mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
Add PerformanceResourceTiming: TimingAllowCheck
The purpose of this commit is to implement https://w3c.github.io/resource-timing/#dfn-timing-allow-check
This commit is contained in:
parent
4159f01feb
commit
bb8166bb97
2 changed files with 50 additions and 3 deletions
|
@ -37,6 +37,7 @@ use hyper::{Body, Client, Method, Response as HyperResponse, StatusCode};
|
|||
use hyper_serde::Serde;
|
||||
use msg::constellation_msg::{HistoryStateId, PipelineId};
|
||||
use net_traits::quality::{quality_to_value, Quality, QualityItem};
|
||||
use net_traits::request::Origin::Origin as SpecificOrigin;
|
||||
use net_traits::request::{CacheMode, CredentialsMode, Destination, Origin};
|
||||
use net_traits::request::{RedirectMode, Referrer, Request, RequestMode};
|
||||
use net_traits::request::{ResponseTainting, ServiceWorkersMode};
|
||||
|
@ -44,6 +45,7 @@ use net_traits::response::{HttpsState, Response, ResponseBody, ResponseType};
|
|||
use net_traits::{CookieSource, FetchMetadata, NetworkError, ReferrerPolicy};
|
||||
use net_traits::{RedirectEndValue, RedirectStartValue, ResourceAttribute, ResourceFetchTiming};
|
||||
use openssl::ssl::SslConnectorBuilder;
|
||||
use servo_arc::Arc;
|
||||
use servo_url::{ImmutableOrigin, ServoUrl};
|
||||
use std::collections::{HashMap, HashSet};
|
||||
use std::error::Error;
|
||||
|
@ -51,7 +53,7 @@ use std::iter::FromIterator;
|
|||
use std::mem;
|
||||
use std::ops::Deref;
|
||||
use std::str::FromStr;
|
||||
use std::sync::{Arc, Mutex, RwLock};
|
||||
use std::sync::{Mutex, RwLock};
|
||||
use std::time::{Duration, SystemTime};
|
||||
use time::{self, Tm};
|
||||
use tokio::prelude::{future, Future, Stream};
|
||||
|
@ -631,7 +633,7 @@ pub fn http_fetch(
|
|||
request.redirect_count as u16,
|
||||
));
|
||||
|
||||
response.resource_timing = context.timing.lock().unwrap().clone();
|
||||
response.resource_timing = Arc::clone(&context.timing);
|
||||
|
||||
// Step 6
|
||||
response
|
||||
|
@ -828,7 +830,6 @@ fn http_network_or_cache_fetch(
|
|||
) -> Response {
|
||||
// Step 2
|
||||
let mut response: Option<Response> = None;
|
||||
|
||||
// Step 4
|
||||
let mut revalidating_flag = false;
|
||||
|
||||
|
@ -1302,8 +1303,32 @@ fn http_network_fetch(
|
|||
}
|
||||
}
|
||||
|
||||
let header_strings: Vec<&str> = res
|
||||
.headers()
|
||||
.get_all("Timing-Allow-Origin")
|
||||
.iter()
|
||||
.map(|header_value| header_value.to_str().unwrap_or(""))
|
||||
.collect();
|
||||
let wildcard_present = header_strings.iter().any(|header_str| *header_str == "*");
|
||||
// The spec: https://www.w3.org/TR/resource-timing-2/#sec-timing-allow-origin
|
||||
// says that a header string is either an origin or a wildcard so we can just do a straight
|
||||
// check against the document origin
|
||||
let req_origin_in_timing_allow = header_strings
|
||||
.iter()
|
||||
.any(|header_str| match request.origin {
|
||||
SpecificOrigin(ref immutable_request_origin) => {
|
||||
*header_str == immutable_request_origin.ascii_serialization()
|
||||
},
|
||||
_ => false,
|
||||
});
|
||||
|
||||
if !req_origin_in_timing_allow && !wildcard_present {
|
||||
context.timing.lock().unwrap().mark_timing_check_failed();
|
||||
}
|
||||
|
||||
let timing = context.timing.lock().unwrap().clone();
|
||||
let mut response = Response::new(url.clone(), timing);
|
||||
|
||||
response.status = Some((
|
||||
res.status(),
|
||||
res.status().canonical_reason().unwrap_or("").into(),
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue