader->client().didReplaceMultipartContent();
1009}
1010
1011ResourceError DocumentLoader::interruptedForPolicyChangeError() const
1012{
1013 return frameLoader()->client().interruptedForPolicyChangeError(request());
1014}
1015
1016void DocumentLoader::stopLoadingForPolicyChange()
1017{
1018 ResourceError error = interruptedForPolicyChangeError();
1019 error.setType(ResourceError::Type::Cancellation);
1020 cancelMainResourceLoad(error);
1021}
1022
1023#if ENABLE(SERVICE_WORKER)
1024static inline bool isLocalURL(const URL& url)
1025{
1026 // https://fetch.spec.whatwg.org/#is-local
1027 auto protocol = url.protocol().toStringWithoutCopying();
1028 return equalLettersIgnoringASCIICase(protocol, "data") || equalLettersIgnoringASCIICase(protocol, "blob") || equalLettersIgnoringASCIICase(protocol, "about");
1029}
1030#endif
1031
1032void DocumentLoader::commitData(const char* bytes, size_t length)
1033{
1034 if (!m_gotFirstByte) {
1035 m_gotFirstByte = true;
1036 bool hasBegun = m_writer.begin(documentURL(), false);
1037 m_writer.setDocumentWasLoadedAsPartOfNavigation();
1038
1039 if (SecurityPolicy::allowSubstituteDataAccessToLocal() && m_originalSubstituteDataWasValid) {
1040 // If this document was loaded with substituteData, then the document can
1041 // load local resources. See https://bugs.webkit.org/show_bug.cgi?id=16756
1042 // and https://bugs.webkit.org/show_bug.cgi?id=19760 for further
1043 // discussion.
1044 m_frame->document()->securityOrigin().grantLoadLocalResources();
1045 }
1046
1047 if (frameLoader()->stateMachine().creatingInitialEmptyDocument())
1048 return;
1049
1050#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1051 if (m_archive && m_archive->shouldOverrideBaseURL())
1052 m_frame->document()->setBaseURLOverride(m_archive->mainResource()->url());
1053#endif
1054#if ENABLE(SERVICE_WORKER)
1055 if (RuntimeEnabledFeatures::sharedFeatures().serviceWorkerEnabled()) {
1056 if (m_serviceWorkerRegistrationData && m_serviceWorkerRegistrationData->activeWorker) {
1057 m_frame->document()->setActiveServiceWorker(ServiceWorker::getOrCreate(*m_frame->document(), WTFMove(m_serviceWorkerRegistrationData->activeWorker.value())));
1058 m_serviceWorkerRegistrationData = { };
1059 } else if (isLocalURL(m_frame->document()->url())) {
1060 if (auto* parent = m_frame->document()->parentDocument())
1061 m_frame->document()->setActiveServiceWorker(parent->activeServiceWorker());
1062 }
1063
1064 if (m_frame->document()->activeServiceWorker() || SchemeRegistry::canServiceWorkersHandleURLScheme(m_frame->document()->url().protocol().toStringWithoutCopying()))
1065 m_frame->document()->setServiceWorkerConnection(ServiceWorkerProvider::singleton().existingServiceWorkerConnectionForSession(m_frame->page()->sessionID()));
1066
1067 // We currently unregister the temporary service worker client since we now registered the real document.
1068 // FIXME: We should make the real document use the temporary client identifier.
1069 unregisterTemporaryServiceWorkerClient();
1070 }
1071#endif
1072 // Call receivedFirstData() exactly once per load. We should only reach this point multiple times
1073 // for multipart loads, and FrameLoader::isReplacing() will be true after the first time.
1074 if (!isMultipartReplacingLoad())
1075 frameLoader()->receivedFirstData();
1076
1077 // The load could be canceled under receivedFirstData(), which makes delegate calls and even sometimes dispatches DOM events.
1078 if (!isLoading())
1079 return;
1080
1081 bool userChosen;
1082 String encoding;
1083 if (overrideEncoding().isNull()) {
1084 userChosen = false;
1085 encoding = response().textEncodingName();
1086#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1087 if (m_archive && m_archive->shouldUseMainResourceEncoding())
1088 encoding = m_archive->mainResource()->textEncoding();
1089#endif
1090 } else {
1091 userChosen = true;
1092 encoding = overrideEncoding();
1093 }
1094
1095 m_writer.setEncoding(encoding, userChosen);
1096
1097 RELEASE_ASSERT(hasBegun);
1098 }
1099
1100#if ENABLE(CONTENT_EXTENSIONS)
1101 auto& extensionStyleSheets = m_frame->document()->extensionStyleSheets();
1102
1103 for (auto& pendingStyleSheet : m_pendingNamedContentExtensionStyleSheets)
1104 extensionStyleSheets.maybeAddContentExtensionSheet(pendingStyleSheet.key, *pendingStyleSheet.value);
1105 for (auto& pendingSelectorEntry : m_pendingContentExtensionDisplayNoneSelectors) {
1106 for (const auto& pendingSelector : pendingSelectorEntry.value)
1107 extensionStyleSheets.addDisplayNoneSelector(pendingSelectorEntry.key, pendingSelector.first, pendingSelector.second);
1108 }
1109
1110 m_pendingNamedContentExtensionStyleSheets.clear();
1111 m_pendingContentExtensionDisplayNoneSelectors.clear();
1112#endif
1113
1114 ASSERT(m_frame->document()->parsing());
1115 m_writer.addData(bytes, length);
1116}
1117
1118void DocumentLoader::dataReceived(CachedResource& resource, const char* data, int length)
1119{
1120 ASSERT_UNUSED(resource, &resource == m_mainResource);
1121 dataReceived(data, length);
1122}
1123
1124void DocumentLoader::dataReceived(const char* data, int length)
1125{
1126#if ENABLE(CONTENT_FILTERING)
1127 if (m_contentFilter && !m_contentFilter->continueAfterDataReceived(data, length))
1128 return;
1129#endif
1130
1131 ASSERT(data);
1132 ASSERT(length);
1133 ASSERT(!m_response.isNull());
1134
1135 // There is a bug in CFNetwork where callbacks can be dispatched even when loads are deferred.
1136 // See <rdar://problem/6304600> for more details.
