mirror of
https://github.com/servo/servo.git
synced 2025-08-03 12:40:06 +01:00
Fix logic for cors cache match
The current logic for a cors cache match does not consider "credentials is false and request's credentials mode is not "include" or credentials is true."
This commit is contained in:
Daniel Robertson
parent
47efbea666
commit
153059c55c
4 changed files with 84 additions and 28 deletions
|
|
@ -40,6 +40,10 @@ pub fn fetch_async(request: Request, listener: Box<AsyncFetchListener + Send>) {
|
|||
|
||||
/// [Fetch](https://fetch.spec.whatwg.org#concept-fetch)
|
||||
pub fn fetch(request: Rc<Request>) -> Response {
|
||||
fetch_with_cors_cache(request, &mut BasicCORSCache::new())
|
||||
}
|
||||
|
||||
pub fn fetch_with_cors_cache(request: Rc<Request>, cache: &mut BasicCORSCache) -> Response {
|
||||
|
||||
// Step 1
|
||||
if request.window.get() == Window::Client {
|
||||
|
|
@ -102,11 +106,11 @@ pub fn fetch(request: Rc<Request>) -> Response {
|
|||
// TODO: create a fetch record and append it to request's client's fetch group list
|
||||
}
|
||||
// Step 7
|
||||
main_fetch(request, false, false)
|
||||
main_fetch(request, cache, false, false)
|
||||
}
|
||||
|
||||
/// [Main fetch](https://fetch.spec.whatwg.org/#concept-main-fetch)
|
||||
fn main_fetch(request: Rc<Request>, cors_flag: bool, recursive_flag: bool) -> Response {
|
||||
fn main_fetch(request: Rc<Request>, cache: &mut BasicCORSCache, cors_flag: bool, recursive_flag: bool) -> Response {
|
||||
// TODO: Implement main fetch spec
|
||||
|
||||
// Step 1
|
||||
|
|
@ -156,14 +160,14 @@ fn main_fetch(request: Rc<Request>, cors_flag: bool, recursive_flag: bool) -> Re
|
|||
current_url.scheme() == "about" ||
|
||||
request.mode == RequestMode::Navigate {
|
||||
|
||||
basic_fetch(request.clone())
|
||||
basic_fetch(request.clone(), cache)
|
||||
|
||||
} else if request.mode == RequestMode::SameOrigin {
|
||||
Response::network_error()
|
||||
|
||||
} else if request.mode == RequestMode::NoCORS {
|
||||
request.response_tainting.set(ResponseTainting::Opaque);
|
||||
basic_fetch(request.clone())
|
||||
basic_fetch(request.clone(), cache)
|
||||
|
||||
} else if !matches!(current_url.scheme(), "http" | "https") {
|
||||
Response::network_error()
|
||||
|
|
@ -175,7 +179,7 @@ fn main_fetch(request: Rc<Request>, cors_flag: bool, recursive_flag: bool) -> Re
|
|||
|
||||
request.response_tainting.set(ResponseTainting::CORSTainting);
|
||||
request.redirect_mode.set(RedirectMode::Error);
|
||||
let response = http_fetch(request.clone(), BasicCORSCache::new(), true, true, false);
|
||||
let response = http_fetch(request.clone(), cache, true, true, false);
|
||||
if response.is_network_error() {
|
||||
// TODO clear cache entries using request
|
||||
}
|
||||
|
|
@ -183,7 +187,7 @@ fn main_fetch(request: Rc<Request>, cors_flag: bool, recursive_flag: bool) -> Re
|
|||
|
||||
} else {
|
||||
request.response_tainting.set(ResponseTainting::CORSTainting);
|
||||
http_fetch(request.clone(), BasicCORSCache::new(), true, false, false)
|
||||
http_fetch(request.clone(), cache, true, false, false)
|
||||
}
|
||||
}
|
||||
};
|
||||
|
|
@ -280,7 +284,7 @@ fn main_fetch(request: Rc<Request>, cors_flag: bool, recursive_flag: bool) -> Re
|
|||
}
|
||||
|
||||
/// [Basic fetch](https://fetch.spec.whatwg.org#basic-fetch)
|
||||
fn basic_fetch(request: Rc<Request>) -> Response {
|
||||
fn basic_fetch(request: Rc<Request>, cache: &mut BasicCORSCache) -> Response {
|
||||
|
||||
let url = request.current_url();
|
||||
|
||||
|
|
@ -294,7 +298,7 @@ fn basic_fetch(request: Rc<Request>) -> Response {
|
|||
},
|
||||
|
||||
"http" | "https" => {
|
||||
