Filter response headers

author: Manish Goregaokar <manishsmail@gmail.com> 2014-06-29 12:34:16 +0530
committer: Manish Goregaokar <manishsmail@gmail.com> 2014-07-02 23:45:48 +0530
commit: 17631ffcb81c348b89febfa56fbf515f39752058 (patch)
tree: aadd5e4ea238f751361194891fc4b465e921f6af /src/components/script/dom/xmlhttprequest.rs
parent: 3c1a477e101960377bc3b9590af8b793a86854ac (diff)
download: servo-17631ffcb81c348b89febfa56fbf515f39752058.tar.gz
servo-17631ffcb81c348b89febfa56fbf515f39752058.zip
1 files changed, 15 insertions, 2 deletions
diff --git a/src/components/script/dom/xmlhttprequest.rs b/src/components/script/dom/xmlhttprequest.rs
index b0f80ceabf1..8b0dc2184eb 100644
--- a/src/components/script/dom/xmlhttprequest.rs
+++ b/src/components/script/dom/xmlhttprequest.rs
@@ -553,7 +553,7 @@ impl<'a> XMLHttpRequestMethods<'a> for JSRef<'a, XMLHttpRequest> {
         self.status_text.deref().borrow().clone()
     }
     fn GetResponseHeader(&self, name: ByteString) -> Option<ByteString> {
-        self.response_headers.deref().borrow().iter().find(|h| {
+        self.filter_response_headers().iter().find(|h| {
             name.eq_ignore_case(&FromStr::from_str(h.header_name().as_slice()).unwrap())
         }).map(|h| {
             FromStr::from_str(h.header_value().as_slice()).unwrap()
@@ -561,7 +561,7 @@ impl<'a> XMLHttpRequestMethods<'a> for JSRef<'a, XMLHttpRequest> {
     }
     fn GetAllResponseHeaders(&self) -> ByteString {
         let mut writer = MemWriter::new();
-        self.response_headers.deref().borrow().write_all(&mut writer).ok().expect("Writing response headers failed");
+        self.filter_response_headers().write_all(&mut writer).ok().expect("Writing response headers failed");
         let mut vec = writer.unwrap();
 
         // rust-http appends an extra "\r\n" when using write_all
@@ -669,6 +669,7 @@ trait PrivateXMLHttpRequestHelpers {
     fn text_response(&self) -> DOMString;
     fn set_timeout(&self, timeout:u32);
     fn cancel_timeout(&self);
+    fn filter_response_headers(&self) -> ResponseHeaderCollection;
 }
 
 impl<'a> PrivateXMLHttpRequestHelpers for JSRef<'a, XMLHttpRequest> {
@@ -904,4 +905,16 @@ impl<'a> PrivateXMLHttpRequestHelpers for JSRef<'a, XMLHttpRequest> {
         // the result should be fine. XXXManishearth have a closer look at this later
         encoding.decode(self.response.deref().borrow().as_slice(), DecodeReplace).unwrap().to_string()
     }
+    fn filter_response_headers(&self) -> ResponseHeaderCollection {
+        // http://fetch.spec.whatwg.org/#concept-response-header-list
+        let mut headers = ResponseHeaderCollection::new();
+        for header in self.response_headers.deref().borrow().iter() {
+            match header.header_name().as_slice().to_ascii_lower().as_slice() {
+                "set-cookie" | "set-cookie2" => {},
+                // XXXManishearth additional CORS filtering goes here
+                _ => headers.insert(header)
+            };
+        }
+        headers
+    }
 }
author	Manish Goregaokar <manishsmail@gmail.com>	2014-06-29 12:34:16 +0530
committer	Manish Goregaokar <manishsmail@gmail.com>	2014-07-02 23:45:48 +0530
commit	17631ffcb81c348b89febfa56fbf515f39752058 (patch)
tree	aadd5e4ea238f751361194891fc4b465e921f6af /src/components/script/dom/xmlhttprequest.rs
parent	3c1a477e101960377bc3b9590af8b793a86854ac (diff)
download	servo-17631ffcb81c348b89febfa56fbf515f39752058.tar.gz servo-17631ffcb81c348b89febfa56fbf515f39752058.zip