1137#if !USE(CF)
1138 ASSERT(!mainResourceLoader() || !mainResourceLoader()->defersLoading());
1139#endif
1140
1141 if (m_identifierForLoadWithoutResourceLoader)
1142 frameLoader()->notifier().dispatchDidReceiveData(this, m_identifierForLoadWithoutResourceLoader, data, length, -1);
1143
1144 m_applicationCacheHost->mainResourceDataReceived(data, length, -1, false);
1145 m_timeOfLastDataReceived = MonotonicTime::now();
1146
1147 if (!isMultipartReplacingLoad())
1148 commitLoad(data, length);
1149}
1150
1151void DocumentLoader::setupForReplace()
1152{
1153 if (!mainResourceData())
1154 return;
1155
1156 frameLoader()->client().willReplaceMultipartContent();
1157
1158 maybeFinishLoadingMultipartContent();
1159 maybeCreateArchive();
1160 m_writer.end();
1161 frameLoader()->setReplacing();
1162 m_gotFirstByte = false;
1163
1164 stopLoadingSubresources();
1165 stopLoadingPlugIns();
1166#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1167 clearArchiveResources();
1168#endif
1169}
1170
1171void DocumentLoader::checkLoadComplete()
1172{
1173 if (!m_frame || isLoading())
1174 return;
1175
1176 ASSERT(this == frameLoader()->activeDocumentLoader());
1177 m_frame->document()->domWindow()->finishedLoading();
1178}
1179
1180void DocumentLoader::applyPoliciesToSettings()
1181{
1182 if (!m_frame) {
1183 ASSERT_NOT_REACHED();
1184 return;
1185 }
1186
1187 if (!m_frame->isMainFrame())
1188 return;
1189
1190#if ENABLE(MEDIA_SOURCE)
1191 m_frame->settings().setMediaSourceEnabled(m_mediaSourcePolicy == MediaSourcePolicy::Default ? Settings::platformDefaultMediaSourceEnabled() : m_mediaSourcePolicy == MediaSourcePolicy::Enable);
1192#endif
1193}
1194
1195void DocumentLoader::attachToFrame(Frame& frame)
1196{
1197 if (m_frame == &frame)
1198 return;
1199
1200 ASSERT(!m_frame);
1201 observeFrame(&frame);
1202 m_writer.setFrame(frame);
1203 attachToFrame();
1204
1205#ifndef NDEBUG
1206 m_hasEverBeenAttached = true;
1207#endif
1208
1209 applyPoliciesToSettings();
1210}
1211
1212void DocumentLoader::attachToFrame()
1213{
1214 ASSERT(m_frame);
1215}
1216
1217void DocumentLoader::detachFromFrame()
1218{
1219#ifndef NDEBUG
1220 if (m_hasEverBeenAttached)
1221 ASSERT_WITH_MESSAGE(m_frame, "detachFromFrame() is being called on a DocumentLoader twice without an attachToFrame() inbetween");
1222 else
1223 ASSERT_WITH_MESSAGE(m_frame, "detachFromFrame() is being called on a DocumentLoader that has never attached to any Frame");
1224#endif
1225 RefPtr<Frame> protectedFrame(m_frame);
1226 Ref<DocumentLoader> protectedThis(*this);
1227
1228 // It never makes sense to have a document loader that is detached from its
1229 // frame have any loads active, so kill all the loads.
1230 stopLoading();
1231 if (m_mainResource && m_mainResource->hasClient(*this))
1232 m_mainResource->removeClient(*this);
1233#if ENABLE(CONTENT_FILTERING)
1234 if (m_contentFilter)
1235 m_contentFilter->stopFilteringMainResource();
1236#endif
1237
1238 m_applicationCacheHost->setDOMApplicationCache(nullptr);
1239
1240 cancelPolicyCheckIfNeeded();
1241
1242 // cancelPolicyCheckIfNeeded can clear m_frame if the policy check
1243 // is stopped, resulting in a recursive call into this detachFromFrame.
1244 // If m_frame is nullptr after cancelPolicyCheckIfNeeded, our work is
1245 // already done so just return.
1246 if (!m_frame)
1247 return;
1248
1249 InspectorInstrumentation::loaderDetachedFromFrame(*m_frame, *this);
1250
1251 observeFrame(nullptr);
1252}
1253
1254void DocumentLoader::clearMainResourceLoader()
1255{
1256 m_loadingMainResource = false;
1257
1258 if (this == frameLoader()->activeDocumentLoader())
1259 checkLoadComplete();
1260}
1261
1262#if ENABLE(APPLICATION_MANIFEST)
1263uint64_t DocumentLoader::loadApplicationManifest()
1264{
1265 static uint64_t nextCallbackID = 1;
1266
1267 auto* document = this->document();
1268 if (!document)
1269 return 0;
1270
1271 if (!m_frame->isMainFrame())
1272 return 0;
1273
1274 if (document->url().isEmpty() || document->url().protocolIsAbout())
1275 return 0;
1276
1277 auto head = document->head();
1278 if (!head)
1279 return 0;
1280
1281 URL manifestURL;
1282 bool useCredentials = false;
1283 for (const auto& link : childrenOfType<HTMLLinkElement>(*head)) {
1284 if (link.isApplicationManifest()) {
1285 manifestURL = link.href();
1286 useCredentials = equalIgnoringASCIICase(link.attributeWithoutSynchronization(HTMLNames::crossoriginAttr), "use-credentials");
1287 break;
1288 }
1289 }
1290
1291 if (manifestURL.isEmpty() || !manifestURL.isValid())
1292 return 0;
1293
1294 auto manifestLoader = std::make_unique<ApplicationManifestLoader>(*this, manifestURL, useCredentials);
1295 auto* rawManifestLoader = manifestLoader.get();
1296 auto callbackID = nextCallbackID++;
1297 m_applicationManifestLoaders.set(WTFMove(manifestLoader), callbackID);
1298
1299 if (!rawManifestLoader->startLoading()) {
1300 m_applicationManifestLoaders.remove(rawManifestLoader);
1301 return 0;
1302 }
1303
1304 return callbackID;
1305}
1306
1307void DocumentLoader::finishedLoadingApplicationManifest(ApplicationManifestLoader& loader)
1308{
1309 // If the DocumentLoader has detached from its frame, all manifest loads should have already been canceled.
1310 ASSERT(m_frame);
1311
1312 auto callbackIdentifier = m_applicationManifestLoaders.get(&loader);
1313 notifyFinishedLoadingApplicationManifest(callbackIdentifier, loader.processManifest());
1314 m_applicationManifestLoaders.remove(&loader);
1315}
1316
1317void DocumentLoader::notifyFinishedLoadingApplicationManifest(uint64_t callbackIdentifier, Optional<ApplicationManifest> manifest)
1318{
1319 RELEASE_ASSERT(callbackIdentifier);
1320 RELEASE_ASSERT(m_frame);
1321 m_frame->loader().client().finishedLoadingApplicationManifest(callbackIdentifier, manifest);
1322}
1323#endif
1324
1325bool DocumentLoader::isLoadingInAPISense() const
1326{
1327 // Once a frame has loaded, we no longer need to consider subresources,
1328 // but we still need to consider subframes.
1329 if (frameLoader()->state() != FrameStateComplete) {
1330 if (m_frame->settings().needsIsLoadingInAPISenseQuirk() && !m_subresourceLoaders.isEmpty())
1331 return true;
1332
1333 ASSERT(m_frame->document());
1334 auto& document = *m_frame->document();
1335 if ((isLoadingMainResource() || !document.loadEventFinished()) && isLoading())
1336 return true;
1337 if (m_cachedResourceLoader->requestCount())
1338 return true;
1339 if (document.isDelayingLoadEvent())
1340 return true;
1341 if (document.processingLoadEvent())
1342 return true;
1343 if (document.hasActiveParser())
1344 return true;
1345 auto* scriptableParser = document.scriptableDocumentParser();
1346 if (scriptableParser && scriptableParser->hasScriptsWaitingForStylesheets())
1347 return true;
1348 }
1349 return frameLoader()->subframeIsLoading();
1350}
1351
1352bool DocumentLoader::maybeCreateArchive()
1353{
1354#if !ENABLE(WEB_ARCHIVE) && !ENABLE(MHTML)
1355 return false;
1356#else
1357 // Give the archive machinery a crack at this document. If the MIME type is not an archive type, it will return 0.
1358 m_archive = ArchiveFactory::create(m_response.url(), mainResourceData().get(), m_response.mimeType());
1359 if (!m_archive)
1360 return false;
1361
1362 addAllArchiveResources(*m_archive);
1363 ASSERT(m_archive->mainResource());
1364 auto& mainResource = *m_archive->mainResource();
1365 m_parsedArchiveData = &mainResource.data();
1366 m_writer.setMIMEType(mainResource.mimeType());
1367
1368 ASSERT(m_frame->document());
1369 commitData(mainResource.data().data(), mainResource.data().size());
1370 return true;
1371#endif
1372}
1373
1374#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1375
1376void DocumentLoader::setArchive(Ref<Archive>&& archive)
1377{
1378 m_archive = WTFMove(archive);
1379 addAllArchiveResources(*m_archive);
1380}
1381
1382void DocumentLoader::addAllArchiveResources(Archive& archive)
1383{
1384 if (!m_archiveResourceCollection)
1385 m_archiveResourceCollection = std::make_unique<ArchiveResourceCollection>();
1386 m_archiveResourceCollection->addAllResources(archive);
1387}
1388
1389// FIXME: Adding a resource directly to a DocumentLoader/ArchiveResourceCollection seems like bad design, but is API some apps rely on.
1390// Can we change the design in a manner that will let us deprecate that API without reducing functionality of those apps?
1391void DocumentLoader::addArchiveResource(Ref<ArchiveResource>&& resource)
1392{
1393 if (!m_archiveResourceCollection)
1394 m_archiveResourceCollection = std::make_unique<ArchiveResourceCollection>();
1395 m_archiveResourceCollection->addResource(WTFMove(resource));
1396}
1397
1398RefPtr<Archive> DocumentLoader::popArchiveForSubframe(const String& frameName, const URL& url)
1399{
1400 return m_archiveResourceCollection ? m_archiveResourceCollection->popSubframeArchive(frameName, url) : nullptr;
1401}
1402
1403void DocumentLoader::clearArchiveResources()
1404{
1405 m_archiveResourceCollection = nullptr;
1406 m_substituteResourceDeliveryTimer.stop();
1407}
1408
1409SharedBuffer* DocumentLoader::parsedArchiveData() const
1410{
1411 return m_parsedArchiveData.get();
1412}
1413
1414#endif // ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1415
1416ArchiveResource* DocumentLoader::archiveResourceForURL(const URL& url) const
1417{
1418 if (!m_archiveResourceCollection)
1419 return nullptr;
1420 auto* resource = m_archiveResourceCollection->archiveResourceForURL(url);
1421 if (!resource || resource->shouldIgnoreWhenUnarchiving())
1422 return nullptr;
1423 return resource;
1424}
1425
1426RefPtr<ArchiveResource> DocumentLoader::mainResource() const
1427{
1428 RefPtr<SharedBuffer> data = mainResourceData();
1429 if (!data)
1430 data = SharedBuffer::create();
1431 auto& response = this->response();
1432 return ArchiveResource::create(WTFMove(data), response.url(), response.mimeType(), response.textEncodingName(), frame()->tree().uniqueName());
1433}
1434
1435RefPtr<ArchiveResource> DocumentLoader::subresource(const URL& url) const
1436{
1437 if (!isCommitted())
1438 return nullptr;
1439
1440 auto* resource = m_cachedResourceLoader->cachedResource(url);
1441 if (!resource || !resource->isLoaded())
1442 return archiveResourceForURL(url);
1443
1444 if (resource->type() == CachedResource::Type::MainResource)
1445 return nullptr;
1446
1447 auto* data = resource->resourceBuffer();
1448 if (!data)
1449 return nullptr;
1450
1451 return ArchiveResource::create(data, url, resource->response());
1452}
1453
1454Vector<Ref<ArchiveResource>> DocumentLoader::subresources() const
1455{
1456 if (!isCommitted())
1457 return { };
1458
1459 Vector<Ref<ArchiveResource>> subresources;
1460 for (auto& handle : m_cachedResourceLoader->allCachedResources().values()) {
1461 if (auto subresource = this->subresource({ { }, handle->url() }))
1462 subresources.append(subresource.releaseNonNull());
1463 }
1464 return subresources;
1465}
1466
1467void DocumentLoader::deliverSubstituteResourcesAfterDelay()
1468{
1469 if (m_pendingSubstituteResources.isEmpty())
1470 return;
1471 ASSERT(m_frame);
1472 ASSERT(m_frame->page());
1473 if (m_frame->page()->defersLoading())
1474 return;
1475
1476 if (!m_substituteResourceDeliveryTimer.isActive())
1477 m_substituteResourceDeliveryTimer.startOneShot(0_s);
1478}
1479
1480void DocumentLoader::substituteResourceDeliveryTimerFired()
1481{
1482 if (m_pendingSubstituteResources.isEmpty())
1483 return;
1484 ASSERT(m_frame);
1485 ASSERT(m_frame->page());
1486 if (m_frame->page()->defersLoading())
1487 return;
1488
1489 auto pendingSubstituteResources = WTFMove(m_pendingSubstituteResources);
1490 for (auto& pendingSubstituteResource : pendingSubstituteResources) {
1491 auto& loader = pendingSubstituteResource.key;
1492 if (auto& resource = pendingSubstituteResource.value)
1493 resource->deliver(*loader);
1494 else {
1495 // A null resource means that we should fail the load.
1496 // FIXME: Maybe we should use another error here - something like "not in cache".
1497 loader->didFail(loader->cannotShowURLError());
1498 }
1499 }
1500}
1501
1502#ifndef NDEBUG
1503
1504bool DocumentLoader::isSubstituteLoadPending(ResourceLoader* loader) const
1505{
1506 return m_pendingSubstituteResources.contains(loader);
1507}
1508
1509#endif
1510
1511void DocumentLoader::cancelPendingSubstituteLoad(ResourceLoader* loader)
1512{
1513 if (m_pendingSubstituteResources.isEmpty())
1514 return;
1515 m_pendingSubstituteResources.remove(loader);
1516 if (m_pendingSubstituteResources.isEmpty())
1517 m_substituteResourceDeliveryTimer.stop();
1518}
1519
1520#if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML)
1521
1522bool DocumentLoader::scheduleArchiveLoad(ResourceLoader& loader, const ResourceRequest& request)
1523{
1524 if (auto* resource = archiveResourceForURL(request.url())) {
1525 scheduleSubstituteResourceLoad(loader, *resource);
1526 return true;
1527 }
1528
1529 if (!m_archive)
1530 return false;
1531
1532#if ENABLE(WEB_ARCHIVE)
1533 // The idea of WebArchiveDebugMode is that we should fail instead of trying to fetch from the network.
1534 // Returning true ensures the caller will not try to fetch from the network.
1535 if (m_frame->settings().webArchiveDebugModeEnabled() && responseMIMEType() == "application/x-webarchive")
1536 return true;
1537#endif
1538
1539 // If we want to load from the archive only, then we should always return true so that the caller
1540 // does not try to fetch form the network.
1541 return m_archive->shouldLoadFromArchiveOnly();
1542}
1543
1544#endif
1545
1546void DocumentLoader::scheduleSubstituteResourceLoad(ResourceLoader& loader, SubstituteResource& resource)
1547{
1548#if ENABLE(SERVICE_WORKER)
1549 ASSERT(!loader.options().serviceWorkerRegistrationIdentifier);
1550#endif
1551 m_pendingSubstituteResources.set(&loader, &resource);
1552 deliverSubstituteResourcesAfterDelay();
1553}
1554
1555void DocumentLoader::scheduleCannotShowURLError(ResourceLoader& loader)
1556{
1557 m_pendingSubstituteResources.set(&loader, nullptr);
1558 deliverSubstituteResourcesAfterDelay();
1559}
1560
1561void DocumentLoader::addResponse(const ResourceResponse& response)
1562{
1563 if (!m_stopRecordingResponses)
1564 m_responses.append(response);
1565}
1566
1567void DocumentLoader::stopRecordingResponses()
1568{
1569 m_stopRecordingResponses = true;
1570 m_responses.shrinkToFit();
1571}
1572
1573void DocumentLoader::setCustomHeaderFields(Vector<CustomHeaderFields>&& fields)
1574{
1575 m_customHeaderFields = WTFMove(fields);
1576}
1577
1578void DocumentLoader::setTitle(const StringWithDirection& title)
1579{
1580 if (m_pageTitle == title)
1581 return;
1582
1583 frameLoader()->willChangeTitle(this);
1584 m_pageTitle = title;
1585 frameLoader()->didChangeTitle(this);
1586}
1587
1588URL DocumentLoader::urlForHistory() const
1589{
1590 // Return the URL to be used for history and B/F list.
1591 // Returns nil for WebDataProtocol URLs that aren't alternates
1592 // for unreachable URLs, because these can't be stored in history.
1593 if (m_substituteData.isValid() && !m_substituteData.shouldRevealToSessionHistory())
1594 return unreachableURL();
1595
1596 return m_originalRequestCopy.url();
1597}
1598
1599bool DocumentLoader::urlForHistoryReflectsFailure() const
1600{
1601 return m_substituteData.isValid() || m_response.httpStatusCode() >= 400;
1602}
1603
1604URL DocumentLoader::documentURL() const
1605{
1606 URL url = substituteData().response().url();
1607#if ENABLE(WEB_ARCHIVE)
1608 if (url.isEmpty() && m_archive && m_archive->shouldUseMainResourceURL())
1609 url = m_archive->mainResource()->url();
1610#endif
1611 if (url.isEmpty())
1612 url = m_request.url();
1613 if (url.isEmpty())
1614 url = m_response.url();
1615 return url;
1616}
1617
1618#if PLATFORM(IOS_FAMILY)
1619
1620// FIXME: This method seems to violate the encapsulation of this class.
1621void DocumentLoader::setResponseMIMEType(const String& responseMimeType)
1622{
1623 m_response.setMimeType(responseMimeType);
1624}
1625
1626#endif
1627
1628void DocumentLoader::setDefersLoading(bool defers)
1629{
1630 // Multiple frames may be loading the same main resource simultaneously. If deferral state changes,
1631 // each frame's DocumentLoader will try to send a setDefersLoading() to the same underlying ResourceLoader. Ensure only
1632 // the "owning" DocumentLoader does so, as setDefersLoading() is not resilient to setting the same value repeatedly.
1633 if (mainResourceLoader() && mainResourceLoader()->documentLoader() == this)
1634 mainResourceLoader()->setDefersLoading(defers);
1635
1636 setAllDefersLoading(m_subresourceLoaders, defers);
1637 setAllDefersLoading(m_plugInStreamLoaders, defers);
1638 if (!defers)
1639 deliverSubstituteResourcesAfterDelay();
1640}
1641
1642void DocumentLoader::setMainResourceDataBufferingPolicy(DataBufferingPolicy dataBufferingPolicy)
1643{
1644 if (m_mainResource)
1645 m_mainResource->setDataBufferingPolicy(dataBufferingPolicy);
1646}
1647
1648void DocumentLoader::stopLoadingPlugIns()
1649{
1650 cancelAll(m_plugInStreamLoaders);
1651}
1652
1653void DocumentLoader::stopLoadingSubresources()
1654{
1655 cancelAll(m_subresourceLoaders);
1656 ASSERT(m_subresourceLoaders.isEmpty());
1657}
1658
1659void DocumentLoader::addSubresourceLoader(ResourceLoader* loader)
1660{
1661 // The main resource's underlying ResourceLoader will ask to be added here.
1662 // It is much simpler to handle special casing of main resource loads if we don't
1663 // let it be added. In the main resource load case, mainResourceLoader()
1664 // will still be null at this point, but m_gotFirstByte should be false here if and only
1665 // if we are just starting the main resource load.
1666 if (!m_gotFirstByte)
1667 return;
1668 ASSERT(loader->identifier());
1669 ASSERT(!m_subresourceLoaders.contains(loader->identifier()));
1670 ASSERT(!mainResourceLoader() || mainResourceLoader() != loader);
1671
1672 // Application Cache loaders are handled by their ApplicationCacheGroup directly.
1673 if (loader->options().applicationCacheMode == ApplicationCacheMode::Bypass)
1674 return;
1675
1676 // A page in the PageCache or about to enter PageCache should not be able to start loads.
1677 ASSERT_WITH_SECURITY_IMPLICATION(!document() || document()->pageCacheState() == Document::NotInPageCache);
1678
1679 m_subresourceLoaders.add(loader->identifier(), loader);
1680}
1681
1682void DocumentLoader::removeSubresourceLoader(LoadCompletionType type, ResourceLoader* loader)
1683{
1684 ASSERT(loader->identifier());
1685
1686 if (!m_subresourceLoaders.remove(loader->identifier()))
1687 return;
1688 checkLoadComplete();
1689 if (Frame* frame = m_frame)
1690 frame->loader().subresourceLoadDone(type);
1691}
1692
1693void DocumentLoader::addPlugInStreamLoader(ResourceLoader& loader)
1694{
1695 ASSERT(loader.identifier());
1696 ASSERT(!m_plugInStreamLoaders.contains(loader.identifier()));
1697
1698 m_plugInStreamLoaders.add(loader.identifier(), &loader);
1699}
1700
1701void DocumentLoader::removePlugInStreamLoader(ResourceLoader& loader)
1702{
1703 ASSERT(loader.identifier());
1704 ASSERT(&loader == m_plugInStreamLoaders.get(loader.identifier()));
1705
1706 m_plugInStreamLoaders.remove(loader.identifier());
1707 checkLoadComplete();
1708}
1709
1710bool DocumentLoader::isMultipartReplacingLoad() const
1711{
1712 return isLoadingMultipartContent() && frameLoader()->isReplacing();
1713}
1714
1715bool DocumentLoader::maybeLoadEmpty()
1716{
1717 bool shouldLoadEmpty = !m_substituteData.isValid() && (m_request.url().isEmpty() || SchemeRegistry::shouldLoadURLSchemeAsEmptyDocument(m_request.url().protocol().toStringWithoutCopying()));
1718 if (!shouldLoadEmpty && !frameLoader()->client().representationExistsForURLScheme(m_request.url().protocol().toStringWithoutCopying()))
1719 return false;
1720
1721 if (m_request.url().isEmpty() && !frameLoader()->stateMachine().creatingInitialEmptyDocument()) {
1722 m_request.setURL(WTF::blankURL());
1723 if (isLoadingMainResource())
1724 frameLoader()->client().dispatchDidChangeProvisionalURL();
1725 }
1726
1727 String mimeType = shouldLoadEmpty ? "text/html" : frameLoader()->client().generatedMIMETypeForURLScheme(m_request.url().protocol().toStringWithoutCopying());
1728 m_response = ResourceResponse(m_request.url(), mimeType, 0, String());
1729 finishedLoading();
1730 return true;
1731}
1732
1733void DocumentLoader::startLoadingMainResource()
1734{
1735 m_mainDocumentError = ResourceError();
1736 timing().markStartTimeAndFetchStart();
1737 ASSERT(!m_mainResource);
1738 ASSERT(!m_loadingMainResource);
1739 m_loadingMainResource = true;
1740
1741 Ref<DocumentLoader> protectedThis(*this);
1742
1743 if (maybeLoadEmpty()) {
1744 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Returning empty document (frame = %p, main = %d)", m_frame, m_frame ? m_frame->isMainFrame() : false);
1745 return;
1746 }
1747
1748#if ENABLE(CONTENT_FILTERING)
1749 m_contentFilter = !m_substituteData.isValid() ? ContentFilter::create(*this) : nullptr;
1750#endif
1751
1752 // Make sure we re-apply the user agent to the Document's ResourceRequest upon reload in case the embedding
1753 // application has changed it.
1754 m_request.clearHTTPUserAgent();
1755 frameLoader()->addExtraFieldsToMainResourceRequest(m_request);
1756
1757 ASSERT(timing().startTime());
1758 ASSERT(timing().fetchStart());
1759
1760 willSendRequest(ResourceRequest(m_request), ResourceResponse(), [this, protectedThis = WTFMove(protectedThis)] (ResourceRequest&& request) mutable {
1761 m_request = request;
1762
1763 // willSendRequest() may lead to our Frame being detached or cancelling the load via nulling the ResourceRequest.
1764 if (!m_frame || m_request.isNull()) {
1765 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Load canceled after willSendRequest (frame = %p, main = %d)", m_frame, m_frame ? m_frame->isMainFrame() : false);
1766 return;
1767 }
1768
1769 request.setRequester(ResourceRequest::Requester::Main);
1770 // If this is a reload the cache layer might have made the previous request conditional. DocumentLoader can't handle 304 responses itself.
1771 request.makeUnconditional();
1772
1773 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Starting load (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1774
1775#if ENABLE(SERVICE_WORKER)
1776 // FIXME: Implement local URL interception by getting the service worker of the parent.
1777 auto url = request.url();
1778 matchRegistration(url, [request = WTFMove(request), protectedThis = WTFMove(protectedThis), this] (auto&& registrationData) mutable {
1779 if (!m_mainDocumentError.isNull() || !m_frame) {
1780 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource callback: Load canceled because of main document error (frame = %p, main = %d)", m_frame, m_frame ? m_frame->isMainFrame() : false);
1781 return;
1782 }
1783
1784 m_serviceWorkerRegistrationData = WTFMove(registrationData);
1785
1786 // Prefer existing substitute data (from WKWebView.loadData etc) over service worker fetch.
1787 if (this->tryLoadingSubstituteData()) {
1788 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource callback: Load canceled because of substitute data (frame = %p, main = %d)", m_frame, m_frame ? m_frame->isMainFrame() : false);
1789 return;
1790 }
1791 // Try app cache only if there is no service worker.
1792 if (!m_serviceWorkerRegistrationData && this->tryLoadingRequestFromApplicationCache()) {
1793 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource callback: Loaded from Application Cache (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1794 return;
1795 }
1796 this->loadMainResource(WTFMove(request));
1797 });
1798#else
1799 if (tryLoadingRequestFromApplicationCache()) {
1800 RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Loaded from Application Cache (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1801 return;
1802 }
1803 loadMainResource(WTFMove(request));
1804#endif
1805 });
1806}
1807
1808void DocumentLoader::registerTemporaryServiceWorkerClient(const URL& url)
1809{
1810#if ENABLE(SERVICE_WORKER)
1811 ASSERT(!m_temporaryServiceWorkerClient);
1812
1813 if (!m_serviceWorkerRegistrationData)
1814 return;
1815
1816 m_temporaryServiceWorkerClient = TemporaryServiceWorkerClient {
1817 DocumentIdentifier::generate(),
1818 *ServiceWorkerProvider::singleton().existingServiceWorkerConnectionForSession(m_frame->page()->sessionID())
1819 };
1820
1821 // FIXME: Compute ServiceWorkerClientFrameType appropriately.
1822 ServiceWorkerClientData data { { m_temporaryServiceWorkerClient->serviceWorkerConnection->serverConnectionIdentifier(), m_temporaryServiceWorkerClient->documentIdentifier }, ServiceWorkerClientType::Window, ServiceWorkerClientFrameType::None, url };
1823
1824 RefPtr<SecurityOrigin> topOrigin;
1825 if (m_frame->isMainFrame())
1826 topOrigin = SecurityOrigin::create(url);
1827 else
1828 topOrigin = &m_frame->mainFrame().document()->topOrigin();
1829 m_temporaryServiceWorkerClient->serviceWorkerConnection->registerServiceWorkerClient(*topOrigin, WTFMove(data), m_serviceWorkerRegistrationData->identifier, m_frame->loader().userAgent(url));
1830#else
1831 UNUSED_PARAM(url);
1832#endif
1833}
1834
1835void DocumentLoader::unregisterTemporaryServiceWorkerClient()
1836{
1837#if ENABLE(SERVICE_WORKER)
1838 if (!m_temporaryServiceWorkerClient)
1839 return;
1840
1841 m_temporaryServiceWorkerClient->serviceWorkerConnection->unregisterServiceWorkerClient(m_temporaryServiceWorkerClient->documentIdentifier);
1842 m_temporaryServiceWorkerClient = WTF::nullopt;
1843#endif
1844}
1845
1846void DocumentLoader::loadMainResource(ResourceRequest&& request)
1847{
1848 static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(
1849 SendCallbackPolicy::SendCallbacks,
1850 ContentSniffingPolicy::SniffContent,
1851 DataBufferingPolicy::BufferData,
1852 StoredCredentialsPolicy::Use,
1853 ClientCredentialPolicy::MayAskClientForCredentials,
1854 FetchOptions::Credentials::Include,
1855 SecurityCheckPolicy::SkipSecurityCheck,
1856 FetchOptions::Mode::Navigate,
1857 CertificateInfoPolicy::IncludeCertificateInfo,
1858 ContentSecurityPolicyImposition::SkipPolicyCheck,
1859 DefersLoadingPolicy::AllowDefersLoading,
1860 CachingPolicy::AllowCaching);
1861 CachedResourceRequest mainResourceRequest(WTFMove(request), mainResourceLoadOptions);
1862 if (!m_frame->isMainFrame() && m_frame->document()) {
1863 // If we are loading the main resource of a subframe, use the cache partition of the main document.
1864 mainResourceRequest.setDomainForCachePartition(*m_frame->document());
1865 } else {
1866 auto origin = SecurityOrigin::create(mainResourceRequest.resourceRequest().url());
1867 origin->setStorageBlockingPolicy(frameLoader()->frame().settings().storageBlockingPolicy());
1868 mainResourceRequest.setDomainForCachePartition(origin->domainForCachePartition());
1869 }
1870
1871#if ENABLE(SERVICE_WORKER)
1872 mainResourceRequest.setNavigationServiceWorkerRegistrationData(m_serviceWorkerRegistrationData);
1873 if (mainResourceRequest.options().serviceWorkersMode != ServiceWorkersMode::None) {
1874 // As per step 12 of https://w3c.github.io/ServiceWorker/#on-fetch-request-algorithm, the active service worker should be controlling the document.
1875 // Since we did not yet create the document, we register a temporary service worker client instead.
1876 registerTemporaryServiceWorkerClient(mainResourceRequest.resourceRequest().url());
1877 }
1878#endif
1879
1880 m_mainResource = m_cachedResourceLoader->requestMainResource(WTFMove(mainResourceRequest)).value_or(nullptr);
1881
1882 if (!m_mainResource) {
1883 // The frame may have gone away if this load was cancelled synchronously and this was the last pending load.
1884 // This is because we may have fired the load event in a parent frame.
1885 if (!m_frame) {
1886 RELEASE_LOG_IF_ALLOWED("loadMainResource: Unable to load main resource, frame has gone away (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1887 return;
1888 }
1889
1890 if (!m_request.url().isValid()) {
1891 RELEASE_LOG_IF_ALLOWED("loadMainResource: Unable to load main resource, URL is invalid (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1892 cancelMainResourceLoad(frameLoader()->client().cannotShowURLError(m_request));
1893 return;
1894 }
1895
1896 RELEASE_LOG_IF_ALLOWED("loadMainResource: Unable to load main resource, returning empty document (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1897
1898 setRequest(ResourceRequest());
1899 // If the load was aborted by clearing m_request, it's possible the ApplicationCacheHost
1900 // is now in a state where starting an empty load will be inconsistent. Replace it with
1901 // a new ApplicationCacheHost.
1902 m_applicationCacheHost = std::make_unique<ApplicationCacheHost>(*this);
1903 maybeLoadEmpty();
1904 return;
1905 }
1906
1907 ASSERT(m_frame);
1908
1909#if ENABLE(CONTENT_EXTENSIONS)
1910 if (m_mainResource->errorOccurred() && m_frame->page() && m_mainResource->resourceError().domain() == ContentExtensions::WebKitContentBlockerDomain) {
1911 RELEASE_LOG_IF_ALLOWED("loadMainResource: Blocked by content blocker error (frame = %p, main = %d)", m_frame, m_frame->isMainFrame());
1912 cancelMainResourceLoad(frameLoader()->blockedByContentBlockerError(m_request));
1913 return;
1914 }
1915#endif
1916
1917 if (!mainResourceLoader()) {
1918 m_identifierForLoadWithoutResourceLoader = m_frame->page()->progress().createUniqueIdentifier();
1919 frameLoader()->notifier().assignIdentifierToInitialRequest(m_identifierForLoadWithoutResourceLoader, this, mainResourceRequest.resourceRequest());
1920 frameLoader()->notifier().dispatchWillSendRequest(this, m_identifierForLoadWithoutResourceLoader, mainResourceRequest.resourceRequest(), ResourceResponse());
1921 }
1922
1923 becomeMainResourceClient();
1924
1925 // A bunch of headers are set when the underlying ResourceLoader is created, and m_request needs to include those.
1926 ResourceRequest updatedRequest = mainResourceLoader() ? mainResourceLoader()->originalRequest() : mainResourceRequest.resourceRequest();
1927 // If there was a fragment identifier on m_request, the cache will have stripped it. m_request should include
1928 // the fragment identifier, so add that back in.
1929 if (equalIgnoringFragmentIdentifier(m_request.url(), updatedRequest.url()))
1930 updatedRequest.setURL(m_request.url());
1931 setRequest(updatedRequest);
1932}
1933
1934void DocumentLoader::cancelPolicyCheckIfNeeded()
1935{
1936 if (m_waitingForContentPolicy || m_waitingForNavigationPolicy) {
1937 RELEASE_ASSERT(frameLoader());
1938 frameLoader()->policyChecker().stopCheck();
1939 m_waitingForContentPolicy = false;
1940 m_waitingForNavigationPolicy = false;
1941 }
1942}
1943
1944void DocumentLoader::cancelMainResourceLoad(const ResourceError& resourceError)
1945{
1946 Ref<DocumentLoader> protectedThis(*this);
1947 ResourceError error = resourceError.isNull() ? frameLoader()->cancelledError(m_request) : resourceError;
1948
1949 RELEASE_LOG_IF_ALLOWED("cancelMainResourceLoad: (frame = %p, main = %d, type = %d, code = %d)", m_frame, m_frame->isMainFrame(), static_cast<int>(error.type()), error.errorCode());
1950
1951 m_dataLoadTimer.stop();
1952
1953 cancelPolicyCheckIfNeeded();
1954
1955 if (mainResourceLoader())
1956 mainResourceLoader()->cancel(error);
1957
1958 clearMainResource();
1959
1960 mainReceivedError(error);
1961}
1962
1963void DocumentLoader::willContinueMainResourceLoadAfterRedirect(const ResourceRequest& newRequest)
1964{
1965 setRequest(newRequest);
1966}
1967
1968void DocumentLoader::clearMainResource()
1969{
1970 ASSERT(isMainThread());
1971 if (m_mainResource && m_mainResource->hasClient(*this))
1972 m_mainResource->removeClient(*this);
1973#if ENABLE(CONTENT_FILTERING)
1974 if (m_contentFilter)
1975 m_contentFilter->stopFilteringMainResource();
1976#endif
1977
1978 m_mainResource = nullptr;
1979
1980 unregisterTemporaryServiceWorkerClient();
1981}
1982
1983void DocumentLoader::subresourceLoaderFinishedLoadingOnePart(ResourceLoader* loader)
1984{
1985 unsigned long identifier = loader->identifier();
1986 ASSERT(identifier);
1987
1988 if (!m_multipartSubresourceLoaders.add(identifier, loader).isNewEntry) {
1989 ASSERT(m_multipartSubresourceLoaders.get(identifier) == loader);
1990 ASSERT(!m_subresourceLoaders.contains(identifier));
1991 } else {
1992 ASSERT(m_subresourceLoaders.contains(identifier));
1993 m_subresourceLoaders.remove(identifier);
1994 }
1995
1996 checkLoadComplete();
1997 if (Frame* frame = m_frame)
1998 frame->loader().checkLoadComplete();
1999}
2000
2001void DocumentLoader::maybeFinishLoadingMultipartContent()
2002{
2003 if (!isMultipartReplacingLoad())
2004 return;
2005
2006 frameLoader()->setupForReplace();
2007 m_committed = false;
2008 RefPtr<SharedBuffer> resourceData = mainResourceData();
2009 commitLoad(resourceData->data(), resourceData->size());
2010}
2011
2012void DocumentLoader::startIconLoading()
2013{
2014 static uint64_t nextIconCallbackID = 1;
2015
2016 auto* document = this->document();
2017 if (!document)
2018 return;
2019
2020 if (!m_frame->isMainFrame())
2021 return;
2022
2023 if (document->url().isEmpty() || document->url().protocolIsAbout())
2024 return;
2025
2026 m_linkIcons = LinkIconCollector { *document }.iconsOfTypes({ LinkIconType::Favicon, LinkIconType::TouchIcon, LinkIconType::TouchPrecomposedIcon });
2027
2028 auto findResult = m_linkIcons.findMatching([](auto& icon) { return icon.type == LinkIconType::Favicon; });
2029 if (findResult == notFound)
2030 m_linkIcons.append({ document->completeURL("/favicon.ico"_s), LinkIconType::Favicon, String(), WTF::nullopt, { } });
2031
2032 if (!m_linkIcons.size())
2033 return;
2034
2035 Vector<std::pair<WebCore::LinkIcon&, uint64_t>> iconDecisions;
2036 iconDecisions.reserveInitialCapacity(m_linkIcons.size());
2037 for (auto& icon : m_linkIcons) {
2038 auto result = m_iconsPendingLoadDecision.add(nextIconCallbackID++, icon);
2039 iconDecisions.uncheckedAppend({ icon, result.iterator->key });
2040 }
2041
2042 m_frame->loader().client().getLoadDecisionForIcons(iconDecisions);
2043}
2044
2045void DocumentLoader::didGetLoadDecisionForIcon(bool decision, uint64_t loadIdentifier, uint64_t newCallbackID)
2046{
2047 auto icon = m_iconsPendingLoadDecision.take(loadIdentifier);
2048
2049 // If the decision was not to load or this DocumentLoader is already detached, there is no load to perform.
2050 if (!decision || !m_frame)
2051 return;
2052
2053 // If the LinkIcon we just took is empty, then the DocumentLoader had all of its loaders stopped
2054 // while this icon load decision was pending.
2055 // In this case we need to notify the client that the icon finished loading with empty data.
2056 if (icon.url.isEmpty()) {
2057 notifyFinishedLoadingIcon(newCallbackID, nullptr);
2058 return;
2059 }
2060
2061 auto iconLoader = std::make_unique<IconLoader>(*this, icon.url);
2062 auto* rawIconLoader = iconLoader.get();
2063 m_iconLoaders.set(WTFMove(iconLoader), newCallbackID);
2064
2065 rawIconLoader->startLoading();
2066}
2067
2068void DocumentLoader::finishedLoadingIcon(IconLoader& loader, SharedBuffer* buffer)
2069{
2070 // If the DocumentLoader has detached from its frame, all icon loads should have already been cancelled.
2071 ASSERT(m_frame);
2072
2073 auto callbackIdentifier = m_iconLoaders.take(&loader);
2074 notifyFinishedLoadingIcon(callbackIdentifier, buffer);
2075}
2076
2077void DocumentLoader::notifyFinishedLoadingIcon(uint64_t callbackIdentifier, SharedBuffer* buffer)
2078{
2079 RELEASE_ASSERT(callbackIdentifier);
2080 RELEASE_ASSERT(m_frame);
2081 m_frame->loader().client().finishedLoadingIcon(callbackIdentifier, buffer);
2082}
2083
2084void DocumentLoader::dispatchOnloadEvents()
2085{
2086 m_wasOnloadDispatched = true;
2087 m_applicationCacheHost->stopDeferringEvents();
2088}
2089
2090void DocumentLoader::setTriggeringAction(NavigationAction&& action)
2091{
2092 m_triggeringAction = WTFMove(action);
2093 m_triggeringAction.setShouldOpenExternalURLsPolicy(m_frame ? shouldOpenExternalURLsPolicyToPropagate() : m_shouldOpenExternalURLsPolicy);
2094}
2095
2096ShouldOpenExternalURLsPolicy DocumentLoader::shouldOpenExternalURLsPolicyToPropagate() const
2097{
2098 if (!m_frame)
2099 return ShouldOpenExternalURLsPolicy::ShouldNotAllow;
2100
2101 if (m_frame->isMainFrame())
2102 return m_shouldOpenExternalURLsPolicy;
2103
2104 if (auto* currentDocument = document()) {
2105 if (currentDocument->securityOrigin().isSameOriginAs(currentDocument->topOrigin()))
2106 return m_shouldOpenExternalURLsPolicy;
2107 }
2108
2109 return ShouldOpenExternalURLsPolicy::ShouldNotAllow;
2110}
2111
2112void DocumentLoader::becomeMainResourceClient()
2113{
2114#if ENABLE(CONTENT_FILTERING)
2115 if (m_contentFilter)
2116 m_contentFilter->startFilteringMainResource(*m_mainResource);
2117#endif
2118 m_mainResource->addClient(*this);
2119}
2120
2121#if ENABLE(CONTENT_EXTENSIONS)
2122void DocumentLoader::addPendingContentExtensionSheet(const String& identifier, StyleSheetContents& sheet)
2123{
2124 ASSERT(!m_gotFirstByte);
2125 m_pendingNamedContentExtensionStyleSheets.set(identifier, &sheet);
2126}
2127
2128void DocumentLoader::addPendingContentExtensionDisplayNoneSelector(const String& identifier, const String& selector, uint32_t selectorID)
2129{
2130 ASSERT(!m_gotFirstByte);
2131 auto addResult = m_pendingContentExtensionDisplayNoneSelectors.add(identifier, Vector<std::pair<String, uint32_t>>());
2132 addResult.iterator->value.append(std::make_pair(selector, selectorID));
2133}
2134#endif
2135
2136bool DocumentLoader::isAlwaysOnLoggingAllowed() const
2137{
2138 return !m_frame || m_frame->isAlwaysOnLoggingAllowed();
2139}
2140
2141#if USE(QUICK_LOOK)
2142
2143void DocumentLoader::setPreviewConverter(std::unique_ptr<PreviewConverter>&& previewConverter)
2144{
2145 m_previewConverter = WTFMove(previewConverter);
2146}
2147
2148PreviewConverter* DocumentLoader::previewConverter() const
2149{
2150 return m_previewConverter.get();
2151}
2152
2153#endif
2154
2155void DocumentLoader::addConsoleMessage(MessageSource messageSource, MessageLevel messageLevel, const String& message, unsigned long requestIdentifier)
2156{
2157 static_cast<ScriptExecutionContext*>(m_frame->document())->addConsoleMessage(messageSource, messageLevel, message, requestIdentifier);
2158}
2159
2160void DocumentLoader::sendCSPViolationReport(URL&& reportURL, Ref<FormData>&& report)
2161{
2162 PingLoader::sendViolationReport(*m_frame, WTFMove(reportURL), WTFMove(report), ViolationReportType::ContentSecurityPolicy);
2163}
2164
2165void DocumentLoader::enqueueSecurityPolicyViolationEvent(SecurityPolicyViolationEvent::Init&& eventInit)
2166{
2167 m_frame->document()->enqueueSecurityPolicyViolationEvent(WTFMove(eventInit));
2168}
2169
2170} // namespace WebCore
2171