diff options
Diffstat (limited to 'components/net/fetch/methods.rs')
| -rw-r--r-- | components/net/fetch/methods.rs | 447 |
1 files changed, 305 insertions, 142 deletions
diff --git a/components/net/fetch/methods.rs b/components/net/fetch/methods.rs index 16d64a86a7c..b357edae05e 100644 --- a/components/net/fetch/methods.rs +++ b/components/net/fetch/methods.rs @@ -5,20 +5,24 @@ use connector::create_http_connector; use data_loader::decode; use fetch::cors_cache::CORSCache; -use http_loader::{NetworkHttpRequestFactory, ReadResult, obtain_response, read_block}; +use http_loader::{HttpState, set_default_accept_encoding, set_request_cookies}; +use http_loader::{NetworkHttpRequestFactory, ReadResult, StreamedResponse, obtain_response, read_block}; +use http_loader::{auth_from_cache, determine_request_referrer}; use hyper::header::{Accept, AcceptLanguage, Authorization, AccessControlAllowCredentials}; use hyper::header::{AccessControlAllowOrigin, AccessControlAllowHeaders, AccessControlAllowMethods}; use hyper::header::{AccessControlRequestHeaders, AccessControlMaxAge, AccessControlRequestMethod, Basic}; use hyper::header::{CacheControl, CacheDirective, ContentEncoding, ContentLength, ContentLanguage, ContentType}; -use hyper::header::{Encoding, HeaderView, Headers, IfMatch, IfRange, IfUnmodifiedSince, IfModifiedSince}; +use hyper::header::{Encoding, HeaderView, Headers, Host, IfMatch, IfRange, IfUnmodifiedSince, IfModifiedSince}; use hyper::header::{IfNoneMatch, Pragma, Location, QualityItem, Referer as RefererHeader, UserAgent, q, qitem}; use hyper::method::Method; use hyper::mime::{Mime, SubLevel, TopLevel}; use hyper::status::StatusCode; use mime_guess::guess_mime_type; -use net_traits::AsyncFetchListener; -use net_traits::request::{CacheMode, CredentialsMode, Type, Origin, Window}; +use msg::constellation_msg::ReferrerPolicy; +use net_traits::FetchTaskTarget; +use net_traits::request::{CacheMode, CredentialsMode}; use net_traits::request::{RedirectMode, Referer, Request, RequestMode, ResponseTainting}; +use net_traits::request::{Type, Origin, Window}; use net_traits::response::{HttpsState, TerminationReason}; use net_traits::response::{Response, ResponseBody, ResponseType}; use resource_thread::CancellationListener; @@ -26,27 +30,36 @@ use std::collections::HashSet; use std::fs::File; use std::io::Read; use std::iter::FromIterator; +use std::mem::swap; use std::rc::Rc; -use std::thread; +use std::sync::mpsc::{channel, Sender, Receiver}; use unicase::UniCase; use url::{Origin as UrlOrigin, Url}; use util::thread::spawn_named; -pub fn fetch_async(request: Request, listener: Box<AsyncFetchListener + Send>) { - spawn_named(format!("fetch for {:?}", request.current_url_string()), move || { - let request = Rc::new(request); - let fetch_response = fetch(request); - fetch_response.wait_until_done(); - listener.response_available(fetch_response); - }) +pub type Target = Option<Box<FetchTaskTarget + Send>>; + +enum Data { + Payload(Vec<u8>), + Done, +} + +pub struct FetchContext { + pub state: HttpState, + pub user_agent: String, } +type DoneChannel = Option<(Sender<Data>, Receiver<Data>)>; + /// [Fetch](https://fetch.spec.whatwg.org#concept-fetch) -pub fn fetch(request: Rc<Request>) -> Response { - fetch_with_cors_cache(request, &mut CORSCache::new()) +pub fn fetch(request: Rc<Request>, target: &mut Target, context: FetchContext) -> Response { + fetch_with_cors_cache(request, &mut CORSCache::new(), target, context) } -pub fn fetch_with_cors_cache(request: Rc<Request>, cache: &mut CORSCache) -> Response { +pub fn fetch_with_cors_cache(request: Rc<Request>, + cache: &mut CORSCache, + target: &mut Target, + context: FetchContext) -> Response { // Step 1 if request.window.get() == Window::Client { // TODO: Set window to request's client object if client is a Window object @@ -105,12 +118,15 @@ pub fn fetch_with_cors_cache(request: Rc<Request>, cache: &mut CORSCache) -> Res if request.is_subresource_request() { // TODO: create a fetch record and append it to request's client's fetch group list } + // Step 7 - main_fetch(request, cache, false, false) + main_fetch(request, cache, false, false, target, &mut None, &context) } /// [Main fetch](https://fetch.spec.whatwg.org/#concept-main-fetch) -fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recursive_flag: bool) -> Response { +fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, + recursive_flag: bool, target: &mut Target, done_chan: &mut DoneChannel, + context: &FetchContext) -> Response { // TODO: Implement main fetch spec // Step 1 @@ -128,23 +144,39 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu // TODO be able to execute report CSP // Step 4 - // TODO this step, based off of http_loader.rs + // TODO this step, based off of http_loader.rs (upgrade) // Step 5 - // TODO this step + // TODO this step (CSP port/content blocking) // Step 6 - if request.referer != Referer::NoReferer { - // TODO be able to invoke "determine request's referer" - } + // TODO this step (referer policy) + // currently the clients themselves set referer policy in RequestInit // Step 7 - // TODO this step + if request.referrer_policy.get().is_none() { + request.referrer_policy.set(Some(ReferrerPolicy::NoRefWhenDowngrade)); + } // Step 8 - // this step is obsoleted by fetch_async + if *request.referer.borrow() != Referer::NoReferer { + // remove Referer headers set in past redirects/preflights + // this stops the assertion in determine_request_referrer from failing + request.headers.borrow_mut().remove::<RefererHeader>(); + let referrer_url = determine_request_referrer(&mut *request.headers.borrow_mut(), + request.referrer_policy.get(), + request.referer.borrow_mut().take(), + request.current_url().clone()); + *request.referer.borrow_mut() = Referer::from_url(referrer_url); + } // Step 9 + // TODO this step (HSTS) + + // Step 10 + // this step is obsoleted by fetch_async + + // Step 11 let response = match response { Some(response) => response, None => { @@ -160,14 +192,14 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu (current_url.scheme() == "file" && request.same_origin_data.get()) || current_url.scheme() == "about" || request.mode == RequestMode::Navigate { - basic_fetch(request.clone(), cache) + basic_fetch(request.clone(), cache, target, done_chan, context) } else if request.mode == RequestMode::SameOrigin { Response::network_error() } else if request.mode == RequestMode::NoCORS { request.response_tainting.set(ResponseTainting::Opaque); - basic_fetch(request.clone(), cache) + basic_fetch(request.clone(), cache, target, done_chan, context) } else if !matches!(current_url.scheme(), "http" | "https") { Response::network_error() @@ -178,7 +210,7 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu request.headers.borrow().iter().any(|h| !is_simple_header(&h)))) { request.response_tainting.set(ResponseTainting::CORSTainting); request.redirect_mode.set(RedirectMode::Error); - let response = http_fetch(request.clone(), cache, true, true, false); + let response = http_fetch(request.clone(), cache, true, true, false, target, done_chan, context); if response.is_network_error() { // TODO clear cache entries using request } @@ -186,17 +218,17 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu } else { request.response_tainting.set(ResponseTainting::CORSTainting); - http_fetch(request.clone(), cache, true, false, false) + http_fetch(request.clone(), cache, true, false, false, target, done_chan, context) } } }; - // Step 10 + // Step 12 if recursive_flag { return response; } - // Step 11 + // Step 13 // no need to check if response is a network error, since the type would not be `Default` let response = if response.response_type == ResponseType::Default { let response_type = match request.response_tainting.get() { @@ -210,7 +242,7 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu }; { - // Step 12 + // Step 14 let network_error_res = Response::network_error(); let internal_response = if response.is_network_error() { &network_error_res @@ -218,10 +250,15 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu response.actual_response() }; - // Step 13 - // TODO this step + // Step 15 + if internal_response.url_list.borrow().is_empty() { + *internal_response.url_list.borrow_mut() = request.url_list.borrow().clone(); + } + + // Step 16 + // TODO this step (CSP/blocking) - // Step 14 + // Step 17 if !response.is_network_error() && (is_null_body_status(&internal_response.status) || match *request.method.borrow() { Method::Head | Method::Connect => true, @@ -233,7 +270,7 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu *body = ResponseBody::Empty; } - // Step 15 + // Step 18 // TODO be able to compare response integrity against request integrity metadata // if !response.is_network_error() { @@ -248,34 +285,91 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu // } } - // Step 16 + // Step 19 if request.synchronous { - response.actual_response().wait_until_done(); + if let Some(ref mut target) = *target { + // process_response is not supposed to be used + // by sync fetch, but we overload it here for simplicity + target.process_response(&response); + } + + if let Some(ref ch) = *done_chan { + loop { + match ch.1.recv() + .expect("fetch worker should always send Done before terminating") { + Data::Payload(vec) => { + if let Some(ref mut target) = *target { + target.process_response_chunk(vec); + } + } + Data::Done => break, + } + } + } else if let ResponseBody::Done(ref vec) = *response.body.lock().unwrap() { + // in case there was no channel to wait for, the body was + // obtained synchronously via basic_fetch for data/file/about/etc + // We should still send the body across as a chunk + if let Some(ref mut target) = *target { + target.process_response_chunk(vec.clone()); + } + } else { + assert!(*response.body.lock().unwrap() == ResponseBody::Empty) + } + + // overloaded similarly to process_response + if let Some(ref mut target) = *target { + target.process_response_eof(&response); + } return response; } - // Step 17 + // Step 20 if request.body.borrow().is_some() && matches!(request.current_url().scheme(), "http" | "https") { - // TODO queue a fetch task on request to process end-of-file + if let Some(ref mut target) = *target { + // XXXManishearth: We actually should be calling process_request + // in http_network_fetch. However, we can't yet follow the request + // upload progress, so I'm keeping it here for now and pretending + // the body got sent in one chunk + target.process_request_body(&request); + target.process_request_eof(&request); + } } - { - // Step 12 repeated to use internal_response - let network_error_res = Response::network_error(); - let internal_response = if response.is_network_error() { - &network_error_res - } else { - response.actual_response() - }; + // Step 21 + if let Some(ref mut target) = *target { + target.process_response(&response); + } - // Step 18 - // TODO this step + // Step 22 + if let Some(ref ch) = *done_chan { + loop { + match ch.1.recv() + .expect("fetch worker should always send Done before terminating") { + Data::Payload(vec) => { + if let Some(ref mut target) = *target { + target.process_response_chunk(vec); + } + } + Data::Done => break, + } + } + } else if let Some(ref mut target) = *target { + if let ResponseBody::Done(ref vec) = *response.body.lock().unwrap() { + // in case there was no channel to wait for, the body was + // obtained synchronously via basic_fetch for data/file/about/etc + // We should still send the body across as a chunk + target.process_response_chunk(vec.clone()); + } else { + assert!(*response.body.lock().unwrap() == ResponseBody::Empty) + } + } - // Step 19 - internal_response.wait_until_done(); + // Step 23 + request.done.set(true); - // Step 20 - // TODO this step + // Step 24 + if let Some(ref mut target) = *target { + target.process_response_eof(&response); } // TODO remove this line when only asynchronous fetches are used @@ -283,19 +377,23 @@ fn main_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, recu } /// [Basic fetch](https://fetch.spec.whatwg.org#basic-fetch) -fn basic_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response { +fn basic_fetch(request: Rc<Request>, cache: &mut CORSCache, + target: &mut Target, done_chan: &mut DoneChannel, + context: &FetchContext) -> Response { let url = request.current_url(); match url.scheme() { "about" if url.path() == "blank" => { let mut response = Response::new(); + // https://github.com/whatwg/fetch/issues/312 + response.url = Some(url); response.headers.set(ContentType(mime!(Text / Html; Charset = Utf8))); *response.body.lock().unwrap() = ResponseBody::Done(vec![]); response }, "http" | "https" => { - http_fetch(request.clone(), cache, false, false, false) + http_fetch(request.clone(), cache, false, false, false, target, done_chan, context) }, "data" => { @@ -303,6 +401,8 @@ fn basic_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response { match decode(&url) { Ok((mime, bytes)) => { let mut response = Response::new(); + // https://github.com/whatwg/fetch/issues/312 + response.url = Some(url.clone()); *response.body.lock().unwrap() = ResponseBody::Done(bytes); response.headers.set(ContentType(mime)); response @@ -324,6 +424,8 @@ fn basic_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response { let mime = guess_mime_type(file_path); let mut response = Response::new(); + // https://github.com/whatwg/fetch/issues/312 + response.url = Some(url.clone()); *response.body.lock().unwrap() = ResponseBody::Done(bytes); response.headers.set(ContentType(mime)); response @@ -350,7 +452,12 @@ fn http_fetch(request: Rc<Request>, cache: &mut CORSCache, cors_flag: bool, cors_preflight_flag: bool, - authentication_fetch_flag: bool) -> Response { + authentication_fetch_flag: bool, + target: &mut Target, + done_chan: &mut DoneChannel, + context: &FetchContext) -> Response { + // This is a new async fetch, reset the channel we are waiting on + *done_chan = None; // Step 1 let mut response: Option<Response> = None; @@ -378,17 +485,18 @@ fn http_fetch(request: Rc<Request>, } // Substep 4 - let actual_response = res.actual_response(); - if actual_response.url_list.borrow().is_empty() { - *actual_response.url_list.borrow_mut() = request.url_list.borrow().clone(); - } - - // Substep 5 // TODO: set response's CSP list on actual_response } } // Step 4 + let credentials = match request.credentials_mode { + CredentialsMode::Include => true, + CredentialsMode::CredentialsSameOrigin if request.response_tainting.get() == ResponseTainting::Basic + => true, + _ => false + }; + // Step 5 if response.is_none() { // Substep 1 if cors_preflight_flag { @@ -403,7 +511,7 @@ fn http_fetch(request: Rc<Request>, // Sub-substep 1 if method_mismatch || header_mismatch { - let preflight_result = cors_preflight_fetch(request.clone(), cache); + let preflight_result = cors_preflight_fetch(request.clone(), cache, context); // Sub-substep 2 if preflight_result.response_type == ResponseType::Error { return Response::network_error(); @@ -415,17 +523,10 @@ fn http_fetch(request: Rc<Request>, request.skip_service_worker.set(true); // Substep 3 - let credentials = match request.credentials_mode { - CredentialsMode::Include => true, - CredentialsMode::CredentialsSameOrigin if request.response_tainting.get() == ResponseTainting::Basic - => true, - _ => false - }; + let fetch_result = http_network_or_cache_fetch(request.clone(), credentials, authentication_fetch_flag, + done_chan, context); // Substep 4 - let fetch_result = http_network_or_cache_fetch(request.clone(), credentials, authentication_fetch_flag); - - // Substep 5 if cors_flag && cors_check(request.clone(), &fetch_result).is_err() { return Response::network_error(); } @@ -450,7 +551,8 @@ fn http_fetch(request: Rc<Request>, RedirectMode::Follow => { // set back to default response.return_internal.set(true); - http_redirect_fetch(request, cache, Rc::new(response), cors_flag) + http_redirect_fetch(request, cache, Rc::new(response), + cors_flag, target, done_chan, context) } } }, @@ -459,7 +561,7 @@ fn http_fetch(request: Rc<Request>, StatusCode::Unauthorized => { // Step 1 // FIXME: Figure out what to do with request window objects - if cors_flag || request.credentials_mode != CredentialsMode::Include { + if cors_flag || !credentials { return response; } @@ -469,10 +571,15 @@ fn http_fetch(request: Rc<Request>, // Step 3 if !request.use_url_credentials || authentication_fetch_flag { // TODO: Prompt the user for username and password from the window + // Wrong, but will have to do until we are able to prompt the user + // otherwise this creates an infinite loop + // We basically pretend that the user declined to enter credentials + return response; } // Step 4 - return http_fetch(request, cache, cors_flag, cors_preflight_flag, true); + return http_fetch(request, cache, cors_flag, cors_preflight_flag, + true, target, done_chan, context); } // Code 407 @@ -485,11 +592,16 @@ fn http_fetch(request: Rc<Request>, // Step 3 // TODO: Prompt the user for proxy authentication credentials + // Wrong, but will have to do until we are able to prompt the user + // otherwise this creates an infinite loop + // We basically pretend that the user declined to enter credentials + return response; // Step 4 - return http_fetch(request, cache, - cors_flag, cors_preflight_flag, - authentication_fetch_flag); + // return http_fetch(request, cache, + // cors_flag, cors_preflight_flag, + // authentication_fetch_flag, target, + // done_chan, context); } _ => { } @@ -510,7 +622,10 @@ fn http_fetch(request: Rc<Request>, fn http_redirect_fetch(request: Rc<Request>, cache: &mut CORSCache, response: Rc<Response>, - cors_flag: bool) -> Response { + cors_flag: bool, + target: &mut Target, + done_chan: &mut DoneChannel, + context: &FetchContext) -> Response { // Step 1 assert_eq!(response.return_internal.get(), true); @@ -584,20 +699,22 @@ fn http_redirect_fetch(request: Rc<Request>, request.url_list.borrow_mut().push(location_url); // Step 15 - main_fetch(request, cache, cors_flag, true) + main_fetch(request, cache, cors_flag, true, target, done_chan, context) } /// [HTTP network or cache fetch](https://fetch.spec.whatwg.org#http-network-or-cache-fetch) fn http_network_or_cache_fetch(request: Rc<Request>, credentials_flag: bool, - authentication_fetch_flag: bool) -> Response { + authentication_fetch_flag: bool, + done_chan: &mut DoneChannel, + context: &FetchContext) -> Response { // TODO: Implement Window enum for Request let request_has_no_window = true; // Step 1 let http_request = if request_has_no_window && - request.redirect_mode.get() != RedirectMode::Follow { - request.clone() + request.redirect_mode.get() == RedirectMode::Error { + request } else { Rc::new((*request).clone()) }; @@ -621,9 +738,8 @@ fn http_network_or_cache_fetch(request: Rc<Request>, } // Step 6 - match http_request.referer { - Referer::NoReferer => - http_request.headers.borrow_mut().set(RefererHeader("".to_owned())), + match *http_request.referer.borrow() { + Referer::NoReferer => (), Referer::RefererUrl(ref http_request_referer) => http_request.headers.borrow_mut().set(RefererHeader(http_request_referer.to_string())), Referer::Client => @@ -640,7 +756,7 @@ fn http_network_or_cache_fetch(request: Rc<Request>, // Step 8 if !http_request.headers.borrow().has::<UserAgent>() { - http_request.headers.borrow_mut().set(UserAgent(global_user_agent().to_owned())); + http_request.headers.borrow_mut().set(UserAgent(context.user_agent.clone())); } match http_request.cache_mode.get() { @@ -670,34 +786,53 @@ fn http_network_or_cache_fetch(request: Rc<Request>, _ => {} } + let current_url = http_request.current_url(); // Step 12 - // modify_request_headers(http_request.headers.borrow()); + // todo: pass referrer url and policy + // this can only be uncommented when the referer header is set, else it crashes + // in the meantime, we manually set the headers in the block below + // modify_request_headers(&mut http_request.headers.borrow_mut(), ¤t_url, + // None, None, None); + { + let headers = &mut *http_request.headers.borrow_mut(); + let host = Host { + hostname: current_url.host_str().unwrap().to_owned(), + port: current_url.port_or_known_default() + }; + headers.set(host); + // unlike http_loader, we should not set the accept header + // here, according to the fetch spec + set_default_accept_encoding(headers); + } // Step 13 // TODO some of this step can't be implemented yet if credentials_flag { // Substep 1 // TODO http://mxr.mozilla.org/servo/source/components/net/http_loader.rs#504 - + // XXXManishearth http_loader has block_cookies: support content blocking here too + set_request_cookies(¤t_url, + &mut *http_request.headers.borrow_mut(), + &context.state.cookie_jar); // Substep 2 if !http_request.headers.borrow().has::<Authorization<String>>() { // Substep 3 let mut authorization_value = None; // Substep 4 - // TODO be able to retrieve https://fetch.spec.whatwg.org/#authentication-entry + if let Some(basic) = auth_from_cache(&context.state.auth_cache, ¤t_url) { + if !http_request.use_url_credentials || !has_credentials(¤t_url) { + authorization_value = Some(basic); + } + } // Substep 5 - if authentication_fetch_flag { - let current_url = http_request.current_url(); - - authorization_value = if has_credentials(¤t_url) { - Some(Basic { + if authentication_fetch_flag && authorization_value.is_none() { + if has_credentials(¤t_url) { + authorization_value = Some(Basic { username: current_url.username().to_owned(), password: current_url.password().map(str::to_owned) }) - } else { - None } } @@ -753,7 +888,7 @@ fn http_network_or_cache_fetch(request: Rc<Request>, // Step 18 if response.is_none() { - response = Some(http_network_fetch(request.clone(), http_request.clone(), credentials_flag)); + response = Some(http_network_fetch(http_request.clone(), credentials_flag, done_chan)); } let response = response.unwrap(); @@ -788,8 +923,8 @@ fn http_network_or_cache_fetch(request: Rc<Request>, /// [HTTP network fetch](https://fetch.spec.whatwg.org/#http-network-fetch) fn http_network_fetch(request: Rc<Request>, - _http_request: Rc<Request>, - _credentials_flag: bool) -> Response { + _credentials_flag: bool, + done_chan: &mut DoneChannel) -> Response { // TODO: Implement HTTP network fetch spec // Step 1 @@ -811,42 +946,70 @@ fn http_network_fetch(request: Rc<Request>, let wrapped_response = obtain_response(&factory, &url, &request.method.borrow(), &request.headers.borrow(), - &cancellation_listener, &None, &request.method.borrow(), - &None, request.redirect_count.get(), &None, ""); + &cancellation_listener, &request.body.borrow(), &request.method.borrow(), + &None, request.redirect_count.get() + 1, &None, ""); let mut response = Response::new(); match wrapped_response { - Ok((mut res, _)) => { - response.url = Some(res.response.url.clone()); + Ok((res, _)) => { + response.url = Some(url.clone()); response.status = Some(res.response.status); + response.raw_status = Some(res.response.status_raw().clone()); response.headers = res.response.headers.clone(); let res_body = response.body.clone(); - thread::spawn(move || { - *res_body.lock().unwrap() = ResponseBody::Receiving(vec![]); - - loop { - match read_block(&mut res.response) { - Ok(ReadResult::Payload(ref mut chunk)) => { - if let ResponseBody::Receiving(ref mut body) = *res_body.lock().unwrap() { - body.append(chunk); + + // We're about to spawn a thread to be waited on here + *done_chan = Some(channel()); + let meta = response.metadata().expect("Response metadata should exist at this stage"); + let done_sender = done_chan.as_ref().map(|ch| ch.0.clone()); + spawn_named(format!("fetch worker thread"), move || { + match StreamedResponse::from_http_response(box res, meta) { + Ok(mut res) => { + *res_body.lock().unwrap() = ResponseBody::Receiving(vec![]); + loop { + match read_block(&mut res) { + Ok(ReadResult::Payload(chunk)) => { + if let ResponseBody::Receiving(ref mut body) = *res_body.lock().unwrap() { + body.extend_from_slice(&chunk); + if let Some(ref sender) = done_sender { + let _ = sender.send(Data::Payload(chunk)); + } + } + }, + Ok(ReadResult::EOF) | Err(_) => { + let mut empty_vec = Vec::new(); + let completed_body = match *res_body.lock().unwrap() { + ResponseBody::Receiving(ref mut body) => { + // avoid cloning the body + swap(body, &mut empty_vec); + empty_vec + }, + _ => empty_vec, + }; + *res_body.lock().unwrap() = ResponseBody::Done(completed_body); + if let Some(ref sender) = done_sender { + let _ = sender.send(Data::Done); + } + break; + } } - }, - Ok(ReadResult::EOF) | Err(_) => { - let completed_body = match *res_body.lock().unwrap() { - ResponseBody::Receiving(ref body) => (*body).clone(), - _ => vec![] - }; - *res_body.lock().unwrap() = ResponseBody::Done(completed_body); - break; + + } + } + Err(_) => { + // XXXManishearth we should propagate this error somehow + *res_body.lock().unwrap() = ResponseBody::Done(vec![]); + if let Some(ref sender) = done_sender { + let _ = sender.send(Data::Done); } } - } }); }, - Err(_) => - response.termination_reason = Some(TerminationReason::Fatal) + Err(_) => { + response.termination_reason = Some(TerminationReason::Fatal); + } }; // TODO these substeps aren't possible yet @@ -860,7 +1023,10 @@ fn http_network_fetch(request: Rc<Request>, // TODO Read request - // Step 5 + // Step 5-9 + // (needs stream bodies) + + // Step 10 // TODO when https://bugzilla.mozilla.org/show_bug.cgi?id=1030660 // is resolved, this step will become uneccesary // TODO this step @@ -872,22 +1038,19 @@ fn http_network_fetch(request: Rc<Request>, } }; - // Step 6 - *response.url_list.borrow_mut() = request.url_list.borrow().clone(); - - // Step 7 - // TODO this step isn't possible yet + // Step 11 + // TODO this step isn't possible yet (CSP) - // Step 8 + // Step 12 if response.is_network_error() && request.cache_mode.get() == CacheMode::NoStore { // TODO update response in the HTTP cache for request } // TODO this step isn't possible yet - // Step 9 + // Step 13 // TODO these steps - // Step 10 + // Step 14 // Substep 1 // Substep 2 // Sub-substep 1 @@ -896,19 +1059,20 @@ fn http_network_fetch(request: Rc<Request>, // Sub-substep 4 // Substep 3 - // Step 11 + // Step 15 response } /// [CORS preflight fetch](https://fetch.spec.whatwg.org#cors-preflight-fetch) -fn cors_preflight_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response { +fn cors_preflight_fetch(request: Rc<Request>, cache: &mut CORSCache, context: &FetchContext) -> Response { // Step 1 let mut preflight = Request::new(request.current_url(), Some(request.origin.borrow().clone()), false); *preflight.method.borrow_mut() = Method::Options; preflight.initiator = request.initiator.clone(); preflight.type_ = request.type_.clone(); preflight.destination = request.destination.clone(); - preflight.referer = request.referer.clone(); + *preflight.referer.borrow_mut() = request.referer.borrow().clone(); + preflight.referrer_policy.set(preflight.referrer_policy.get()); // Step 2 preflight.headers.borrow_mut().set::<AccessControlRequestMethod>( @@ -929,7 +1093,7 @@ fn cors_preflight_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response // Step 6 let preflight = Rc::new(preflight); - let response = http_network_or_cache_fetch(preflight.clone(), false, false); + let response = http_network_or_cache_fetch(preflight.clone(), false, false, &mut None, context); // Step 7 if cors_check(request.clone(), &response).is_ok() && @@ -962,12 +1126,16 @@ fn cors_preflight_fetch(request: Rc<Request>, cache: &mut CORSCache) -> Response } // Substep 5 + debug!("CORS check: Allowed methods: {:?}, current method: {:?}", + methods, request.method.borrow()); if methods.iter().all(|method| *method != *request.method.borrow()) && !is_simple_method(&*request.method.borrow()) { return Response::network_error(); } // Substep 6 + debug!("CORS check: Allowed headers: {:?}, current headers: {:?}", + header_names, request.headers.borrow()); let set: HashSet<&UniCase<String>> = HashSet::from_iter(header_names.iter()); if request.headers.borrow().iter().any(|ref hv| !set.contains(&UniCase(hv.name().to_owned())) && !is_simple_header(hv)) { @@ -1040,12 +1208,6 @@ fn cors_check(request: Rc<Request>, response: &Response) -> Result<(), ()> { Err(()) } -fn global_user_agent() -> String { - // TODO have a better useragent string - const USER_AGENT_STRING: &'static str = "Servo"; - USER_AGENT_STRING.to_owned() -} - fn has_credentials(url: &Url) -> bool { !url.username().is_empty() || url.password().is_some() } @@ -1056,6 +1218,7 @@ fn is_no_store_cache(headers: &Headers) -> bool { headers.has::<IfRange>() } +/// https://fetch.spec.whatwg.org/#cors-safelisted-request-header fn is_simple_header(h: &HeaderView) -> bool { if h.is::<ContentType>() { match h.value() { |