Double key image cache by requesting origin, and store CORS status with cached images.

2025-08-17 03:15:34 +01:00 · 2019-10-01 13:11:50 -04:00 · 2019-10-01 13:11:50 -04:00 · 81a67aed9e
commit 81a67aed9e
parent ea46008288
11 changed files with 132 additions and 57 deletions
--- a/components/net_traits/image/base.rs
+++ b/components/net_traits/image/base.rs
@ -2,6 +2,7 @@
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at https://mozilla.org/MPL/2.0/. */

+use crate::image_cache::CorsStatus;
 use ipc_channel::ipc::IpcSharedMemory;
 use piston_image::{DynamicImage, ImageFormat};
 use pixels::PixelFormat;
@ -16,6 +17,7 @@ pub struct Image {
    pub bytes: IpcSharedMemory,
    #[ignore_malloc_size_of = "Defined in webrender_api"]
    pub id: Option<webrender_api::ImageKey>,
+    pub cors_status: CorsStatus,
 }

 impl fmt::Debug for Image {
@ -37,7 +39,7 @@ pub struct ImageMetadata {
 // FIXME: Images must not be copied every frame. Instead we should atomically
 // reference count them.

-pub fn load_from_memory(buffer: &[u8]) -> Option<Image> {
+pub fn load_from_memory(buffer: &[u8], cors_status: CorsStatus) -> Option<Image> {
    if buffer.is_empty() {
        return None;
    }
@ -61,6 +63,7 @@ pub fn load_from_memory(buffer: &[u8]) -> Option<Image> {
                    format: PixelFormat::BGRA8,
                    bytes: IpcSharedMemory::from_bytes(&*rgba),
                    id: None,
+                    cors_status,
                })
            },
            Err(e) => {
--- a/components/net_traits/image_cache.rs
+++ b/components/net_traits/image_cache.rs
@ -5,7 +5,7 @@
 use crate::image::base::{Image, ImageMetadata};
 use crate::FetchResponseMsg;
 use ipc_channel::ipc::IpcSender;
-use servo_url::ServoUrl;
+use servo_url::{ImmutableOrigin, ServoUrl};
 use std::sync::Arc;

 // ======================================================================
@ -110,6 +110,7 @@ pub trait ImageCache: Sync + Send {
    fn find_image_or_metadata(
        &self,
        url: ServoUrl,
+        origin: ImmutableOrigin,
        use_placeholder: UsePlaceholder,
        can_request: CanRequestImages,
    ) -> Result<ImageOrMetadataAvailable, ImageState>;
@ -121,3 +122,14 @@ pub trait ImageCache: Sync + Send {
    /// Inform the image cache about a response for a pending request.
    fn notify_pending_response(&self, id: PendingImageId, action: FetchResponseMsg);
 }
+
+/// Whether this response passed any CORS checks, and is thus safe to read from
+/// in cross-origin environments.
+#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
+pub enum CorsStatus {
+    /// The response is either same-origin or cross-origin but passed CORS checks.
+    Safe,
+    /// The response is cross-origin and did not pass CORS checks. It is unsafe
+    /// to expose pixel data to the requesting environment.
+    Unsafe,
+}