http_fetch(request.clone(), BasicCORSCache::new(), false, false, false)
|
||||
http_fetch(request.clone(), cache, false, false, false)
|
||||
},
|
||||
|
||||
"data" => {
|
||||
|
|
@ -324,7 +328,7 @@ fn basic_fetch(request: Rc<Request>) -> Response {
|
|||
|
||||
/// [HTTP fetch](https://fetch.spec.whatwg.org#http-fetch)
|
||||
fn http_fetch(request: Rc<Request>,
|
||||
mut cache: BasicCORSCache,
|
||||
cache: &mut BasicCORSCache,
|
||||
cors_flag: bool,
|
||||
cors_preflight_flag: bool,
|
||||
authentication_fetch_flag: bool) -> Response {
|
||||
|
|
@ -394,7 +398,7 @@ fn http_fetch(request: Rc<Request>,
|
|||
|
||||
// Sub-substep 1
|
||||
if method_mismatch || header_mismatch {
|
||||
let preflight_result = cors_preflight_fetch(request.clone(), Some(cache));
|
||||
let preflight_result = cors_preflight_fetch(request.clone(), cache);
|
||||
// Sub-substep 2
|
||||
if preflight_result.response_type == ResponseType::Error {
|
||||
return Response::network_error();
|
||||
|
|
@ -443,7 +447,7 @@ fn http_fetch(request: Rc<Request>,
|
|||
RedirectMode::Follow => {
|
||||
// set back to default
|
||||
response.return_internal.set(true);
|
||||
http_redirect_fetch(request, Rc::new(response), cors_flag)
|
||||
http_redirect_fetch(request, cache, Rc::new(response), cors_flag)
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -466,7 +470,7 @@ fn http_fetch(request: Rc<Request>,
|
|||
}
|
||||
|
||||
// Step 4
|
||||
return http_fetch(request, BasicCORSCache::new(), cors_flag, cors_preflight_flag, true);
|
||||
return http_fetch(request, cache, cors_flag, cors_preflight_flag, true);
|
||||
}
|
||||
|
||||
// Code 407
|
||||
|
|
@ -482,7 +486,7 @@ fn http_fetch(request: Rc<Request>,
|
|||
// TODO: Prompt the user for proxy authentication credentials
|
||||
|
||||
// Step 4
|
||||
return http_fetch(request, BasicCORSCache::new(),
|
||||
return http_fetch(request, cache,
|
||||
cors_flag, cors_preflight_flag,
|
||||
authentication_fetch_flag);
|
||||
}
|
||||
|
|
@ -503,6 +507,7 @@ fn http_fetch(request: Rc<Request>,
|
|||
|
||||
/// [HTTP redirect fetch](https://fetch.spec.whatwg.org#http-redirect-fetch)
|
||||
fn http_redirect_fetch(request: Rc<Request>,
|
||||
cache: &mut BasicCORSCache,
|
||||
response: Rc<Response>,
|
||||
cors_flag: bool) -> Response {
|
||||
|
||||
|
|
@ -580,7 +585,7 @@ fn http_redirect_fetch(request: Rc<Request>,
|
|||
request.url_list.borrow_mut().push(location_url);
|
||||
|
||||
// Step 15
|
||||
main_fetch(request, cors_flag, true)
|
||||
main_fetch(request, cache, cors_flag, true)
|
||||
}
|
||||
|
||||
/// [HTTP network or cache fetch](https://fetch.spec.whatwg.org#http-network-or-cache-fetch)
|
||||
|
|
@ -917,7 +922,7 @@ fn http_network_fetch(request: Rc<Request>,
|
|||
}
|
||||
|
||||
/// [CORS preflight fetch](https://fetch.spec.whatwg.org#cors-preflight-fetch)
|
||||
fn cors_preflight_fetch(request: Rc<Request>, cache: Option<BasicCORSCache>) -> Response {
|
||||
fn cors_preflight_fetch(request: Rc<Request>, cache: &mut BasicCORSCache) -> Response {
|
||||
// Step 1
|
||||
let mut preflight = Request::new(request.current_url(), Some(request.origin.borrow().clone()), false);
|
||||
*preflight.method.borrow_mut() = Method::Options;
|
||||
|
|
@ -995,12 +1000,6 @@ fn cors_preflight_fetch(request: Rc<Request>, cache: Option<BasicCORSCache>) ->
|
|||
|
||||
// TODO: Substep 9 - Need to define what an imposed limit on max-age is
|
||||
|
||||
// Substep 10
|
||||
let mut cache = match cache {
|
||||
Some(c) => c,
|
||||
None => return response
|
||||
};
|
||||
|
||||
// Substep 11, 12
|
||||
for method in &methods {
|
||||
cache.match_method_and_update(CacheRequestDetails {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue