| /* |
| * Copyright (C) 2006-2016 Apple Inc. All rights reserved. |
| * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmobile.com/) |
| * Copyright (C) 2008 Alp Toker <alp@atoker.com> |
| * Copyright (C) Research In Motion Limited 2009. All rights reserved. |
| * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> |
| * Copyright (C) 2011 Google Inc. All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
| * are met: |
| * |
| * 1. Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * 2. Redistributions in binary form must reproduce the above copyright |
| * notice, this list of conditions and the following disclaimer in the |
| * documentation and/or other materials provided with the distribution. |
| * 3. Neither the name of Apple Inc. ("Apple") nor the names of |
| * its contributors may be used to endorse or promote products derived |
| * from this software without specific prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY |
| * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
| * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
| * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY |
| * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
| * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND |
| * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| #include "config.h" |
| #include "FrameLoader.h" |
| |
| #include "AXObjectCache.h" |
| #include "ApplicationCacheHost.h" |
| #include "BackForwardController.h" |
| #include "BeforeUnloadEvent.h" |
| #include "CachedPage.h" |
| #include "CachedResourceLoader.h" |
| #include "Chrome.h" |
| #include "ChromeClient.h" |
| #include "CommonVM.h" |
| #include "ContentFilter.h" |
| #include "ContentSecurityPolicy.h" |
| #include "DOMWindow.h" |
| #include "DatabaseManager.h" |
| #include "DiagnosticLoggingClient.h" |
| #include "DiagnosticLoggingKeys.h" |
| #include "Document.h" |
| #include "DocumentLoader.h" |
| #include "Editor.h" |
| #include "EditorClient.h" |
| #include "Element.h" |
| #include "Event.h" |
| #include "EventHandler.h" |
| #include "EventNames.h" |
| #include "FloatRect.h" |
| #include "FormState.h" |
| #include "FormSubmission.h" |
| #include "Frame.h" |
| #include "FrameLoadRequest.h" |
| #include "FrameLoaderClient.h" |
| #include "FrameNetworkingContext.h" |
| #include "FrameTree.h" |
| #include "FrameView.h" |
| #include "GCController.h" |
| #include "HTMLFormElement.h" |
| #include "HTMLInputElement.h" |
| #include "HTMLNames.h" |
| #include "HTMLObjectElement.h" |
| #include "HTMLParserIdioms.h" |
| #include "HTTPHeaderNames.h" |
| #include "HTTPParsers.h" |
| #include "HistoryController.h" |
| #include "HistoryItem.h" |
| #include "IgnoreOpensDuringUnloadCountIncrementer.h" |
| #include "InspectorController.h" |
| #include "InspectorInstrumentation.h" |
| #include "LinkLoader.h" |
| #include "LoadTiming.h" |
| #include "LoaderStrategy.h" |
| #include "Logging.h" |
| #include "MemoryCache.h" |
| #include "MemoryRelease.h" |
| #include "NavigationDisabler.h" |
| #include "NavigationPolicyCheck.h" |
| #include "NavigationScheduler.h" |
| #include "Page.h" |
| #include "PageCache.h" |
| #include "PageTransitionEvent.h" |
| #include "PerformanceLogging.h" |
| #include "PlatformStrategies.h" |
| #include "PluginData.h" |
| #include "PluginDocument.h" |
| #include "PolicyChecker.h" |
| #include "ProgressTracker.h" |
| #include "ResourceHandle.h" |
| #include "ResourceLoadInfo.h" |
| #include "ResourceLoadObserver.h" |
| #include "ResourceRequest.h" |
| #include "SVGDocument.h" |
| #include "SVGLocatable.h" |
| #include "SVGNames.h" |
| #include "SVGViewElement.h" |
| #include "SVGViewSpec.h" |
| #include "ScriptController.h" |
| #include "ScriptSourceCode.h" |
| #include "ScrollAnimator.h" |
| #include "SecurityOrigin.h" |
| #include "SecurityPolicy.h" |
| #include "SegmentedString.h" |
| #include "SerializedScriptValue.h" |
| #include "Settings.h" |
| #include "SubframeLoader.h" |
| #include "SubresourceLoader.h" |
| #include "TextResourceDecoder.h" |
| #include "UserContentController.h" |
| #include "UserGestureIndicator.h" |
| #include "WindowFeatures.h" |
| #include "XMLDocumentParser.h" |
| #include <wtf/CompletionHandler.h> |
| #include <wtf/Ref.h> |
| #include <wtf/SetForScope.h> |
| #include <wtf/StdLibExtras.h> |
| #include <wtf/SystemTracing.h> |
| #include <wtf/text/CString.h> |
| #include <wtf/text/WTFString.h> |
| |
| #if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML) |
| #include "Archive.h" |
| #endif |
| |
| #if ENABLE(DATA_DETECTION) |
| #include "DataDetection.h" |
| #endif |
| |
| #if PLATFORM(IOS) |
| #include "DocumentType.h" |
| #include "ResourceLoader.h" |
| #include "RuntimeApplicationChecks.h" |
| #include "WKContentObservation.h" |
| #endif |
| |
| #define RELEASE_LOG_IF_ALLOWED(fmt, ...) RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), Network, "%p - FrameLoader::" fmt, this, ##__VA_ARGS__) |
| |
| namespace WebCore { |
| |
| using namespace HTMLNames; |
| using namespace SVGNames; |
| |
| static const char defaultAcceptHeader[] = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; |
| |
| bool isBackForwardLoadType(FrameLoadType type) |
| { |
| switch (type) { |
| case FrameLoadType::Standard: |
| case FrameLoadType::Reload: |
| case FrameLoadType::ReloadFromOrigin: |
| case FrameLoadType::ReloadExpiredOnly: |
| case FrameLoadType::Same: |
| case FrameLoadType::RedirectWithLockedBackForwardList: |
| case FrameLoadType::Replace: |
| return false; |
| case FrameLoadType::Back: |
| case FrameLoadType::Forward: |
| case FrameLoadType::IndexedBackForward: |
| return true; |
| } |
| ASSERT_NOT_REACHED(); |
| return false; |
| } |
| |
| bool isReload(FrameLoadType type) |
| { |
| switch (type) { |
| case FrameLoadType::Reload: |
| case FrameLoadType::ReloadFromOrigin: |
| case FrameLoadType::ReloadExpiredOnly: |
| return true; |
| case FrameLoadType::Standard: |
| case FrameLoadType::Same: |
| case FrameLoadType::RedirectWithLockedBackForwardList: |
| case FrameLoadType::Replace: |
| case FrameLoadType::Back: |
| case FrameLoadType::Forward: |
| case FrameLoadType::IndexedBackForward: |
| return false; |
| } |
| ASSERT_NOT_REACHED(); |
| return false; |
| } |
| |
| // This is not in the FrameLoader class to emphasize that it does not depend on |
| // private FrameLoader data, and to avoid increasing the number of public functions |
| // with access to private data. Since only this .cpp file needs it, making it |
| // non-member lets us exclude it from the header file, thus keeping FrameLoader.h's |
| // API simpler. |
| // |
| static bool isDocumentSandboxed(Frame& frame, SandboxFlags mask) |
| { |
| return frame.document() && frame.document()->isSandboxed(mask); |
| } |
| |
| struct ForbidPromptsScope { |
| ForbidPromptsScope(Page* page) : m_page(page) |
| { |
| if (!m_page) |
| return; |
| m_page->forbidPrompts(); |
| } |
| |
| ~ForbidPromptsScope() |
| { |
| if (!m_page) |
| return; |
| m_page->allowPrompts(); |
| } |
| |
| Page* m_page; |
| }; |
| |
| class FrameLoader::FrameProgressTracker { |
| WTF_MAKE_FAST_ALLOCATED; |
| public: |
| explicit FrameProgressTracker(Frame& frame) |
| : m_frame(frame) |
| , m_inProgress(false) |
| { |
| } |
| |
| ~FrameProgressTracker() |
| { |
| if (m_inProgress && m_frame.page()) |
| m_frame.page()->progress().progressCompleted(m_frame); |
| } |
| |
| void progressStarted() |
| { |
| ASSERT(m_frame.page()); |
| if (!m_inProgress) |
| m_frame.page()->progress().progressStarted(m_frame); |
| m_inProgress = true; |
| } |
| |
| void progressCompleted() |
| { |
| ASSERT(m_inProgress); |
| ASSERT(m_frame.page()); |
| m_inProgress = false; |
| m_frame.page()->progress().progressCompleted(m_frame); |
| } |
| |
| private: |
| Frame& m_frame; |
| bool m_inProgress; |
| }; |
| |
| FrameLoader::FrameLoader(Frame& frame, FrameLoaderClient& client) |
| : m_frame(frame) |
| , m_client(client) |
| , m_policyChecker(std::make_unique<PolicyChecker>(frame)) |
| , m_history(std::make_unique<HistoryController>(frame)) |
| , m_notifier(frame) |
| , m_subframeLoader(std::make_unique<SubframeLoader>(frame)) |
| , m_mixedContentChecker(frame) |
| , m_state(FrameStateProvisional) |
| , m_loadType(FrameLoadType::Standard) |
| , m_quickRedirectComing(false) |
| , m_sentRedirectNotification(false) |
| , m_inStopAllLoaders(false) |
| , m_isExecutingJavaScriptFormAction(false) |
| , m_didCallImplicitClose(true) |
| , m_wasUnloadEventEmitted(false) |
| , m_isComplete(false) |
| , m_needsClear(false) |
| , m_checkTimer(*this, &FrameLoader::checkTimerFired) |
| , m_shouldCallCheckCompleted(false) |
| , m_shouldCallCheckLoadComplete(false) |
| , m_opener(nullptr) |
| , m_loadingFromCachedPage(false) |
| , m_currentNavigationHasShownBeforeUnloadConfirmPanel(false) |
| , m_loadsSynchronously(false) |
| , m_forcedSandboxFlags(SandboxNone) |
| { |
| } |
| |
| FrameLoader::~FrameLoader() |
| { |
| setOpener(nullptr); |
| |
| for (auto& frame : m_openedFrames) |
| frame->loader().m_opener = nullptr; |
| |
| m_client.frameLoaderDestroyed(); |
| |
| if (m_networkingContext) |
| m_networkingContext->invalidate(); |
| } |
| |
| void FrameLoader::init() |
| { |
| // This somewhat odd set of steps gives the frame an initial empty document. |
| setPolicyDocumentLoader(m_client.createDocumentLoader(ResourceRequest(URL(ParsedURLString, emptyString())), SubstituteData()).ptr()); |
| setProvisionalDocumentLoader(m_policyDocumentLoader.get()); |
| m_provisionalDocumentLoader->startLoadingMainResource(ShouldContinue::Yes); |
| |
| Ref<Frame> protect(m_frame); |
| m_frame.document()->cancelParsing(); |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::DisplayingInitialEmptyDocument); |
| |
| m_networkingContext = m_client.createNetworkingContext(); |
| m_progressTracker = std::make_unique<FrameProgressTracker>(m_frame); |
| } |
| |
| void FrameLoader::initForSynthesizedDocument(const URL&) |
| { |
| // FIXME: We need to initialize the document URL to the specified URL. Currently the URL is empty and hence |
| // FrameLoader::checkCompleted() will overwrite the URL of the document to be activeDocumentLoader()->documentURL(). |
| |
| auto loader = m_client.createDocumentLoader(ResourceRequest(URL(ParsedURLString, emptyString())), SubstituteData()); |
| loader->attachToFrame(m_frame); |
| loader->setResponse(ResourceResponse(URL(), ASCIILiteral("text/html"), 0, String())); |
| loader->setCommitted(true); |
| setDocumentLoader(loader.ptr()); |
| |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::DisplayingInitialEmptyDocument); |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::DisplayingInitialEmptyDocumentPostCommit); |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::CommittedFirstRealLoad); |
| m_client.transitionToCommittedForNewPage(); |
| |
| m_didCallImplicitClose = true; |
| m_isComplete = true; |
| m_state = FrameStateComplete; |
| m_needsClear = true; |
| |
| m_networkingContext = m_client.createNetworkingContext(); |
| m_progressTracker = std::make_unique<FrameProgressTracker>(m_frame); |
| } |
| |
| void FrameLoader::setDefersLoading(bool defers) |
| { |
| if (m_documentLoader) |
| m_documentLoader->setDefersLoading(defers); |
| if (m_provisionalDocumentLoader) |
| m_provisionalDocumentLoader->setDefersLoading(defers); |
| if (m_policyDocumentLoader) |
| m_policyDocumentLoader->setDefersLoading(defers); |
| history().setDefersLoading(defers); |
| |
| if (!defers) { |
| m_frame.navigationScheduler().startTimer(); |
| startCheckCompleteTimer(); |
| } |
| } |
| |
| void FrameLoader::checkContentPolicy(const ResourceResponse& response, ContentPolicyDecisionFunction&& function) |
| { |
| client().dispatchDecidePolicyForResponse(response, activeDocumentLoader()->request(), WTFMove(function)); |
| } |
| |
| void FrameLoader::changeLocation(FrameLoadRequest&& request) |
| { |
| urlSelected(WTFMove(request), nullptr); |
| } |
| |
| void FrameLoader::urlSelected(const URL& url, const String& passedTarget, Event* triggeringEvent, LockHistory lockHistory, LockBackForwardList lockBackForwardList, ShouldSendReferrer shouldSendReferrer, ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy, std::optional<NewFrameOpenerPolicy> openerPolicy, const AtomicString& downloadAttribute) |
| { |
| auto* frame = lexicalFrameFromCommonVM(); |
| auto initiatedByMainFrame = frame && frame->isMainFrame() ? InitiatedByMainFrame::Yes : InitiatedByMainFrame::Unknown; |
| |
| NewFrameOpenerPolicy newFrameOpenerPolicy = openerPolicy.value_or(shouldSendReferrer == NeverSendReferrer ? NewFrameOpenerPolicy::Suppress : NewFrameOpenerPolicy::Allow); |
| urlSelected(FrameLoadRequest(*m_frame.document(), m_frame.document()->securityOrigin(), { url }, passedTarget, lockHistory, lockBackForwardList, shouldSendReferrer, AllowNavigationToInvalidURL::Yes, newFrameOpenerPolicy, shouldOpenExternalURLsPolicy, initiatedByMainFrame, DoNotReplaceDocumentIfJavaScriptURL, downloadAttribute), triggeringEvent); |
| } |
| |
| void FrameLoader::urlSelected(FrameLoadRequest&& frameRequest, Event* triggeringEvent) |
| { |
| Ref<Frame> protect(m_frame); |
| |
| if (m_frame.script().executeIfJavaScriptURL(frameRequest.resourceRequest().url(), frameRequest.shouldReplaceDocumentIfJavaScriptURL())) |
| return; |
| |
| if (frameRequest.frameName().isEmpty()) |
| frameRequest.setFrameName(m_frame.document()->baseTarget()); |
| |
| addHTTPOriginIfNeeded(frameRequest.resourceRequest(), outgoingOrigin()); |
| m_frame.document()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(frameRequest.resourceRequest(), ContentSecurityPolicy::InsecureRequestType::Navigation); |
| |
| loadFrameRequest(WTFMove(frameRequest), triggeringEvent, nullptr); |
| } |
| |
| void FrameLoader::submitForm(Ref<FormSubmission>&& submission) |
| { |
| ASSERT(submission->method() == FormSubmission::Method::Post || submission->method() == FormSubmission::Method::Get); |
| |
| // FIXME: Find a good spot for these. |
| ASSERT(!submission->state().sourceDocument().frame() || submission->state().sourceDocument().frame() == &m_frame); |
| |
| if (!m_frame.page()) |
| return; |
| |
| if (submission->action().isEmpty()) |
| return; |
| |
| if (isDocumentSandboxed(m_frame, SandboxForms)) { |
| // FIXME: This message should be moved off the console once a solution to https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
| m_frame.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Blocked form submission to '" + submission->action().stringCenterEllipsizedToLength() + "' because the form's frame is sandboxed and the 'allow-forms' permission is not set."); |
| return; |
| } |
| |
| if (protocolIsJavaScript(submission->action())) { |
| if (!m_frame.document()->contentSecurityPolicy()->allowFormAction(URL(submission->action()))) |
| return; |
| m_isExecutingJavaScriptFormAction = true; |
| Ref<Frame> protect(m_frame); |
| m_frame.script().executeIfJavaScriptURL(submission->action(), DoNotReplaceDocumentIfJavaScriptURL); |
| m_isExecutingJavaScriptFormAction = false; |
| return; |
| } |
| |
| Frame* targetFrame = findFrameForNavigation(submission->target(), &submission->state().sourceDocument()); |
| if (!targetFrame) { |
| if (!DOMWindow::allowPopUp(m_frame) && !UserGestureIndicator::processingUserGesture()) |
| return; |
| |
| // FIXME: targetFrame can be null for two distinct reasons: |
| // 1. The frame was not found by name, so we should try opening a new window. |
| // 2. The frame was found, but navigating it was not allowed, e.g. by HTML5 sandbox or by origin checks. |
| // Continuing form submission makes no sense in the latter case. |
| // There is a repeat check after timer fires, so this is not a correctness issue. |
| |
| targetFrame = &m_frame; |
| } else |
| submission->clearTarget(); |
| |
| if (!targetFrame->page()) |
| return; |
| |
| // FIXME: We'd like to remove this altogether and fix the multiple form submission issue another way. |
| |
| // We do not want to submit more than one form from the same page, nor do we want to submit a single |
| // form more than once. This flag prevents these from happening; not sure how other browsers prevent this. |
| // The flag is reset in each time we start dispatching a new mouse or key down event, and |
| // also in setView since this part may get reused for a page from the back/forward cache. |
| // The form multi-submit logic here is only needed when we are submitting a form that affects this frame. |
| |
| // FIXME: Frame targeting is only one of the ways the submission could end up doing something other |
| // than replacing this frame's content, so this check is flawed. On the other hand, the check is hardly |
| // needed any more now that we reset m_submittedFormURL on each mouse or key down event. |
| |
| if (m_frame.tree().isDescendantOf(targetFrame)) { |
| if (m_submittedFormURL == submission->requestURL()) |
| return; |
| m_submittedFormURL = submission->requestURL(); |
| } |
| |
| submission->data().generateFiles(m_frame.document()); |
| submission->setReferrer(outgoingReferrer()); |
| submission->setOrigin(outgoingOrigin()); |
| |
| targetFrame->navigationScheduler().scheduleFormSubmission(WTFMove(submission)); |
| } |
| |
| void FrameLoader::stopLoading(UnloadEventPolicy unloadEventPolicy) |
| { |
| if (m_frame.document() && m_frame.document()->parser()) |
| m_frame.document()->parser()->stopParsing(); |
| |
| if (unloadEventPolicy != UnloadEventPolicyNone) |
| dispatchUnloadEvents(unloadEventPolicy); |
| |
| m_isComplete = true; // to avoid calling completed() in finishedParsing() |
| m_didCallImplicitClose = true; // don't want that one either |
| |
| if (m_frame.document() && m_frame.document()->parsing()) { |
| finishedParsing(); |
| m_frame.document()->setParsing(false); |
| } |
| |
| if (auto* document = m_frame.document()) { |
| // FIXME: HTML5 doesn't tell us to set the state to complete when aborting, but we do anyway to match legacy behavior. |
| // http://www.w3.org/Bugs/Public/show_bug.cgi?id=10537 |
| document->setReadyState(Document::Complete); |
| |
| // FIXME: Should the DatabaseManager watch for something like ActiveDOMObject::stop() rather than being special-cased here? |
| DatabaseManager::singleton().stopDatabases(*document, nullptr); |
| } |
| |
| policyChecker().stopCheck(); |
| |
| // FIXME: This will cancel redirection timer, which really needs to be restarted when restoring the frame from b/f cache. |
| m_frame.navigationScheduler().cancel(); |
| } |
| |
| void FrameLoader::stop() |
| { |
| // http://bugs.webkit.org/show_bug.cgi?id=10854 |
| // The frame's last ref may be removed and it will be deleted by checkCompleted(). |
| Ref<Frame> protect(m_frame); |
| |
| if (DocumentParser* parser = m_frame.document()->parser()) { |
| parser->stopParsing(); |
| parser->finish(); |
| } |
| } |
| |
| void FrameLoader::willTransitionToCommitted() |
| { |
| // This function is called when a frame is still fully in place (not cached, not detached), but will be replaced. |
| |
| if (m_frame.editor().hasComposition()) { |
| // The text was already present in DOM, so it's better to confirm than to cancel the composition. |
| m_frame.editor().confirmComposition(); |
| if (EditorClient* editorClient = m_frame.editor().client()) { |
| editorClient->respondToChangedSelection(&m_frame); |
| editorClient->discardedComposition(&m_frame); |
| } |
| } |
| } |
| |
| bool FrameLoader::closeURL() |
| { |
| history().saveDocumentState(); |
| |
| Document* currentDocument = m_frame.document(); |
| UnloadEventPolicy unloadEventPolicy; |
| if (m_frame.page() && m_frame.page()->chrome().client().isSVGImageChromeClient()) { |
| // If this is the SVGDocument of an SVGImage, no need to dispatch events or recalcStyle. |
| unloadEventPolicy = UnloadEventPolicyNone; |
| } else { |
| // Should only send the pagehide event here if the current document exists and has not been placed in the page cache. |
| unloadEventPolicy = currentDocument && currentDocument->pageCacheState() == Document::NotInPageCache ? UnloadEventPolicyUnloadAndPageHide : UnloadEventPolicyUnloadOnly; |
| } |
| |
| stopLoading(unloadEventPolicy); |
| |
| m_frame.editor().clearUndoRedoOperations(); |
| return true; |
| } |
| |
| bool FrameLoader::didOpenURL() |
| { |
| if (m_frame.navigationScheduler().redirectScheduledDuringLoad()) { |
| // A redirect was scheduled before the document was created. |
| // This can happen when one frame changes another frame's location. |
| return false; |
| } |
| |
| m_frame.navigationScheduler().cancel(); |
| m_frame.editor().clearLastEditCommand(); |
| |
| m_isComplete = false; |
| m_didCallImplicitClose = false; |
| |
| // If we are still in the process of initializing an empty document then |
| // its frame is not in a consistent state for rendering, so avoid setJSStatusBarText |
| // since it may cause clients to attempt to render the frame. |
| if (!m_stateMachine.creatingInitialEmptyDocument()) { |
| DOMWindow* window = m_frame.document()->domWindow(); |
| window->setStatus(String()); |
| window->setDefaultStatus(String()); |
| } |
| |
| started(); |
| |
| return true; |
| } |
| |
| void FrameLoader::didExplicitOpen() |
| { |
| m_isComplete = false; |
| m_didCallImplicitClose = false; |
| |
| // Calling document.open counts as committing the first real document load. |
| if (!m_stateMachine.committedFirstRealDocumentLoad()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::DisplayingInitialEmptyDocumentPostCommit); |
| |
| // Prevent window.open(url) -- eg window.open("about:blank") -- from blowing away results |
| // from a subsequent window.document.open / window.document.write call. |
| // Canceling redirection here works for all cases because document.open |
| // implicitly precedes document.write. |
| m_frame.navigationScheduler().cancel(); |
| } |
| |
| |
| void FrameLoader::cancelAndClear() |
| { |
| m_frame.navigationScheduler().cancel(); |
| |
| if (!m_isComplete) |
| closeURL(); |
| |
| clear(m_frame.document(), false); |
| m_frame.script().updatePlatformScriptObjects(); |
| } |
| |
| static inline bool shouldClearWindowName(const Frame& frame, const Document& newDocument) |
| { |
| if (!frame.isMainFrame()) |
| return false; |
| |
| if (frame.loader().opener()) |
| return false; |
| |
| return !newDocument.securityOrigin().isSameOriginAs(frame.document()->securityOrigin()); |
| } |
| |
| void FrameLoader::clear(Document* newDocument, bool clearWindowProperties, bool clearScriptObjects, bool clearFrameView) |
| { |
| m_frame.editor().clear(); |
| |
| if (!m_needsClear) |
| return; |
| m_needsClear = false; |
| |
| if (m_frame.document()->pageCacheState() != Document::InPageCache) { |
| m_frame.document()->cancelParsing(); |
| m_frame.document()->stopActiveDOMObjects(); |
| bool hadLivingRenderTree = m_frame.document()->hasLivingRenderTree(); |
| m_frame.document()->prepareForDestruction(); |
| if (hadLivingRenderTree) |
| m_frame.document()->removeFocusedNodeOfSubtree(*m_frame.document()); |
| } |
| |
| // Do this after detaching the document so that the unload event works. |
| if (clearWindowProperties) { |
| InspectorInstrumentation::frameWindowDiscarded(m_frame, m_frame.document()->domWindow()); |
| m_frame.document()->domWindow()->resetUnlessSuspendedForDocumentSuspension(); |
| m_frame.windowProxy().clearJSWindowProxiesNotMatchingDOMWindow(newDocument->domWindow(), m_frame.document()->pageCacheState() == Document::AboutToEnterPageCache); |
| |
| if (shouldClearWindowName(m_frame, *newDocument)) |
| m_frame.tree().setName(nullAtom()); |
| } |
| |
| m_frame.selection().prepareForDestruction(); |
| m_frame.eventHandler().clear(); |
| |
| if (clearFrameView && m_frame.view()) |
| m_frame.view()->clear(); |
| |
| // Do not drop the document before the ScriptController and view are cleared |
| // as some destructors might still try to access the document. |
| m_frame.setDocument(nullptr); |
| |
| subframeLoader().clear(); |
| |
| if (clearWindowProperties) |
| m_frame.windowProxy().setDOMWindow(newDocument->domWindow()); |
| |
| if (clearScriptObjects) |
| m_frame.script().clearScriptObjects(); |
| |
| m_frame.script().enableEval(); |
| |
| m_frame.navigationScheduler().clear(); |
| |
| m_checkTimer.stop(); |
| m_shouldCallCheckCompleted = false; |
| m_shouldCallCheckLoadComplete = false; |
| |
| if (m_stateMachine.isDisplayingInitialEmptyDocument() && m_stateMachine.committedFirstRealDocumentLoad()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::CommittedFirstRealLoad); |
| } |
| |
| void FrameLoader::receivedFirstData() |
| { |
| dispatchDidCommitLoad(std::nullopt); |
| dispatchDidClearWindowObjectsInAllWorlds(); |
| dispatchGlobalObjectAvailableInAllWorlds(); |
| |
| if (!m_documentLoader) |
| return; |
| |
| auto& documentLoader = *m_documentLoader; |
| auto& title = documentLoader.title(); |
| if (!title.string.isNull()) |
| m_client.dispatchDidReceiveTitle(title); |
| |
| ASSERT(m_frame.document()); |
| auto& document = *m_frame.document(); |
| |
| LinkLoader::loadLinksFromHeader(documentLoader.response().httpHeaderField(HTTPHeaderName::Link), document.url(), document, LinkLoader::MediaAttributeCheck::MediaAttributeEmpty); |
| |
| double delay; |
| String urlString; |
| if (!parseHTTPRefresh(documentLoader.response().httpHeaderField(HTTPHeaderName::Refresh), delay, urlString)) |
| return; |
| auto completedURL = urlString.isEmpty() ? document.url() : document.completeURL(urlString); |
| if (!protocolIsJavaScript(completedURL)) |
| m_frame.navigationScheduler().scheduleRedirect(document, delay, completedURL); |
| else { |
| auto message = "Refused to refresh " + document.url().stringCenterEllipsizedToLength() + " to a javascript: URL"; |
| document.addConsoleMessage(MessageSource::Security, MessageLevel::Error, message); |
| } |
| } |
| |
| void FrameLoader::setOutgoingReferrer(const URL& url) |
| { |
| m_outgoingReferrer = url.strippedForUseAsReferrer(); |
| } |
| |
| void FrameLoader::didBeginDocument(bool dispatch) |
| { |
| m_needsClear = true; |
| m_isComplete = false; |
| m_didCallImplicitClose = false; |
| m_frame.document()->setReadyState(Document::Loading); |
| |
| if (m_pendingStateObject) { |
| m_frame.document()->statePopped(*m_pendingStateObject); |
| m_pendingStateObject = nullptr; |
| } |
| |
| if (dispatch) |
| dispatchDidClearWindowObjectsInAllWorlds(); |
| |
| updateFirstPartyForCookies(); |
| m_frame.document()->initContentSecurityPolicy(); |
| |
| const Settings& settings = m_frame.settings(); |
| m_frame.document()->cachedResourceLoader().setImagesEnabled(settings.areImagesEnabled()); |
| m_frame.document()->cachedResourceLoader().setAutoLoadImages(settings.loadsImagesAutomatically()); |
| |
| if (m_documentLoader) { |
| String dnsPrefetchControl = m_documentLoader->response().httpHeaderField(HTTPHeaderName::XDNSPrefetchControl); |
| if (!dnsPrefetchControl.isEmpty()) |
| m_frame.document()->parseDNSPrefetchControlHeader(dnsPrefetchControl); |
| |
| m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), ContentSecurityPolicy::ReportParsingErrors::No); |
| |
| String headerContentLanguage = m_documentLoader->response().httpHeaderField(HTTPHeaderName::ContentLanguage); |
| if (!headerContentLanguage.isEmpty()) { |
| size_t commaIndex = headerContentLanguage.find(','); |
| headerContentLanguage.truncate(commaIndex); // notFound == -1 == don't truncate |
| headerContentLanguage = stripLeadingAndTrailingHTMLSpaces(headerContentLanguage); |
| if (!headerContentLanguage.isEmpty()) |
| m_frame.document()->setContentLanguage(headerContentLanguage); |
| } |
| } |
| |
| history().restoreDocumentState(); |
| } |
| |
| void FrameLoader::finishedParsing() |
| { |
| LOG(Loading, "WebCoreLoading %s: Finished parsing", m_frame.tree().uniqueName().string().utf8().data()); |
| |
| m_frame.injectUserScripts(InjectAtDocumentEnd); |
| |
| if (m_stateMachine.creatingInitialEmptyDocument()) |
| return; |
| |
| // This can be called from the Frame's destructor, in which case we shouldn't protect ourselves |
| // because doing so will cause us to re-enter the destructor when protector goes out of scope. |
| // Null-checking the FrameView indicates whether or not we're in the destructor. |
| RefPtr<Frame> protector = m_frame.view() ? &m_frame : 0; |
| |
| m_client.dispatchDidFinishDocumentLoad(); |
| |
| scrollToFragmentWithParentBoundary(m_frame.document()->url()); |
| |
| checkCompleted(); |
| |
| if (!m_frame.view()) |
| return; // We are being destroyed by something checkCompleted called. |
| |
| // Check if the scrollbars are really needed for the content. |
| // If not, remove them, relayout, and repaint. |
| m_frame.view()->restoreScrollbar(); |
| } |
| |
| void FrameLoader::loadDone() |
| { |
| checkCompleted(); |
| } |
| |
| bool FrameLoader::allChildrenAreComplete() const |
| { |
| for (Frame* child = m_frame.tree().firstChild(); child; child = child->tree().nextSibling()) { |
| if (!child->loader().m_isComplete) |
| return false; |
| } |
| return true; |
| } |
| |
| bool FrameLoader::allAncestorsAreComplete() const |
| { |
| for (Frame* ancestor = &m_frame; ancestor; ancestor = ancestor->tree().parent()) { |
| if (!ancestor->loader().m_isComplete) |
| return false; |
| } |
| return true; |
| } |
| |
| void FrameLoader::checkCompleted() |
| { |
| m_shouldCallCheckCompleted = false; |
| |
| // Have we completed before? |
| if (m_isComplete) |
| return; |
| |
| // FIXME: It would be better if resource loads were kicked off after render tree update (or didn't complete synchronously). |
| // https://bugs.webkit.org/show_bug.cgi?id=171729 |
| if (m_frame.document()->inRenderTreeUpdate()) { |
| scheduleCheckCompleted(); |
| return; |
| } |
| |
| // Are we still parsing? |
| if (m_frame.document()->parsing()) |
| return; |
| |
| // Still waiting for images/scripts? |
| if (m_frame.document()->cachedResourceLoader().requestCount()) |
| return; |
| |
| // Still waiting for elements that don't go through a FrameLoader? |
| if (m_frame.document()->isDelayingLoadEvent()) |
| return; |
| |
| auto* scriptableParser = m_frame.document()->scriptableDocumentParser(); |
| if (scriptableParser && scriptableParser->hasScriptsWaitingForStylesheets()) |
| return; |
| |
| // Any frame that hasn't completed yet? |
| if (!allChildrenAreComplete()) |
| return; |
| |
| // Important not to protect earlier in this function, because earlier parts |
| // of this function can be called in the frame's destructor, and it's not legal |
| // to ref an object while it's being destroyed. |
| Ref<Frame> protect(m_frame); |
| |
| // OK, completed. |
| m_isComplete = true; |
| m_requestedHistoryItem = nullptr; |
| m_frame.document()->setReadyState(Document::Complete); |
| |
| #if PLATFORM(IOS) |
| if (m_frame.document()->url().isEmpty()) { |
| // We need to update the document URL of a PDF document to be non-empty so that both back/forward history navigation |
| // between PDF pages and fragment navigation works. See <rdar://problem/9544769> for more details. |
| // FIXME: Is there a better place for this code, say DocumentLoader? Also, we should explicitly only update the URL |
| // of the document when it's a PDFDocument object instead of assuming that a Document object with an empty URL is a PDFDocument. |
| // FIXME: This code is incorrect for a synthesized document (which also has an empty URL). The URL for a synthesized |
| // document should be the URL specified to FrameLoader::initForSynthesizedDocument(). |
| m_frame.document()->setURL(activeDocumentLoader()->documentURL()); |
| } |
| #endif |
| |
| checkCallImplicitClose(); // if we didn't do it before |
| |
| m_frame.navigationScheduler().startTimer(); |
| |
| completed(); |
| if (m_frame.page()) |
| checkLoadComplete(); |
| } |
| |
| void FrameLoader::checkTimerFired() |
| { |
| Ref<Frame> protect(m_frame); |
| |
| if (Page* page = m_frame.page()) { |
| if (page->defersLoading()) |
| return; |
| } |
| if (m_shouldCallCheckCompleted) |
| checkCompleted(); |
| if (m_shouldCallCheckLoadComplete) |
| checkLoadComplete(); |
| } |
| |
| void FrameLoader::startCheckCompleteTimer() |
| { |
| if (!(m_shouldCallCheckCompleted || m_shouldCallCheckLoadComplete)) |
| return; |
| if (m_checkTimer.isActive()) |
| return; |
| m_checkTimer.startOneShot(0_s); |
| } |
| |
| void FrameLoader::scheduleCheckCompleted() |
| { |
| m_shouldCallCheckCompleted = true; |
| startCheckCompleteTimer(); |
| } |
| |
| void FrameLoader::scheduleCheckLoadComplete() |
| { |
| m_shouldCallCheckLoadComplete = true; |
| startCheckCompleteTimer(); |
| } |
| |
| void FrameLoader::checkCallImplicitClose() |
| { |
| if (m_didCallImplicitClose || m_frame.document()->parsing() || m_frame.document()->isDelayingLoadEvent()) |
| return; |
| |
| if (!allChildrenAreComplete()) |
| return; // still got a frame running -> too early |
| |
| m_didCallImplicitClose = true; |
| m_wasUnloadEventEmitted = false; |
| m_frame.document()->implicitClose(); |
| } |
| |
| void FrameLoader::loadURLIntoChildFrame(const URL& url, const String& referer, Frame* childFrame) |
| { |
| ASSERT(childFrame); |
| |
| #if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML) |
| if (auto activeLoader = activeDocumentLoader()) { |
| if (auto subframeArchive = activeLoader->popArchiveForSubframe(childFrame->tree().uniqueName(), url)) { |
| childFrame->loader().loadArchive(RefPtr<Archive> { subframeArchive }.releaseNonNull()); |
| return; |
| } |
| } |
| #endif |
| |
| // If we're moving in the back/forward list, we might want to replace the content |
| // of this child frame with whatever was there at that point. |
| auto* parentItem = history().currentItem(); |
| if (parentItem && parentItem->children().size() && isBackForwardLoadType(loadType()) && !m_frame.document()->loadEventFinished()) { |
| if (auto* childItem = parentItem->childItemWithTarget(childFrame->tree().uniqueName())) { |
| childFrame->loader().m_requestedHistoryItem = childItem; |
| childFrame->loader().loadDifferentDocumentItem(*childItem, loadType(), MayAttemptCacheOnlyLoadForFormSubmissionItem, NavigationPolicyCheck::Require); |
| return; |
| } |
| } |
| |
| auto* lexicalFrame = lexicalFrameFromCommonVM(); |
| auto initiatedByMainFrame = lexicalFrame && lexicalFrame->isMainFrame() ? InitiatedByMainFrame::Yes : InitiatedByMainFrame::Unknown; |
| |
| FrameLoadRequest frameLoadRequest { *m_frame.document(), m_frame.document()->securityOrigin(), { url }, ASCIILiteral("_self"), LockHistory::No, LockBackForwardList::Yes, ShouldSendReferrer::MaybeSendReferrer, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Suppress, ShouldOpenExternalURLsPolicy::ShouldNotAllow, initiatedByMainFrame }; |
| childFrame->loader().loadURL(WTFMove(frameLoadRequest), referer, FrameLoadType::RedirectWithLockedBackForwardList, nullptr, nullptr, [] { }); |
| } |
| |
| #if ENABLE(WEB_ARCHIVE) || ENABLE(MHTML) |
| |
| void FrameLoader::loadArchive(Ref<Archive>&& archive) |
| { |
| ArchiveResource* mainResource = archive->mainResource(); |
| ASSERT(mainResource); |
| if (!mainResource) |
| return; |
| |
| ResourceResponse response(URL(), mainResource->mimeType(), mainResource->data().size(), mainResource->textEncoding()); |
| SubstituteData substituteData(&mainResource->data(), URL(), response, SubstituteData::SessionHistoryVisibility::Hidden); |
| |
| ResourceRequest request(mainResource->url()); |
| |
| auto documentLoader = m_client.createDocumentLoader(request, substituteData); |
| documentLoader->setArchive(WTFMove(archive)); |
| load(documentLoader.ptr()); |
| } |
| |
| #endif // ENABLE(WEB_ARCHIVE) || ENABLE(MHTML) |
| |
| String FrameLoader::outgoingReferrer() const |
| { |
| // See http://www.whatwg.org/specs/web-apps/current-work/#fetching-resources |
| // for why we walk the parent chain for srcdoc documents. |
| Frame* frame = &m_frame; |
| while (frame && frame->document()->isSrcdocDocument()) { |
| frame = frame->tree().parent(); |
| // Srcdoc documents cannot be top-level documents, by definition, |
| // because they need to be contained in iframes with the srcdoc. |
| ASSERT(frame); |
| } |
| if (!frame) |
| return emptyString(); |
| return frame->loader().m_outgoingReferrer; |
| } |
| |
| String FrameLoader::outgoingOrigin() const |
| { |
| return m_frame.document()->securityOrigin().toString(); |
| } |
| |
| bool FrameLoader::checkIfFormActionAllowedByCSP(const URL& url, bool didReceiveRedirectResponse) const |
| { |
| if (m_submittedFormURL.isEmpty()) |
| return true; |
| |
| auto redirectResponseReceived = didReceiveRedirectResponse ? ContentSecurityPolicy::RedirectResponseReceived::Yes : ContentSecurityPolicy::RedirectResponseReceived::No; |
| return m_frame.document()->contentSecurityPolicy()->allowFormAction(url, redirectResponseReceived); |
| } |
| |
| Frame* FrameLoader::opener() |
| { |
| return m_opener; |
| } |
| |
| void FrameLoader::setOpener(Frame* opener) |
| { |
| if (m_opener && !opener) |
| m_client.didDisownOpener(); |
| |
| if (m_opener) { |
| // When setOpener is called in ~FrameLoader, opener's m_frameLoader is already cleared. |
| auto& openerFrameLoader = m_opener == &m_frame ? *this : m_opener->loader(); |
| openerFrameLoader.m_openedFrames.remove(&m_frame); |
| } |
| if (opener) |
| opener->loader().m_openedFrames.add(&m_frame); |
| m_opener = opener; |
| |
| if (m_frame.document()) |
| m_frame.document()->initSecurityContext(); |
| } |
| |
| // FIXME: This does not belong in FrameLoader! |
| void FrameLoader::handleFallbackContent() |
| { |
| HTMLFrameOwnerElement* owner = m_frame.ownerElement(); |
| if (!is<HTMLObjectElement>(owner)) |
| return; |
| downcast<HTMLObjectElement>(*owner).renderFallbackContent(); |
| } |
| |
| void FrameLoader::provisionalLoadStarted() |
| { |
| if (m_stateMachine.firstLayoutDone()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::CommittedFirstRealLoad); |
| m_frame.navigationScheduler().cancel(true); |
| m_client.provisionalLoadStarted(); |
| |
| if (m_frame.isMainFrame()) { |
| tracePoint(MainResourceLoadDidStartProvisional); |
| |
| if (auto* page = m_frame.page()) |
| page->didStartProvisionalLoad(); |
| } |
| } |
| |
| void FrameLoader::resetMultipleFormSubmissionProtection() |
| { |
| m_submittedFormURL = URL(); |
| } |
| |
| void FrameLoader::updateFirstPartyForCookies() |
| { |
| if (m_frame.tree().parent()) |
| setFirstPartyForCookies(m_frame.tree().parent()->document()->firstPartyForCookies()); |
| else |
| setFirstPartyForCookies(m_frame.document()->url()); |
| } |
| |
| void FrameLoader::setFirstPartyForCookies(const URL& url) |
| { |
| for (Frame* frame = &m_frame; frame; frame = frame->tree().traverseNext(&m_frame)) |
| frame->document()->setFirstPartyForCookies(url); |
| |
| String registrableDomain = ResourceRequest::partitionName(url.host()); |
| for (Frame* frame = &m_frame; frame; frame = frame->tree().traverseNext(&m_frame)) { |
| if (SecurityPolicy::shouldInheritSecurityOriginFromOwner(frame->document()->url()) || registrableDomainsAreEqual(frame->document()->url(), registrableDomain)) |
| frame->document()->setFirstPartyForSameSiteCookies(url); |
| } |
| } |
| |
| // This does the same kind of work that didOpenURL does, except it relies on the fact |
| // that a higher level already checked that the URLs match and the scrolling is the right thing to do. |
| void FrameLoader::loadInSameDocument(const URL& url, SerializedScriptValue* stateObject, bool isNewNavigation) |
| { |
| // If we have a state object, we cannot also be a new navigation. |
| ASSERT(!stateObject || (stateObject && !isNewNavigation)); |
| |
| // Update the data source's request with the new URL to fake the URL change |
| URL oldURL = m_frame.document()->url(); |
| m_frame.document()->setURL(url); |
| setOutgoingReferrer(url); |
| documentLoader()->replaceRequestURLForSameDocumentNavigation(url); |
| if (isNewNavigation && !shouldTreatURLAsSameAsCurrent(url) && !stateObject) { |
| // NB: must happen after replaceRequestURLForSameDocumentNavigation(), since we add |
| // based on the current request. Must also happen before we openURL and displace the |
| // scroll position, since adding the BF item will save away scroll state. |
| |
| // NB2: If we were loading a long, slow doc, and the user fragment navigated before |
| // it was done, currItem is now set the that slow doc, and prevItem is whatever was |
| // before it. Adding the b/f item will bump the slow doc down to prevItem, even |
| // though its load is not yet done. I think this all works out OK, for one because |
| // we have already saved away the scroll and doc state for the long slow load, |
| // but it's not an obvious case. |
| |
| history().updateBackForwardListForFragmentScroll(); |
| } |
| |
| bool hashChange = equalIgnoringFragmentIdentifier(url, oldURL) && url.fragmentIdentifier() != oldURL.fragmentIdentifier(); |
| |
| history().updateForSameDocumentNavigation(); |
| |
| // If we were in the autoscroll/panScroll mode we want to stop it before following the link to the anchor |
| if (hashChange) |
| m_frame.eventHandler().stopAutoscrollTimer(); |
| |
| // It's important to model this as a load that starts and immediately finishes. |
| // Otherwise, the parent frame may think we never finished loading. |
| started(); |
| |
| // We need to scroll to the fragment whether or not a hash change occurred, since |
| // the user might have scrolled since the previous navigation. |
| scrollToFragmentWithParentBoundary(url, isNewNavigation); |
| |
| m_isComplete = false; |
| checkCompleted(); |
| |
| if (isNewNavigation) { |
| // This will clear previousItem from the rest of the frame tree that didn't |
| // doing any loading. We need to make a pass on this now, since for fragment |
| // navigation we'll not go through a real load and reach Completed state. |
| checkLoadComplete(); |
| } |
| |
| m_client.dispatchDidNavigateWithinPage(); |
| |
| m_frame.document()->statePopped(stateObject ? Ref<SerializedScriptValue> { *stateObject } : SerializedScriptValue::nullValue()); |
| m_client.dispatchDidPopStateWithinPage(); |
| |
| if (hashChange) { |
| m_frame.document()->enqueueHashchangeEvent(oldURL, url); |
| m_client.dispatchDidChangeLocationWithinPage(); |
| } |
| |
| // FrameLoaderClient::didFinishLoad() tells the internal load delegate the load finished with no error |
| m_client.didFinishLoad(); |
| } |
| |
| bool FrameLoader::isComplete() const |
| { |
| return m_isComplete; |
| } |
| |
| void FrameLoader::completed() |
| { |
| Ref<Frame> protect(m_frame); |
| |
| for (Frame* descendant = m_frame.tree().traverseNext(&m_frame); descendant; descendant = descendant->tree().traverseNext(&m_frame)) |
| descendant->navigationScheduler().startTimer(); |
| |
| if (Frame* parent = m_frame.tree().parent()) |
| parent->loader().checkCompleted(); |
| |
| if (m_frame.view()) |
| m_frame.view()->maintainScrollPositionAtAnchor(nullptr); |
| } |
| |
| void FrameLoader::started() |
| { |
| for (Frame* frame = &m_frame; frame; frame = frame->tree().parent()) |
| frame->loader().m_isComplete = false; |
| } |
| |
| void FrameLoader::prepareForLoadStart() |
| { |
| RELEASE_LOG_IF_ALLOWED("prepareForLoadStart: Starting frame load (frame = %p, main = %d)", &m_frame, m_frame.isMainFrame()); |
| |
| m_progressTracker->progressStarted(); |
| m_client.dispatchDidStartProvisionalLoad(); |
| |
| if (AXObjectCache::accessibilityEnabled()) { |
| if (AXObjectCache* cache = m_frame.document()->existingAXObjectCache()) { |
| AXObjectCache::AXLoadingEvent loadingEvent = loadType() == FrameLoadType::Reload ? AXObjectCache::AXLoadingReloaded : AXObjectCache::AXLoadingStarted; |
| cache->frameLoadingEventNotification(&m_frame, loadingEvent); |
| } |
| } |
| } |
| |
| void FrameLoader::setupForReplace() |
| { |
| m_client.revertToProvisionalState(m_documentLoader.get()); |
| setState(FrameStateProvisional); |
| m_provisionalDocumentLoader = m_documentLoader; |
| m_documentLoader = nullptr; |
| detachChildren(); |
| } |
| |
| void FrameLoader::loadFrameRequest(FrameLoadRequest&& request, Event* event, FormState* formState) |
| { |
| // Protect frame from getting blown away inside dispatchBeforeLoadEvent in loadWithDocumentLoader. |
| auto protectFrame = makeRef(m_frame); |
| |
| URL url = request.resourceRequest().url(); |
| |
| ASSERT(m_frame.document()); |
| if (!request.requesterSecurityOrigin().canDisplay(url)) { |
| reportLocalLoadFailed(&m_frame, url.stringCenterEllipsizedToLength()); |
| return; |
| } |
| |
| String argsReferrer = request.resourceRequest().httpReferrer(); |
| if (argsReferrer.isEmpty()) |
| argsReferrer = outgoingReferrer(); |
| |
| String referrer = SecurityPolicy::generateReferrerHeader(m_frame.document()->referrerPolicy(), url, argsReferrer); |
| if (request.shouldSendReferrer() == NeverSendReferrer) |
| referrer = String(); |
| |
| FrameLoadType loadType; |
| if (request.resourceRequest().cachePolicy() == ReloadIgnoringCacheData) |
| loadType = FrameLoadType::Reload; |
| else if (request.lockBackForwardList() == LockBackForwardList::Yes) |
| loadType = FrameLoadType::RedirectWithLockedBackForwardList; |
| else |
| loadType = FrameLoadType::Standard; |
| |
| auto completionHandler = [this, protectedFrame = makeRef(m_frame), formState = makeRefPtr(formState), frameName = request.frameName()] { |
| // FIXME: It's possible this targetFrame will not be the same frame that was targeted by the actual |
| // load if frame names have changed. |
| Frame* sourceFrame = formState ? formState->sourceDocument().frame() : &m_frame; |
| if (!sourceFrame) |
| sourceFrame = &m_frame; |
| Frame* targetFrame = sourceFrame->loader().findFrameForNavigation(frameName); |
| if (targetFrame && targetFrame != sourceFrame) { |
| if (Page* page = targetFrame->page()) |
| page->chrome().focus(); |
| } |
| }; |
| |
| if (request.resourceRequest().httpMethod() == "POST") |
| loadPostRequest(WTFMove(request), referrer, loadType, event, formState, WTFMove(completionHandler)); |
| else |
| loadURL(WTFMove(request), referrer, loadType, event, formState, WTFMove(completionHandler)); |
| } |
| |
| static ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicyToApply(Frame& currentFrame, InitiatedByMainFrame initiatedByMainFrame, ShouldOpenExternalURLsPolicy propagatedPolicy) |
| { |
| if (UserGestureIndicator::processingUserGesture()) |
| return ShouldOpenExternalURLsPolicy::ShouldAllow; |
| |
| if (initiatedByMainFrame == InitiatedByMainFrame::Yes) |
| return propagatedPolicy; |
| |
| if (!currentFrame.isMainFrame()) |
| return ShouldOpenExternalURLsPolicy::ShouldNotAllow; |
| |
| return propagatedPolicy; |
| } |
| |
| static ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicyToApply(Frame& currentFrame, const FrameLoadRequest& frameLoadRequest) |
| { |
| return shouldOpenExternalURLsPolicyToApply(currentFrame, frameLoadRequest.initiatedByMainFrame(), frameLoadRequest.shouldOpenExternalURLsPolicy()); |
| } |
| |
| static void applyShouldOpenExternalURLsPolicyToNewDocumentLoader(Frame& frame, DocumentLoader& documentLoader, InitiatedByMainFrame initiatedByMainFrame, ShouldOpenExternalURLsPolicy propagatedPolicy) |
| { |
| documentLoader.setShouldOpenExternalURLsPolicy(shouldOpenExternalURLsPolicyToApply(frame, initiatedByMainFrame, propagatedPolicy)); |
| } |
| |
| static void applyShouldOpenExternalURLsPolicyToNewDocumentLoader(Frame& frame, DocumentLoader& documentLoader, const FrameLoadRequest& frameLoadRequest) |
| { |
| documentLoader.setShouldOpenExternalURLsPolicy(shouldOpenExternalURLsPolicyToApply(frame, frameLoadRequest)); |
| } |
| |
| bool FrameLoader::isNavigationAllowed() const |
| { |
| return m_pageDismissalEventBeingDispatched == PageDismissalType::None && NavigationDisabler::isNavigationAllowed(m_frame); |
| } |
| |
| bool FrameLoader::isStopLoadingAllowed() const |
| { |
| return m_pageDismissalEventBeingDispatched == PageDismissalType::None; |
| } |
| |
| void FrameLoader::loadURL(FrameLoadRequest&& frameLoadRequest, const String& referrer, FrameLoadType newLoadType, Event* event, FormState* formState, CompletionHandler<void()>&& completionHandler) |
| { |
| CompletionHandlerCallingScope completionHandlerCaller(WTFMove(completionHandler)); |
| if (m_inStopAllLoaders) |
| return; |
| |
| Ref<Frame> protect(m_frame); |
| |
| String frameName = frameLoadRequest.frameName(); |
| AllowNavigationToInvalidURL allowNavigationToInvalidURL = frameLoadRequest.allowNavigationToInvalidURL(); |
| NewFrameOpenerPolicy openerPolicy = frameLoadRequest.newFrameOpenerPolicy(); |
| LockHistory lockHistory = frameLoadRequest.lockHistory(); |
| bool isFormSubmission = formState; |
| |
| const URL& newURL = frameLoadRequest.resourceRequest().url(); |
| ResourceRequest request(newURL); |
| if (!referrer.isEmpty()) { |
| request.setHTTPReferrer(referrer); |
| RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString(referrer); |
| addHTTPOriginIfNeeded(request, referrerOrigin->toString()); |
| } |
| if (&m_frame.tree().top() != &m_frame) |
| request.setDomainForCachePartition(m_frame.tree().top().document()->domainForCachePartition()); |
| |
| addExtraFieldsToRequest(request, newLoadType, true); |
| if (isReload(newLoadType)) |
| request.setCachePolicy(ReloadIgnoringCacheData); |
| |
| ASSERT(newLoadType != FrameLoadType::Same); |
| |
| // The search for a target frame is done earlier in the case of form submission. |
| Frame* targetFrame = isFormSubmission ? nullptr : findFrameForNavigation(frameName); |
| if (targetFrame && targetFrame != &m_frame) { |
| frameLoadRequest.setFrameName("_self"); |
| targetFrame->loader().loadURL(WTFMove(frameLoadRequest), referrer, newLoadType, event, formState, completionHandlerCaller.release()); |
| return; |
| } |
| |
| if (!isNavigationAllowed()) |
| return; |
| |
| NavigationAction action { frameLoadRequest.requester(), request, frameLoadRequest.initiatedByMainFrame(), newLoadType, isFormSubmission, event, frameLoadRequest.shouldOpenExternalURLsPolicy(), frameLoadRequest.downloadAttribute() }; |
| action.setIsCrossOriginWindowOpenNavigation(frameLoadRequest.isCrossOriginWindowOpenNavigation()); |
| if (auto* opener = this->opener()) { |
| auto pageID = opener->loader().client().pageID(); |
| auto frameID = opener->loader().client().frameID(); |
| if (pageID && frameID) |
| action.setOpener(std::make_pair(*pageID, *frameID)); |
| } |
| |
| if (!targetFrame && !frameName.isEmpty()) { |
| action = action.copyWithShouldOpenExternalURLsPolicy(shouldOpenExternalURLsPolicyToApply(m_frame, frameLoadRequest)); |
| policyChecker().checkNewWindowPolicy(WTFMove(action), request, formState, frameName, [this, allowNavigationToInvalidURL, openerPolicy, completionHandler = completionHandlerCaller.release()] (const ResourceRequest& request, FormState* formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) { |
| continueLoadAfterNewWindowPolicy(request, formState, frameName, action, shouldContinue, allowNavigationToInvalidURL, openerPolicy); |
| completionHandler(); |
| }); |
| return; |
| } |
| |
| RefPtr<DocumentLoader> oldDocumentLoader = m_documentLoader; |
| |
| bool sameURL = shouldTreatURLAsSameAsCurrent(newURL); |
| const String& httpMethod = request.httpMethod(); |
| |
| // Make sure to do scroll to fragment processing even if the URL is |
| // exactly the same so pages with '#' links and DHTML side effects |
| // work properly. |
| if (shouldPerformFragmentNavigation(isFormSubmission, httpMethod, newLoadType, newURL)) { |
| oldDocumentLoader->setTriggeringAction(action); |
| oldDocumentLoader->setLastCheckedRequest(ResourceRequest()); |
| policyChecker().stopCheck(); |
| policyChecker().setLoadType(newLoadType); |
| policyChecker().checkNavigationPolicy(ResourceRequest(request), false /* didReceiveRedirectResponse */, oldDocumentLoader.get(), formState, [this, protectedFrame = makeRef(m_frame)] (const ResourceRequest& request, FormState*, ShouldContinue shouldContinue) { |
| continueFragmentScrollAfterNavigationPolicy(request, shouldContinue == ShouldContinue::Yes); |
| }, PolicyDecisionMode::Synchronous); |
| return; |
| } |
| |
| // must grab this now, since this load may stop the previous load and clear this flag |
| bool isRedirect = m_quickRedirectComing; |
| loadWithNavigationAction(request, action, lockHistory, newLoadType, formState, allowNavigationToInvalidURL, [this, isRedirect, sameURL, newLoadType, protectedFrame = makeRef(m_frame), completionHandler = completionHandlerCaller.release()] { |
| if (isRedirect) { |
| m_quickRedirectComing = false; |
| if (m_provisionalDocumentLoader) |
| m_provisionalDocumentLoader->setIsClientRedirect(true); |
| else if (m_policyDocumentLoader) |
| m_policyDocumentLoader->setIsClientRedirect(true); |
| } else if (sameURL && !isReload(newLoadType)) { |
| // Example of this case are sites that reload the same URL with a different cookie |
| // driving the generated content, or a master frame with links that drive a target |
| // frame, where the user has clicked on the same link repeatedly. |
| m_loadType = FrameLoadType::Same; |
| } |
| completionHandler(); |
| }); |
| } |
| |
| SubstituteData FrameLoader::defaultSubstituteDataForURL(const URL& url) |
| { |
| if (!shouldTreatURLAsSrcdocDocument(url)) |
| return SubstituteData(); |
| auto& srcdoc = m_frame.ownerElement()->attributeWithoutSynchronization(srcdocAttr); |
| ASSERT(!srcdoc.isNull()); |
| CString encodedSrcdoc = srcdoc.string().utf8(); |
| |
| ResourceResponse response(URL(), ASCIILiteral("text/html"), encodedSrcdoc.length(), ASCIILiteral("UTF-8")); |
| return SubstituteData(SharedBuffer::create(encodedSrcdoc.data(), encodedSrcdoc.length()), URL(), response, SubstituteData::SessionHistoryVisibility::Hidden); |
| } |
| |
| void FrameLoader::load(FrameLoadRequest&& request) |
| { |
| if (m_inStopAllLoaders) |
| return; |
| |
| if (!request.frameName().isEmpty()) { |
| Frame* frame = findFrameForNavigation(request.frameName()); |
| if (frame) { |
| request.setShouldCheckNewWindowPolicy(false); |
| if (&frame->loader() != this) { |
| frame->loader().load(WTFMove(request)); |
| return; |
| } |
| } |
| } |
| |
| if (request.shouldCheckNewWindowPolicy()) { |
| NavigationAction action { request.requester(), request.resourceRequest(), InitiatedByMainFrame::Unknown, NavigationType::Other, request.shouldOpenExternalURLsPolicy() }; |
| policyChecker().checkNewWindowPolicy(WTFMove(action), request.resourceRequest(), nullptr, request.frameName(), [this] (const ResourceRequest& request, FormState* formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) { |
| continueLoadAfterNewWindowPolicy(request, formState, frameName, action, shouldContinue, AllowNavigationToInvalidURL::Yes, NewFrameOpenerPolicy::Suppress); |
| }); |
| |
| return; |
| } |
| |
| if (!request.hasSubstituteData()) |
| request.setSubstituteData(defaultSubstituteDataForURL(request.resourceRequest().url())); |
| |
| Ref<DocumentLoader> loader = m_client.createDocumentLoader(request.resourceRequest(), request.substituteData()); |
| addSameSiteInfoToRequestIfNeeded(loader->request()); |
| applyShouldOpenExternalURLsPolicyToNewDocumentLoader(m_frame, loader, request); |
| |
| SetForScope<bool> currentLoadShouldCheckNavigationPolicyGuard(m_currentLoadShouldCheckNavigationPolicy, request.shouldCheckNavigationPolicy()); |
| load(loader.ptr()); |
| } |
| |
| void FrameLoader::loadWithNavigationAction(const ResourceRequest& request, const NavigationAction& action, LockHistory lockHistory, FrameLoadType type, FormState* formState, AllowNavigationToInvalidURL allowNavigationToInvalidURL, CompletionHandler<void()>&& completionHandler) |
| { |
| Ref<DocumentLoader> loader = m_client.createDocumentLoader(request, defaultSubstituteDataForURL(request.url())); |
| applyShouldOpenExternalURLsPolicyToNewDocumentLoader(m_frame, loader, action.initiatedByMainFrame(), action.shouldOpenExternalURLsPolicy()); |
| |
| if (lockHistory == LockHistory::Yes && m_documentLoader) |
| loader->setClientRedirectSourceForHistory(m_documentLoader->didCreateGlobalHistoryEntry() ? m_documentLoader->urlForHistory().string() : m_documentLoader->clientRedirectSourceForHistory()); |
| |
| loader->setTriggeringAction(action); |
| if (m_documentLoader) |
| loader->setOverrideEncoding(m_documentLoader->overrideEncoding()); |
| |
| loadWithDocumentLoader(loader.ptr(), type, formState, allowNavigationToInvalidURL, NavigationPolicyCheck::Require, WTFMove(completionHandler)); |
| } |
| |
| void FrameLoader::load(DocumentLoader* newDocumentLoader) |
| { |
| ResourceRequest& r = newDocumentLoader->request(); |
| addExtraFieldsToMainResourceRequest(r); |
| FrameLoadType type; |
| |
| if (shouldTreatURLAsSameAsCurrent(newDocumentLoader->originalRequest().url())) { |
| r.setCachePolicy(ReloadIgnoringCacheData); |
| type = FrameLoadType::Same; |
| } else if (shouldTreatURLAsSameAsCurrent(newDocumentLoader->unreachableURL()) && isReload(m_loadType)) |
| type = m_loadType; |
| else if (m_loadType == FrameLoadType::RedirectWithLockedBackForwardList && !newDocumentLoader->unreachableURL().isEmpty() && newDocumentLoader->substituteData().isValid()) |
| type = FrameLoadType::RedirectWithLockedBackForwardList; |
| else |
| type = FrameLoadType::Standard; |
| |
| if (m_documentLoader) |
| newDocumentLoader->setOverrideEncoding(m_documentLoader->overrideEncoding()); |
| |
| // When we loading alternate content for an unreachable URL that we're |
| // visiting in the history list, we treat it as a reload so the history list |
| // is appropriately maintained. |
| // |
| // FIXME: This seems like a dangerous overloading of the meaning of "FrameLoadType::Reload" ... |
| // shouldn't a more explicit type of reload be defined, that means roughly |
| // "load without affecting history" ? |
| if (shouldReloadToHandleUnreachableURL(newDocumentLoader)) { |
| // shouldReloadToHandleUnreachableURL() returns true only when the original load type is back-forward. |
| // In this case we should save the document state now. Otherwise the state can be lost because load type is |
| // changed and updateForBackForwardNavigation() will not be called when loading is committed. |
| history().saveDocumentAndScrollState(); |
| |
| ASSERT(type == FrameLoadType::Standard); |
| type = FrameLoadType::Reload; |
| } |
| |
| loadWithDocumentLoader(newDocumentLoader, type, 0, AllowNavigationToInvalidURL::Yes, NavigationPolicyCheck::Require, [] { }); |
| } |
| |
| void FrameLoader::loadWithDocumentLoader(DocumentLoader* loader, FrameLoadType type, FormState* formState, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NavigationPolicyCheck, CompletionHandler<void()>&& completionHandler) |
| { |
| // Retain because dispatchBeforeLoadEvent may release the last reference to it. |
| Ref<Frame> protect(m_frame); |
| |
| CompletionHandlerCallingScope completionHandlerCaller(WTFMove(completionHandler)); |
| |
| ASSERT(m_client.hasWebView()); |
| |
| // Unfortunately the view must be non-nil, this is ultimately due |
| // to parser requiring a FrameView. We should fix this dependency. |
| |
| ASSERT(m_frame.view()); |
| |
| if (!isNavigationAllowed()) |
| return; |
| |
| if (m_frame.document()) |
| m_previousURL = m_frame.document()->url(); |
| |
| const URL& newURL = loader->request().url(); |
| |
| // Log main frame navigation types. |
| if (m_frame.isMainFrame()) { |
| if (auto* page = m_frame.page()) { |
| page->mainFrameLoadStarted(newURL, type); |
| page->performanceLogging().didReachPointOfInterest(PerformanceLogging::MainFrameLoadStarted); |
| } |
| } |
| |
| policyChecker().setLoadType(type); |
| bool isFormSubmission = formState; |
| |
| const String& httpMethod = loader->request().httpMethod(); |
| |
| if (shouldPerformFragmentNavigation(isFormSubmission, httpMethod, policyChecker().loadType(), newURL)) { |
| RefPtr<DocumentLoader> oldDocumentLoader = m_documentLoader; |
| NavigationAction action { *m_frame.document(), loader->request(), InitiatedByMainFrame::Unknown, policyChecker().loadType(), isFormSubmission }; |
| |
| oldDocumentLoader->setTriggeringAction(action); |
| oldDocumentLoader->setLastCheckedRequest(ResourceRequest()); |
| policyChecker().stopCheck(); |
| policyChecker().checkNavigationPolicy(ResourceRequest(loader->request()), false /* didReceiveRedirectResponse */, oldDocumentLoader.get(), formState, [this, protectedFrame = makeRef(m_frame)] (const ResourceRequest& request, FormState*, ShouldContinue shouldContinue) { |
| continueFragmentScrollAfterNavigationPolicy(request, shouldContinue == ShouldContinue::Yes); |
| }, PolicyDecisionMode::Synchronous); |
| return; |
| } |
| |
| if (Frame* parent = m_frame.tree().parent()) |
| loader->setOverrideEncoding(parent->loader().documentLoader()->overrideEncoding()); |
| |
| policyChecker().stopCheck(); |
| setPolicyDocumentLoader(loader); |
| if (loader->triggeringAction().isEmpty()) |
| loader->setTriggeringAction({ *m_frame.document(), loader->request(), InitiatedByMainFrame::Unknown, policyChecker().loadType(), isFormSubmission }); |
| |
| if (Element* ownerElement = m_frame.ownerElement()) { |
| // We skip dispatching the beforeload event if we've already |
| // committed a real document load because the event would leak |
| // subsequent activity by the frame which the parent frame isn't |
| // supposed to learn. For example, if the child frame navigated to |
| // a new URL, the parent frame shouldn't learn the URL. |
| if (!m_stateMachine.committedFirstRealDocumentLoad() |
| && !ownerElement->dispatchBeforeLoadEvent(loader->request().url().string())) { |
| continueLoadAfterNavigationPolicy(loader->request(), formState, ShouldContinue::No, allowNavigationToInvalidURL); |
| return; |
| } |
| } |
| |
| m_frame.navigationScheduler().cancel(true); |
| |
| if (!m_currentLoadShouldCheckNavigationPolicy) { |
| continueLoadAfterNavigationPolicy(loader->request(), formState, ShouldContinue::Yes, allowNavigationToInvalidURL); |
| return; |
| } |
| |
| policyChecker().checkNavigationPolicy(ResourceRequest(loader->request()), false /* didReceiveRedirectResponse */, loader, formState, [this, protectedFrame = makeRef(m_frame), allowNavigationToInvalidURL, completionHandler = completionHandlerCaller.release()] (const ResourceRequest& request, FormState* formState, ShouldContinue shouldContinue) { |
| continueLoadAfterNavigationPolicy(request, formState, shouldContinue, allowNavigationToInvalidURL); |
| completionHandler(); |
| }); |
| } |
| |
| void FrameLoader::clearProvisionalLoadForPolicyCheck() |
| { |
| if (!m_policyDocumentLoader || !m_provisionalDocumentLoader) |
| return; |
| |
| m_provisionalDocumentLoader->stopLoading(); |
| setProvisionalDocumentLoader(nullptr); |
| } |
| |
| void FrameLoader::reportLocalLoadFailed(Frame* frame, const String& url) |
| { |
| ASSERT(!url.isEmpty()); |
| if (!frame) |
| return; |
| |
| frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to load local resource: " + url); |
| } |
| |
| void FrameLoader::reportBlockedPortFailed(Frame* frame, const String& url) |
| { |
| ASSERT(!url.isEmpty()); |
| if (!frame) |
| return; |
| |
| frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to use restricted network port: " + url); |
| } |
| |
| void FrameLoader::reportAuthenticationChallengeBlocked(Frame* frame, const URL& url, const String& reason) |
| { |
| if (!frame) |
| return; |
| |
| frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, makeString("Blocked ", url.stringCenterEllipsizedToLength(), " from asking for credentials because ", reason, '.')); |
| } |
| |
| const ResourceRequest& FrameLoader::initialRequest() const |
| { |
| return activeDocumentLoader()->originalRequest(); |
| } |
| |
| bool FrameLoader::willLoadMediaElementURL(URL& url) |
| { |
| #if PLATFORM(IOS) |
| // MobileStore depends on the iOS 4.0 era client delegate method because webView:resource:willSendRequest:redirectResponse:fromDataSource |
| // doesn't let them tell when a load request is coming from a media element. See <rdar://problem/8266916> for more details. |
| if (IOSApplication::isMobileStore()) |
| return m_client.shouldLoadMediaElementURL(url); |
| #endif |
| |
| ResourceRequest request(url); |
| |
| unsigned long identifier; |
| ResourceError error; |
| requestFromDelegate(request, identifier, error); |
| notifier().sendRemainingDelegateMessages(m_documentLoader.get(), identifier, request, ResourceResponse(url, String(), -1, String()), 0, -1, -1, error); |
| |
| url = request.url(); |
| |
| return error.isNull(); |
| } |
| |
| bool FrameLoader::shouldReloadToHandleUnreachableURL(DocumentLoader* docLoader) |
| { |
| URL unreachableURL = docLoader->unreachableURL(); |
| |
| if (unreachableURL.isEmpty()) |
| return false; |
| |
| if (!isBackForwardLoadType(policyChecker().loadType())) |
| return false; |
| |
| // We only treat unreachableURLs specially during the delegate callbacks |
| // for provisional load errors and navigation policy decisions. The former |
| // case handles well-formed URLs that can't be loaded, and the latter |
| // case handles malformed URLs and unknown schemes. Loading alternate content |
| // at other times behaves like a standard load. |
| if (policyChecker().delegateIsDecidingNavigationPolicy() || policyChecker().delegateIsHandlingUnimplementablePolicy()) |
| return m_policyDocumentLoader && unreachableURL == m_policyDocumentLoader->request().url(); |
| |
| return unreachableURL == m_provisionalLoadErrorBeingHandledURL; |
| } |
| |
| void FrameLoader::reloadWithOverrideEncoding(const String& encoding) |
| { |
| if (!m_documentLoader) |
| return; |
| |
| ResourceRequest request = m_documentLoader->request(); |
| URL unreachableURL = m_documentLoader->unreachableURL(); |
| if (!unreachableURL.isEmpty()) |
| request.setURL(unreachableURL); |
| |
| // FIXME: If the resource is a result of form submission and is not cached, the form will be silently resubmitted. |
| // We should ask the user for confirmation in this case. |
| request.setCachePolicy(ReturnCacheDataElseLoad); |
| |
| Ref<DocumentLoader> loader = m_client.createDocumentLoader(request, defaultSubstituteDataForURL(request.url())); |
| applyShouldOpenExternalURLsPolicyToNewDocumentLoader(m_frame, loader, InitiatedByMainFrame::Unknown, m_documentLoader->shouldOpenExternalURLsPolicyToPropagate()); |
| |
| setPolicyDocumentLoader(loader.ptr()); |
| |
| loader->setOverrideEncoding(encoding); |
| |
| loadWithDocumentLoader(loader.ptr(), FrameLoadType::Reload, 0, AllowNavigationToInvalidURL::Yes, NavigationPolicyCheck::Require, [] { }); |
| } |
| |
| void FrameLoader::reload(OptionSet<ReloadOption> options) |
| { |
| if (!m_documentLoader) |
| return; |
| |
| // If a window is created by javascript, its main frame can have an empty but non-nil URL. |
| // Reloading in this case will lose the current contents (see 4151001). |
| if (m_documentLoader->request().url().isEmpty()) |
| return; |
| |
| // Replace error-page URL with the URL we were trying to reach. |
| ResourceRequest initialRequest = m_documentLoader->request(); |
| URL unreachableURL = m_documentLoader->unreachableURL(); |
| if (!unreachableURL.isEmpty()) |
| initialRequest.setURL(unreachableURL); |
| |
| // Create a new document loader for the reload, this will become m_documentLoader eventually, |
| // but first it has to be the "policy" document loader, and then the "provisional" document loader. |
| Ref<DocumentLoader> loader = m_client.createDocumentLoader(initialRequest, defaultSubstituteDataForURL(initialRequest.url())); |
| applyShouldOpenExternalURLsPolicyToNewDocumentLoader(m_frame, loader, InitiatedByMainFrame::Unknown, m_documentLoader->shouldOpenExternalURLsPolicyToPropagate()); |
| |
| loader->setUserContentExtensionsEnabled(!options.contains(ReloadOption::DisableContentBlockers)); |
| |
| ResourceRequest& request = loader->request(); |
| |
| // FIXME: We don't have a mechanism to revalidate the main resource without reloading at the moment. |
| request.setCachePolicy(ReloadIgnoringCacheData); |
| |
| addSameSiteInfoToRequestIfNeeded(request); |
| |
| // If we're about to re-post, set up action so the application can warn the user. |
| if (request.httpMethod() == "POST") |
| loader->setTriggeringAction({ *m_frame.document(), request, InitiatedByMainFrame::Unknown, NavigationType::FormResubmitted }); |
| |
| loader->setOverrideEncoding(m_documentLoader->overrideEncoding()); |
| |
| auto frameLoadTypeForReloadOptions = [] (auto options) { |
| if (options.contains(ReloadOption::FromOrigin)) |
| return FrameLoadType::ReloadFromOrigin; |
| if (options.contains(ReloadOption::ExpiredOnly)) |
| return FrameLoadType::ReloadExpiredOnly; |
| return FrameLoadType::Reload; |
| }; |
| |
| loadWithDocumentLoader(loader.ptr(), frameLoadTypeForReloadOptions(options), 0, AllowNavigationToInvalidURL::Yes, NavigationPolicyCheck::Require, [] { }); |
| } |
| |
| void FrameLoader::stopAllLoaders(ClearProvisionalItemPolicy clearProvisionalItemPolicy) |
| { |
| ASSERT(!m_frame.document() || m_frame.document()->pageCacheState() != Document::InPageCache); |
| if (!isStopLoadingAllowed()) |
| return; |
| |
| // If this method is called from within this method, infinite recursion can occur (3442218). Avoid this. |
| if (m_inStopAllLoaders) |
| return; |
| |
| // This method might dispatch events. |
| RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(ScriptDisallowedScope::InMainThread::isScriptAllowed()); |
| |
| // Calling stopLoading() on the provisional document loader can blow away |
| // the frame from underneath. |
| Ref<Frame> protect(m_frame); |
| |
| m_inStopAllLoaders = true; |
| |
| policyChecker().stopCheck(); |
| |
| // If no new load is in progress, we should clear the provisional item from history |
| // before we call stopLoading. |
| if (clearProvisionalItemPolicy == ShouldClearProvisionalItem) |
| history().setProvisionalItem(nullptr); |
| |
| for (RefPtr<Frame> child = m_frame.tree().firstChild(); child; child = child->tree().nextSibling()) |
| child->loader().stopAllLoaders(clearProvisionalItemPolicy); |
| if (m_provisionalDocumentLoader) |
| m_provisionalDocumentLoader->stopLoading(); |
| if (m_documentLoader) |
| m_documentLoader->stopLoading(); |
| |
| setProvisionalDocumentLoader(nullptr); |
| |
| m_checkTimer.stop(); |
| |
| m_inStopAllLoaders = false; |
| } |
| |
| void FrameLoader::stopForUserCancel(bool deferCheckLoadComplete) |
| { |
| // Calling stopAllLoaders can cause the frame to be deallocated, including the frame loader. |
| Ref<Frame> protectedFrame(m_frame); |
| |
| stopAllLoaders(); |
| |
| #if PLATFORM(IOS) |
| // Lay out immediately when stopping to immediately clear the old page if we just committed this one |
| // but haven't laid out/painted yet. |
| // FIXME: Is this behavior specific to iOS? Or should we expose a setting to toggle this behavior? |
| if (m_frame.view() && !m_frame.view()->didFirstLayout()) |
| m_frame.view()->layoutContext().layout(); |
| #endif |
| |
| if (deferCheckLoadComplete) |
| scheduleCheckLoadComplete(); |
| else if (m_frame.page()) |
| checkLoadComplete(); |
| } |
| |
| DocumentLoader* FrameLoader::activeDocumentLoader() const |
| { |
| if (m_state == FrameStateProvisional) |
| return m_provisionalDocumentLoader.get(); |
| return m_documentLoader.get(); |
| } |
| |
| bool FrameLoader::isLoading() const |
| { |
| DocumentLoader* docLoader = activeDocumentLoader(); |
| if (!docLoader) |
| return false; |
| return docLoader->isLoading(); |
| } |
| |
| bool FrameLoader::frameHasLoaded() const |
| { |
| return m_stateMachine.committedFirstRealDocumentLoad() || (m_provisionalDocumentLoader && !m_stateMachine.creatingInitialEmptyDocument()); |
| } |
| |
| void FrameLoader::setDocumentLoader(DocumentLoader* loader) |
| { |
| if (!loader && !m_documentLoader) |
| return; |
| |
| ASSERT(loader != m_documentLoader); |
| ASSERT(!loader || loader->frameLoader() == this); |
| |
| m_client.prepareForDataSourceReplacement(); |
| detachChildren(); |
| |
| // detachChildren() can trigger this frame's unload event, and therefore |
| // script can run and do just about anything. For example, an unload event that calls |
| // document.write("") on its parent frame can lead to a recursive detachChildren() |
| // invocation for this frame. In that case, we can end up at this point with a |
| // loader that hasn't been deleted but has been detached from its frame. Such a |
| // DocumentLoader has been sufficiently detached that we'll end up in an inconsistent |
| // state if we try to use it. |
| if (loader && !loader->frame()) |
| return; |
| |
| if (m_documentLoader) |
| m_documentLoader->detachFromFrame(); |
| |
| m_documentLoader = loader; |
| } |
| |
| void FrameLoader::setPolicyDocumentLoader(DocumentLoader* loader) |
| { |
| if (m_policyDocumentLoader == loader) |
| return; |
| |
| if (loader) |
| loader->attachToFrame(m_frame); |
| if (m_policyDocumentLoader |
| && m_policyDocumentLoader != m_provisionalDocumentLoader |
| && m_policyDocumentLoader != m_documentLoader) |
| m_policyDocumentLoader->detachFromFrame(); |
| |
| m_policyDocumentLoader = loader; |
| } |
| |
| void FrameLoader::setProvisionalDocumentLoader(DocumentLoader* loader) |
| { |
| ASSERT(!loader || !m_provisionalDocumentLoader); |
| ASSERT(!loader || loader->frameLoader() == this); |
| |
| if (m_provisionalDocumentLoader && m_provisionalDocumentLoader != m_documentLoader) |
| m_provisionalDocumentLoader->detachFromFrame(); |
| |
| m_provisionalDocumentLoader = loader; |
| } |
| |
| void FrameLoader::setState(FrameState newState) |
| { |
| FrameState oldState = m_state; |
| m_state = newState; |
| |
| if (newState == FrameStateProvisional) |
| provisionalLoadStarted(); |
| else if (newState == FrameStateComplete) { |
| frameLoadCompleted(); |
| if (m_documentLoader) |
| m_documentLoader->stopRecordingResponses(); |
| if (m_frame.isMainFrame() && oldState != newState) |
| m_frame.page()->performanceLogging().didReachPointOfInterest(PerformanceLogging::MainFrameLoadCompleted); |
| } |
| } |
| |
| void FrameLoader::clearProvisionalLoad() |
| { |
| setProvisionalDocumentLoader(nullptr); |
| m_progressTracker->progressCompleted(); |
| setState(FrameStateComplete); |
| } |
| |
| void FrameLoader::commitProvisionalLoad() |
| { |
| RefPtr<DocumentLoader> pdl = m_provisionalDocumentLoader; |
| Ref<Frame> protect(m_frame); |
| |
| std::unique_ptr<CachedPage> cachedPage; |
| if (m_loadingFromCachedPage && history().provisionalItem()) |
| cachedPage = PageCache::singleton().take(*history().provisionalItem(), m_frame.page()); |
| |
| LOG(PageCache, "WebCoreLoading %s: About to commit provisional load from previous URL '%s' to new URL '%s' with cached page %p", m_frame.tree().uniqueName().string().utf8().data(), |
| m_frame.document() ? m_frame.document()->url().stringCenterEllipsizedToLength().utf8().data() : "", |
| pdl ? pdl->url().stringCenterEllipsizedToLength().utf8().data() : "<no provisional DocumentLoader>", cachedPage.get()); |
| |
| willTransitionToCommitted(); |
| |
| if (!m_frame.tree().parent() && history().currentItem()) { |
| // Check to see if we need to cache the page we are navigating away from into the back/forward cache. |
| // We are doing this here because we know for sure that a new page is about to be loaded. |
| PageCache::singleton().addIfCacheable(*history().currentItem(), m_frame.page()); |
| |
| WebCore::jettisonExpensiveObjectsOnTopLevelNavigation(); |
| } |
| |
| if (m_loadType != FrameLoadType::Replace) |
| closeOldDataSources(); |
| |
| if (!cachedPage && !m_stateMachine.creatingInitialEmptyDocument()) |
| m_client.makeRepresentation(pdl.get()); |
| |
| transitionToCommitted(cachedPage.get()); |
| |
| if (pdl && m_documentLoader) { |
| // Check if the destination page is allowed to access the previous page's timing information. |
| Ref<SecurityOrigin> securityOrigin(SecurityOrigin::create(pdl->request().url())); |
| m_documentLoader->timing().setHasSameOriginAsPreviousDocument(securityOrigin.get().canRequest(m_previousURL)); |
| } |
| |
| // Call clientRedirectCancelledOrFinished() here so that the frame load delegate is notified that the redirect's |
| // status has changed, if there was a redirect. The frame load delegate may have saved some state about |
| // the redirect in its -webView:willPerformClientRedirectToURL:delay:fireDate:forFrame:. Since we are |
| // just about to commit a new page, there cannot possibly be a pending redirect at this point. |
| if (m_sentRedirectNotification) |
| clientRedirectCancelledOrFinished(false); |
| |
| if (cachedPage && cachedPage->document()) { |
| #if PLATFORM(IOS) |
| // FIXME: CachedPage::restore() would dispatch viewport change notification. However UIKit expects load |
| // commit to happen before any changes to viewport arguments and dealing with this there is difficult. |
| m_frame.page()->chrome().setDispatchViewportDataDidChangeSuppressed(true); |
| #endif |
| willRestoreFromCachedPage(); |
| |
| // Start request for the main resource and dispatch didReceiveResponse before the load is committed for |
| // consistency with all other loads. See https://bugs.webkit.org/show_bug.cgi?id=150927. |
| ResourceError mainResouceError; |
| unsigned long mainResourceIdentifier; |
| ResourceRequest mainResourceRequest(cachedPage->documentLoader()->request()); |
| requestFromDelegate(mainResourceRequest, mainResourceIdentifier, mainResouceError); |
| notifier().dispatchDidReceiveResponse(cachedPage->documentLoader(), mainResourceIdentifier, cachedPage->documentLoader()->response()); |
| |
| std::optional<HasInsecureContent> hasInsecureContent = cachedPage->cachedMainFrame()->hasInsecureContent(); |
| |
| // FIXME: This API should be turned around so that we ground CachedPage into the Page. |
| cachedPage->restore(*m_frame.page()); |
| |
| dispatchDidCommitLoad(hasInsecureContent); |
| |
| #if PLATFORM(IOS) |
| m_frame.page()->chrome().setDispatchViewportDataDidChangeSuppressed(false); |
| m_frame.page()->chrome().dispatchViewportPropertiesDidChange(m_frame.page()->viewportArguments()); |
| #endif |
| |
| auto& title = m_documentLoader->title(); |
| if (!title.string.isNull()) |
| m_client.dispatchDidReceiveTitle(title); |
| |
| // Send remaining notifications for the main resource. |
| notifier().sendRemainingDelegateMessages(m_documentLoader.get(), mainResourceIdentifier, mainResourceRequest, ResourceResponse(), |
| nullptr, static_cast<int>(m_documentLoader->response().expectedContentLength()), 0, mainResouceError); |
| |
| checkCompleted(); |
| } else |
| didOpenURL(); |
| |
| LOG(Loading, "WebCoreLoading %s: Finished committing provisional load to URL %s", m_frame.tree().uniqueName().string().utf8().data(), |
| m_frame.document() ? m_frame.document()->url().stringCenterEllipsizedToLength().utf8().data() : ""); |
| |
| if (m_loadType == FrameLoadType::Standard && m_documentLoader->isClientRedirect()) |
| history().updateForClientRedirect(); |
| |
| if (m_loadingFromCachedPage) { |
| // Note, didReceiveDocType is expected to be called for cached pages. See <rdar://problem/5906758> for more details. |
| if (auto* page = m_frame.page()) |
| page->chrome().didReceiveDocType(m_frame); |
| m_frame.document()->resume(ActiveDOMObject::PageCache); |
| |
| // Force a layout to update view size and thereby update scrollbars. |
| #if PLATFORM(IOS) |
| if (!m_client.forceLayoutOnRestoreFromPageCache()) |
| m_frame.view()->forceLayout(); |
| #else |
| m_frame.view()->forceLayout(); |
| #endif |
| |
| // Main resource delegates were already sent, so we skip the first response here. |
| for (unsigned i = 1; i < m_documentLoader->responses().size(); ++i) { |
| const auto& response = m_documentLoader->responses()[i]; |
| // FIXME: If the WebKit client changes or cancels the request, this is not respected. |
| ResourceError error; |
| unsigned long identifier; |
| ResourceRequest request(response.url()); |
| requestFromDelegate(request, identifier, error); |
| // FIXME: If we get a resource with more than 2B bytes, this code won't do the right thing. |
| // However, with today's computers and networking speeds, this won't happen in practice. |
| // Could be an issue with a giant local file. |
| notifier().sendRemainingDelegateMessages(m_documentLoader.get(), identifier, request, response, 0, static_cast<int>(response.expectedContentLength()), 0, error); |
| } |
| |
| // FIXME: Why only this frame and not parent frames? |
| checkLoadCompleteForThisFrame(); |
| } |
| } |
| |
| void FrameLoader::transitionToCommitted(CachedPage* cachedPage) |
| { |
| ASSERT(m_client.hasWebView()); |
| ASSERT(m_state == FrameStateProvisional); |
| |
| if (m_state != FrameStateProvisional) |
| return; |
| |
| if (FrameView* view = m_frame.view()) { |
| if (ScrollAnimator* scrollAnimator = view->existingScrollAnimator()) |
| scrollAnimator->cancelAnimations(); |
| } |
| |
| m_client.setCopiesOnScroll(); |
| history().updateForCommit(); |
| |
| // The call to closeURL() invokes the unload event handler, which can execute arbitrary |
| // JavaScript. If the script initiates a new load, we need to abandon the current load, |
| // or the two will stomp each other. |
| DocumentLoader* pdl = m_provisionalDocumentLoader.get(); |
| if (m_documentLoader) |
| closeURL(); |
| if (pdl != m_provisionalDocumentLoader) |
| return; |
| |
| if (m_documentLoader) |
| m_documentLoader->stopLoadingSubresources(); |
| if (m_documentLoader) |
| m_documentLoader->stopLoadingPlugIns(); |
| |
| // Setting our document loader invokes the unload event handler of our child frames. |
| // Script can do anything. If the script initiates a new load, we need to abandon the |
| // current load or the two will stomp each other. |
| setDocumentLoader(m_provisionalDocumentLoader.get()); |
| if (pdl != m_provisionalDocumentLoader) |
| return; |
| setProvisionalDocumentLoader(nullptr); |
| |
| // Nothing else can interrupt this commit - set the Provisional->Committed transition in stone |
| setState(FrameStateCommittedPage); |
| |
| // Handle adding the URL to the back/forward list. |
| DocumentLoader* dl = m_documentLoader.get(); |
| |
| switch (m_loadType) { |
| case FrameLoadType::Forward: |
| case FrameLoadType::Back: |
| case FrameLoadType::IndexedBackForward: |
| if (m_frame.page()) { |
| // If the first load within a frame is a navigation within a back/forward list that was attached |
| // without any of the items being loaded then we need to update the history in a similar manner as |
| // for a standard load with the exception of updating the back/forward list (<rdar://problem/8091103>). |
| if (!m_stateMachine.committedFirstRealDocumentLoad() && m_frame.isMainFrame()) |
| history().updateForStandardLoad(HistoryController::UpdateAllExceptBackForwardList); |
| |
| history().updateForBackForwardNavigation(); |
| |
| // For cached pages, CachedFrame::restore will take care of firing the popstate event with the history item's state object |
| if (history().currentItem() && !cachedPage) |
| m_pendingStateObject = history().currentItem()->stateObject(); |
| |
| // Create a document view for this document, or used the cached view. |
| if (cachedPage) { |
| DocumentLoader* cachedDocumentLoader = cachedPage->documentLoader(); |
| ASSERT(cachedDocumentLoader); |
| cachedDocumentLoader->attachToFrame(m_frame); |
| m_client.transitionToCommittedFromCachedFrame(cachedPage->cachedMainFrame()); |
| } else |
| m_client.transitionToCommittedForNewPage(); |
| } |
| break; |
| |
| case FrameLoadType::Reload: |
| case FrameLoadType::ReloadFromOrigin: |
| case FrameLoadType::ReloadExpiredOnly: |
| case FrameLoadType::Same: |
| case FrameLoadType::Replace: |
| history().updateForReload(); |
| m_client.transitionToCommittedForNewPage(); |
| break; |
| |
| case FrameLoadType::Standard: |
| history().updateForStandardLoad(); |
| if (m_frame.view()) |
| m_frame.view()->setScrollbarsSuppressed(true); |
| m_client.transitionToCommittedForNewPage(); |
| break; |
| |
| case FrameLoadType::RedirectWithLockedBackForwardList: |
| history().updateForRedirectWithLockedBackForwardList(); |
| m_client.transitionToCommittedForNewPage(); |
| break; |
| } |
| |
| m_documentLoader->writer().setMIMEType(dl->responseMIMEType()); |
| |
| // Tell the client we've committed this URL. |
| ASSERT(m_frame.view()); |
| |
| if (m_stateMachine.creatingInitialEmptyDocument()) |
| return; |
| |
| if (!m_stateMachine.committedFirstRealDocumentLoad()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::DisplayingInitialEmptyDocumentPostCommit); |
| } |
| |
| void FrameLoader::clientRedirectCancelledOrFinished(bool cancelWithLoadInProgress) |
| { |
| // Note that -webView:didCancelClientRedirectForFrame: is called on the frame load delegate even if |
| // the redirect succeeded. We should either rename this API, or add a new method, like |
| // -webView:didFinishClientRedirectForFrame: |
| m_client.dispatchDidCancelClientRedirect(); |
| |
| if (!cancelWithLoadInProgress) |
| m_quickRedirectComing = false; |
| |
| m_sentRedirectNotification = false; |
| } |
| |
| void FrameLoader::clientRedirected(const URL& url, double seconds, WallTime fireDate, LockBackForwardList lockBackForwardList) |
| { |
| m_client.dispatchWillPerformClientRedirect(url, seconds, fireDate); |
| |
| // Remember that we sent a redirect notification to the frame load delegate so that when we commit |
| // the next provisional load, we can send a corresponding -webView:didCancelClientRedirectForFrame: |
| m_sentRedirectNotification = true; |
| |
| // If a "quick" redirect comes in, we set a special mode so we treat the next |
| // load as part of the original navigation. If we don't have a document loader, we have |
| // no "original" load on which to base a redirect, so we treat the redirect as a normal load. |
| // Loads triggered by JavaScript form submissions never count as quick redirects. |
| m_quickRedirectComing = (lockBackForwardList == LockBackForwardList::Yes || history().currentItemShouldBeReplaced()) && m_documentLoader && !m_isExecutingJavaScriptFormAction; |
| } |
| |
| bool FrameLoader::shouldReload(const URL& currentURL, const URL& destinationURL) |
| { |
| // This function implements the rule: "Don't reload if navigating by fragment within |
| // the same URL, but do reload if going to a new URL or to the same URL with no |
| // fragment identifier at all." |
| if (!destinationURL.hasFragmentIdentifier()) |
| return true; |
| return !equalIgnoringFragmentIdentifier(currentURL, destinationURL); |
| } |
| |
| void FrameLoader::closeOldDataSources() |
| { |
| // FIXME: Is it important for this traversal to be postorder instead of preorder? |
| // If so, add helpers for postorder traversal, and use them. If not, then lets not |
| // use a recursive algorithm here. |
| for (Frame* child = m_frame.tree().firstChild(); child; child = child->tree().nextSibling()) |
| child->loader().closeOldDataSources(); |
| |
| if (m_documentLoader) |
| m_client.dispatchWillClose(); |
| |
| m_client.setMainFrameDocumentReady(false); // stop giving out the actual DOMDocument to observers |
| } |
| |
| void FrameLoader::willRestoreFromCachedPage() |
| { |
| ASSERT(!m_frame.tree().parent()); |
| ASSERT(m_frame.page()); |
| ASSERT(m_frame.isMainFrame()); |
| |
| m_frame.navigationScheduler().cancel(); |
| |
| // We still have to close the previous part page. |
| closeURL(); |
| |
| // Delete old status bar messages (if it _was_ activated on last URL). |
| if (m_frame.script().canExecuteScripts(NotAboutToExecuteScript)) { |
| DOMWindow* window = m_frame.document()->domWindow(); |
| window->setStatus(String()); |
| window->setDefaultStatus(String()); |
| } |
| } |
| |
| void FrameLoader::open(CachedFrameBase& cachedFrame) |
| { |
| m_isComplete = false; |
| |
| // Don't re-emit the load event. |
| m_didCallImplicitClose = true; |
| |
| URL url = cachedFrame.url(); |
| |
| // FIXME: I suspect this block of code doesn't do anything. |
| if (url.protocolIsInHTTPFamily() && !url.host().isEmpty() && url.path().isEmpty()) |
| url.setPath("/"); |
| |
| started(); |
| Document* document = cachedFrame.document(); |
| ASSERT(document); |
| ASSERT(document->domWindow()); |
| |
| clear(document, true, true, cachedFrame.isMainFrame()); |
| |
| document->setPageCacheState(Document::NotInPageCache); |
| |
| m_needsClear = true; |
| m_isComplete = false; |
| m_didCallImplicitClose = false; |
| m_outgoingReferrer = url.string(); |
| |
| FrameView* view = cachedFrame.view(); |
| |
| // When navigating to a CachedFrame its FrameView should never be null. If it is we'll crash in creative ways downstream. |
| ASSERT(view); |
| view->setWasScrolledByUser(false); |
| |
| std::optional<IntRect> previousViewFrameRect = m_frame.view() ? m_frame.view()->frameRect() : std::optional<IntRect>(std::nullopt); |
| m_frame.setView(view); |
| |
| // Use the previous ScrollView's frame rect. |
| if (previousViewFrameRect) |
| view->setFrameRect(previousViewFrameRect.value()); |
| |
| m_frame.setDocument(document); |
| document->domWindow()->resumeFromDocumentSuspension(); |
| |
| updateFirstPartyForCookies(); |
| |
| cachedFrame.restore(); |
| } |
| |
| bool FrameLoader::isHostedByObjectElement() const |
| { |
| HTMLFrameOwnerElement* owner = m_frame.ownerElement(); |
| return owner && owner->hasTagName(objectTag); |
| } |
| |
| bool FrameLoader::isReplacing() const |
| { |
| return m_loadType == FrameLoadType::Replace; |
| } |
| |
| void FrameLoader::setReplacing() |
| { |
| m_loadType = FrameLoadType::Replace; |
| } |
| |
| bool FrameLoader::subframeIsLoading() const |
| { |
| // It's most likely that the last added frame is the last to load so we walk backwards. |
| for (Frame* child = m_frame.tree().lastChild(); child; child = child->tree().previousSibling()) { |
| FrameLoader& childLoader = child->loader(); |
| DocumentLoader* documentLoader = childLoader.documentLoader(); |
| if (documentLoader && documentLoader->isLoadingInAPISense()) |
| return true; |
| documentLoader = childLoader.provisionalDocumentLoader(); |
| if (documentLoader && documentLoader->isLoadingInAPISense()) |
| return true; |
| documentLoader = childLoader.policyDocumentLoader(); |
| if (documentLoader) |
| return true; |
| } |
| return false; |
| } |
| |
| void FrameLoader::willChangeTitle(DocumentLoader* loader) |
| { |
| m_client.willChangeTitle(loader); |
| } |
| |
| FrameLoadType FrameLoader::loadType() const |
| { |
| return m_loadType; |
| } |
| |
| CachePolicy FrameLoader::subresourceCachePolicy(const URL& url) const |
| { |
| if (Page* page = m_frame.page()) { |
| if (page->isResourceCachingDisabled()) |
| return CachePolicyReload; |
| } |
| |
| if (m_isComplete) |
| return CachePolicyVerify; |
| |
| if (m_loadType == FrameLoadType::ReloadFromOrigin) |
| return CachePolicyReload; |
| |
| if (Frame* parentFrame = m_frame.tree().parent()) { |
| CachePolicy parentCachePolicy = parentFrame->loader().subresourceCachePolicy(url); |
| if (parentCachePolicy != CachePolicyVerify) |
| return parentCachePolicy; |
| } |
| |
| switch (m_loadType) { |
| case FrameLoadType::Reload: |
| return CachePolicyRevalidate; |
| case FrameLoadType::Back: |
| case FrameLoadType::Forward: |
| case FrameLoadType::IndexedBackForward: |
| return CachePolicyHistoryBuffer; |
| case FrameLoadType::ReloadFromOrigin: |
| ASSERT_NOT_REACHED(); // Already handled above. |
| return CachePolicyReload; |
| case FrameLoadType::RedirectWithLockedBackForwardList: |
| case FrameLoadType::Replace: |
| case FrameLoadType::Same: |
| case FrameLoadType::Standard: |
| return CachePolicyVerify; |
| case FrameLoadType::ReloadExpiredOnly: |
| // We know about expiration for HTTP and data. Do a normal reload otherwise. |
| if (!url.protocolIsInHTTPFamily() && !url.protocolIsData()) |
| return CachePolicyReload; |
| return CachePolicyVerify; |
| } |
| |
| RELEASE_ASSERT_NOT_REACHED(); |
| return CachePolicyVerify; |
| } |
| |
| void FrameLoader::checkLoadCompleteForThisFrame() |
| { |
| ASSERT(m_client.hasWebView()); |
| |
| // FIXME: Should this check be done in checkLoadComplete instead of here? |
| // FIXME: Why does this one check need to be repeated here, and not the many others from checkCompleted? |
| if (m_frame.document()->isDelayingLoadEvent()) |
| return; |
| |
| switch (m_state) { |
| case FrameStateProvisional: { |
| // FIXME: Prohibiting any provisional load failures from being sent to clients |
| // while handling provisional load failures is too heavy. For example, the current |
| // load will fail to cancel another ongoing load. That might prevent clients' page |
| // load state being handled properly. |
| if (!m_provisionalLoadErrorBeingHandledURL.isEmpty()) |
| return; |
| |
| RefPtr<DocumentLoader> pdl = m_provisionalDocumentLoader; |
| if (!pdl) |
| return; |
| |
| // If we've received any errors we may be stuck in the provisional state and actually complete. |
| const ResourceError& error = pdl->mainDocumentError(); |
| if (error.isNull()) |
| return; |
| |
| // Check all children first. |
| RefPtr<HistoryItem> item; |
| if (Page* page = m_frame.page()) |
| if (isBackForwardLoadType(loadType())) |
| // Reset the back forward list to the last committed history item at the top level. |
| item = page->mainFrame().loader().history().currentItem(); |
| |
| // Only reset if we aren't already going to a new provisional item. |
| bool shouldReset = !history().provisionalItem(); |
| if (!pdl->isLoadingInAPISense() || pdl->isStopping()) { |
| m_provisionalLoadErrorBeingHandledURL = m_provisionalDocumentLoader->url(); |
| m_client.dispatchDidFailProvisionalLoad(error); |
| #if ENABLE(CONTENT_FILTERING) |
| if (auto contentFilter = pdl->contentFilter()) |
| contentFilter->handleProvisionalLoadFailure(error); |
| #endif |
| m_provisionalLoadErrorBeingHandledURL = { }; |
| |
| ASSERT(!pdl->isLoading()); |
| |
| // If we're in the middle of loading multipart data, we need to restore the document loader. |
| if (isReplacing() && !m_documentLoader.get()) |
| setDocumentLoader(m_provisionalDocumentLoader.get()); |
| |
| // Finish resetting the load state, but only if another load hasn't been started by the |
| // delegate callback. |
| if (pdl == m_provisionalDocumentLoader) |
| clearProvisionalLoad(); |
| else if (activeDocumentLoader()) { |
| URL unreachableURL = activeDocumentLoader()->unreachableURL(); |
| if (!unreachableURL.isEmpty() && unreachableURL == pdl->request().url()) |
| shouldReset = false; |
| } |
| } |
| if (shouldReset && item) |
| if (Page* page = m_frame.page()) { |
| page->backForward().setCurrentItem(item.get()); |
| m_frame.loader().client().updateGlobalHistoryItemForPage(); |
| } |
| return; |
| } |
| |
| case FrameStateCommittedPage: { |
| DocumentLoader* dl = m_documentLoader.get(); |
| if (!dl || (dl->isLoadingInAPISense() && !dl->isStopping())) |
| return; |
| |
| setState(FrameStateComplete); |
| |
| // FIXME: Is this subsequent work important if we already navigated away? |
| // Maybe there are bugs because of that, or extra work we can skip because |
| // the new page is ready. |
| |
| m_client.forceLayoutForNonHTML(); |
| |
| // If the user had a scroll point, scroll to it, overriding the anchor point if any. |
| if (m_frame.page()) { |
| if (isBackForwardLoadType(m_loadType) || isReload(m_loadType)) |
| history().restoreScrollPositionAndViewState(); |
| } |
| |
| if (m_stateMachine.creatingInitialEmptyDocument() || !m_stateMachine.committedFirstRealDocumentLoad()) |
| return; |
| |
| m_progressTracker->progressCompleted(); |
| Page* page = m_frame.page(); |
| if (page) { |
| if (m_frame.isMainFrame()) { |
| tracePoint(MainResourceLoadDidEnd); |
| page->didFinishLoad(); |
| } |
| } |
| |
| const ResourceError& error = dl->mainDocumentError(); |
| |
| AXObjectCache::AXLoadingEvent loadingEvent; |
| if (!error.isNull()) { |
| RELEASE_LOG_IF_ALLOWED("checkLoadCompleteForThisFrame: Finished frame load with error (frame = %p, main = %d, isTimeout = %d, isCancellation = %d, errorCode = %d)", &m_frame, m_frame.isMainFrame(), error.isTimeout(), error.isCancellation(), error.errorCode()); |
| m_client.dispatchDidFailLoad(error); |
| loadingEvent = AXObjectCache::AXLoadingFailed; |
| } else { |
| RELEASE_LOG_IF_ALLOWED("checkLoadCompleteForThisFrame: Finished frame load (frame = %p, main = %d)", &m_frame, m_frame.isMainFrame()); |
| #if ENABLE(DATA_DETECTION) |
| auto* document = m_frame.document(); |
| if (m_frame.settings().dataDetectorTypes() != DataDetectorTypeNone && document) { |
| if (auto* documentElement = document->documentElement()) { |
| RefPtr<Range> documentRange = makeRange(firstPositionInNode(documentElement), lastPositionInNode(documentElement)); |
| m_frame.setDataDetectionResults(DataDetection::detectContentInRange(documentRange, m_frame.settings().dataDetectorTypes(), m_client.dataDetectionContext())); |
| if (m_frame.isMainFrame()) |
| m_client.dispatchDidFinishDataDetection(m_frame.dataDetectionResults()); |
| } |
| } |
| #endif |
| m_client.dispatchDidFinishLoad(); |
| loadingEvent = AXObjectCache::AXLoadingFinished; |
| } |
| |
| // Notify accessibility. |
| if (auto* document = m_frame.document()) { |
| if (AXObjectCache* cache = document->existingAXObjectCache()) |
| cache->frameLoadingEventNotification(&m_frame, loadingEvent); |
| } |
| |
| // The above calls to dispatchDidFinishLoad() might have detached the Frame |
| // from its Page and also might have caused Page to be deleted. |
| // Don't assume 'page' is still available to use. |
| if (m_frame.isMainFrame() && m_frame.page()) { |
| ASSERT(&m_frame.page()->mainFrame() == &m_frame); |
| m_frame.page()->diagnosticLoggingClient().logDiagnosticMessageWithResult(DiagnosticLoggingKeys::pageLoadedKey(), emptyString(), error.isNull() ? DiagnosticLoggingResultPass : DiagnosticLoggingResultFail, ShouldSample::Yes); |
| } |
| |
| return; |
| } |
| |
| case FrameStateComplete: |
| m_loadType = FrameLoadType::Standard; |
| frameLoadCompleted(); |
| return; |
| } |
| |
| ASSERT_NOT_REACHED(); |
| } |
| |
| void FrameLoader::setOriginalURLForDownloadRequest(ResourceRequest& request) |
| { |
| // FIXME: Rename firstPartyForCookies back to mainDocumentURL. It was a mistake to think that it was only used for cookies. |
| // The originalURL is defined as the URL of the page where the download was initiated. |
| URL originalURL; |
| auto* initiator = m_frame.document(); |
| if (initiator) { |
| originalURL = initiator->firstPartyForCookies(); |
| // If there is no main document URL, it means that this document is newly opened and just for download purpose. |
| // In this case, we need to set the originalURL to this document's opener's main document URL. |
| if (originalURL.isEmpty() && opener() && opener()->document()) { |
| originalURL = opener()->document()->firstPartyForCookies(); |
| initiator = opener()->document(); |
| } |
| } |
| // If the originalURL is the same as the requested URL, we are processing a download |
| // initiated directly without a page and do not need to specify the originalURL. |
| if (originalURL == request.url()) |
| request.setFirstPartyForCookies(URL()); |
| else |
| request.setFirstPartyForCookies(originalURL); |
| addSameSiteInfoToRequestIfNeeded(request, initiator); |
| } |
| |
| void FrameLoader::didReachLayoutMilestone(LayoutMilestones milestones) |
| { |
| ASSERT(m_frame.isMainFrame()); |
| |
| m_client.dispatchDidReachLayoutMilestone(milestones); |
| } |
| |
| void FrameLoader::didFirstLayout() |
| { |
| #if PLATFORM(IOS) |
| // Only send layout-related delegate callbacks synchronously for the main frame to |
| // avoid reentering layout for the main frame while delivering a layout-related delegate |
| // callback for a subframe. |
| if (&m_frame != &m_frame.page()->mainFrame()) |
| return; |
| #endif |
| if (m_frame.page() && isBackForwardLoadType(m_loadType)) |
| history().restoreScrollPositionAndViewState(); |
| |
| if (m_stateMachine.committedFirstRealDocumentLoad() && !m_stateMachine.isDisplayingInitialEmptyDocument() && !m_stateMachine.firstLayoutDone()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::FirstLayoutDone); |
| } |
| |
| void FrameLoader::frameLoadCompleted() |
| { |
| // Note: Can be called multiple times. |
| |
| m_client.frameLoadCompleted(); |
| |
| history().updateForFrameLoadCompleted(); |
| |
| // After a canceled provisional load, firstLayoutDone is false. |
| // Reset it to true if we're displaying a page. |
| if (m_documentLoader && m_stateMachine.committedFirstRealDocumentLoad() && !m_stateMachine.isDisplayingInitialEmptyDocument() && !m_stateMachine.firstLayoutDone()) |
| m_stateMachine.advanceTo(FrameLoaderStateMachine::FirstLayoutDone); |
| } |
| |
| void FrameLoader::detachChildren() |
| { |
| // detachChildren() will fire the unload event in each subframe and the |
| // HTML specification states that the parent document's ignore-opens-during-unload counter while |
| // this event is being fired in its subframes: |
| // https://html.spec.whatwg.org/multipage/browsers.html#unload-a-document |
| IgnoreOpensDuringUnloadCountIncrementer ignoreOpensDuringUnloadCountIncrementer(m_frame.document()); |
| |
| // Any subframe inserted by unload event handlers executed in the loop below will not get unloaded |
| // because we create a copy of the subframes list before looping. Therefore, it would be unsafe to |
| // allow loading of subframes at this point. |
| SubframeLoadingDisabler subframeLoadingDisabler(m_frame.document()); |
| |
| Vector<Ref<Frame>, 16> childrenToDetach; |
| childrenToDetach.reserveInitialCapacity(m_frame.tree().childCount()); |
| for (Frame* child = m_frame.tree().lastChild(); child; child = child->tree().previousSibling()) |
| childrenToDetach.uncheckedAppend(*child); |
| for (auto& child : childrenToDetach) |
| child->loader().detachFromParent(); |
| } |
| |
| void FrameLoader::closeAndRemoveChild(Frame& child) |
| { |
| child.tree().detachFromParent(); |
| |
| child.setView(nullptr); |
| if (child.ownerElement() && child.page()) |
| child.page()->decrementSubframeCount(); |
| child.willDetachPage(); |
| child.detachFromPage(); |
| |
| m_frame.tree().removeChild(child); |
| } |
| |
| // Called every time a resource is completely loaded or an error is received. |
| void FrameLoader::checkLoadComplete() |
| { |
| m_shouldCallCheckLoadComplete = false; |
| |
| if (!m_frame.page()) |
| return; |
| |
| ASSERT(m_client.hasWebView()); |
| |
| // FIXME: Always traversing the entire frame tree is a bit inefficient, but |
| // is currently needed in order to null out the previous history item for all frames. |
| Vector<Ref<Frame>, 16> frames; |
| for (Frame* frame = &m_frame.mainFrame(); frame; frame = frame->tree().traverseNext()) |
| frames.append(*frame); |
| |
| // To process children before their parents, iterate the vector backwards. |
| for (auto frame = frames.rbegin(); frame != frames.rend(); ++frame) { |
| if ((*frame)->page()) |
| (*frame)->loader().checkLoadCompleteForThisFrame(); |
| } |
| } |
| |
| int FrameLoader::numPendingOrLoadingRequests(bool recurse) const |
| { |
| if (!recurse) |
| return m_frame.document()->cachedResourceLoader().requestCount(); |
| |
| int count = 0; |
| for (Frame* frame = &m_frame; frame; frame = frame->tree().traverseNext(&m_frame)) |
| count += frame->document()->cachedResourceLoader().requestCount(); |
| return count; |
| } |
| |
| String FrameLoader::userAgent(const URL& url) const |
| { |
| return m_client.userAgent(url); |
| } |
| |
| void FrameLoader::dispatchOnloadEvents() |
| { |
| m_client.dispatchDidDispatchOnloadEvents(); |
| |
| if (documentLoader()) |
| documentLoader()->dispatchOnloadEvents(); |
| } |
| |
| void FrameLoader::frameDetached() |
| { |
| // Calling stopAllLoaders() can cause the frame to be deallocated, including the frame loader. |
| Ref<Frame> protectedFrame(m_frame); |
| |
| if (m_frame.document()->pageCacheState() != Document::InPageCache) { |
| stopAllLoaders(); |
| m_frame.document()->stopActiveDOMObjects(); |
| } |
| |
| detachFromParent(); |
| } |
| |
| void FrameLoader::detachFromParent() |
| { |
| // Calling stopAllLoaders() can cause the frame to be deallocated, including the frame loader. |
| Ref<Frame> protect(m_frame); |
| |
| closeURL(); |
| history().saveScrollPositionAndViewStateToItem(history().currentItem()); |
| detachChildren(); |
| if (m_frame.document()->pageCacheState() != Document::InPageCache) { |
| // stopAllLoaders() needs to be called after detachChildren() if the document is not in the page cache, |
| // because detachedChildren() will trigger the unload event handlers of any child frames, and those event |
| // handlers might start a new subresource load in this frame. |
| stopAllLoaders(); |
| } |
| |
| InspectorInstrumentation::frameDetachedFromParent(m_frame); |
| |
| detachViewsAndDocumentLoader(); |
| |
| m_progressTracker = nullptr; |
| |
| if (Frame* parent = m_frame.tree().parent()) { |
| parent->loader().closeAndRemoveChild(m_frame); |
| parent->loader().scheduleCheckCompleted(); |
| parent->loader().scheduleCheckLoadComplete(); |
| } else { |
| m_frame.setView(nullptr); |
| m_frame.willDetachPage(); |
| m_frame.detachFromPage(); |
| } |
| } |
| |
| void FrameLoader::detachViewsAndDocumentLoader() |
| { |
| m_client.detachedFromParent2(); |
| setDocumentLoader(nullptr); |
| m_client.detachedFromParent3(); |
| } |
| |
| void FrameLoader::addExtraFieldsToSubresourceRequest(ResourceRequest& request) |
| { |
| addExtraFieldsToRequest(request, m_loadType, false); |
| } |
| |
| void FrameLoader::addExtraFieldsToMainResourceRequest(ResourceRequest& request) |
| { |
| // FIXME: Using m_loadType seems wrong for some callers. |
| // If we are only preparing to load the main resource, that is previous load's load type! |
| addExtraFieldsToRequest(request, m_loadType, true); |
| |
| // Upgrade-Insecure-Requests should only be added to main resource requests |
| addHTTPUpgradeInsecureRequestsIfNeeded(request); |
| } |
| |
| ResourceRequestCachePolicy FrameLoader::defaultRequestCachingPolicy(const ResourceRequest& request, FrameLoadType loadType, bool isMainResource) |
| { |
| if (m_overrideCachePolicyForTesting) |
| return m_overrideCachePolicyForTesting.value(); |
| |
| if (isMainResource) { |
| if (isReload(loadType) || request.isConditional()) |
| return ReloadIgnoringCacheData; |
| |
| return UseProtocolCachePolicy; |
| } |
| |
| if (request.isConditional()) |
| return ReloadIgnoringCacheData; |
| |
| if (documentLoader()->isLoadingInAPISense()) { |
| // If we inherit cache policy from a main resource, we use the DocumentLoader's |
| // original request cache policy for two reasons: |
| // 1. For POST requests, we mutate the cache policy for the main resource, |
| // but we do not want this to apply to subresources |
| // 2. Delegates that modify the cache policy using willSendRequest: should |
| // not affect any other resources. Such changes need to be done |
| // per request. |
| ResourceRequestCachePolicy mainDocumentOriginalCachePolicy = documentLoader()->originalRequest().cachePolicy(); |
| // Back-forward navigations try to load main resource from cache only to avoid re-submitting form data, and start over (with a warning dialog) if that fails. |
| // This policy is set on initial request too, but should not be inherited. |
| return (mainDocumentOriginalCachePolicy == ReturnCacheDataDontLoad) ? ReturnCacheDataElseLoad : mainDocumentOriginalCachePolicy; |
| } |
| |
| return UseProtocolCachePolicy; |
| } |
| |
| void FrameLoader::addExtraFieldsToRequest(ResourceRequest& request, FrameLoadType loadType, bool isMainResource) |
| { |
| // Don't set the cookie policy URL if it's already been set. |
| // But make sure to set it on all requests regardless of protocol, as it has significance beyond the cookie policy (<rdar://problem/6616664>). |
| if (request.firstPartyForCookies().isEmpty()) { |
| if (isMainResource && m_frame.isMainFrame()) |
| request.setFirstPartyForCookies(request.url()); |
| else if (Document* document = m_frame.document()) |
| request.setFirstPartyForCookies(document->firstPartyForCookies()); |
| } |
| |
| if (request.isSameSiteUnspecified()) { |
| auto* initiator = m_frame.document(); |
| if (isMainResource) { |
| auto* ownerFrame = m_frame.tree().parent(); |
| if (!ownerFrame) |
| ownerFrame = m_opener; |
| if (ownerFrame) |
| initiator = ownerFrame->document(); |
| ASSERT(ownerFrame || m_frame.isMainFrame()); |
| } |
| addSameSiteInfoToRequestIfNeeded(request, initiator); |
| request.setIsTopSite(isMainResource && m_frame.isMainFrame()); |
| } |
| |
| Page* page = frame().page(); |
| bool hasSpecificCachePolicy = request.cachePolicy() != UseProtocolCachePolicy; |
| |
| if (page && page->isResourceCachingDisabled()) { |
| request.setCachePolicy(ReloadIgnoringCacheData); |
| loadType = FrameLoadType::ReloadFromOrigin; |
| } else if (!hasSpecificCachePolicy) |
| request.setCachePolicy(defaultRequestCachingPolicy(request, loadType, isMainResource)); |
| |
| // The remaining modifications are only necessary for HTTP and HTTPS. |
| if (!request.url().isEmpty() && !request.url().protocolIsInHTTPFamily()) |
| return; |
| |
| if (!hasSpecificCachePolicy && request.cachePolicy() == ReloadIgnoringCacheData) { |
| if (loadType == FrameLoadType::Reload) |
| request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "max-age=0"); |
| else if (loadType == FrameLoadType::ReloadFromOrigin) { |
| request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "no-cache"); |
| request.setHTTPHeaderField(HTTPHeaderName::Pragma, "no-cache"); |
| } |
| } |
| |
| if (m_overrideResourceLoadPriorityForTesting) |
| request.setPriority(m_overrideResourceLoadPriorityForTesting.value()); |
| |
| applyUserAgentIfNeeded(request); |
| |
| if (isMainResource) |
| request.setHTTPAccept(defaultAcceptHeader); |
| |
| // Make sure we send the Origin header. |
| addHTTPOriginIfNeeded(request, String()); |
| |
| // Only set fallback array if it's still empty (later attempts may be incorrect, see bug 117818). |
| if (request.responseContentDispositionEncodingFallbackArray().isEmpty()) { |
| // Always try UTF-8. If that fails, try frame encoding (if any) and then the default. |
| request.setResponseContentDispositionEncodingFallbackArray("UTF-8", m_frame.document()->encoding(), m_frame.settings().defaultTextEncodingName()); |
| } |
| } |
| |
| void FrameLoader::addHTTPOriginIfNeeded(ResourceRequest& request, const String& origin) |
| { |
| if (!request.httpOrigin().isEmpty()) |
| return; // Request already has an Origin header. |
| |
| // Don't send an Origin header for GET or HEAD to avoid privacy issues. |
| // For example, if an intranet page has a hyperlink to an external web |
| // site, we don't want to include the Origin of the request because it |
| // will leak the internal host name. Similar privacy concerns have lead |
| // to the widespread suppression of the Referer header at the network |
| // layer. |
| if (request.httpMethod() == "GET" || request.httpMethod() == "HEAD") |
| return; |
| |
| // For non-GET and non-HEAD methods, always send an Origin header so the |
| // server knows we support this feature. |
| |
| if (origin.isEmpty()) { |
| // If we don't know what origin header to attach, we attach the value |
| // for an empty origin. |
| request.setHTTPOrigin(SecurityOrigin::createUnique()->toString()); |
| return; |
| } |
| |
| request.setHTTPOrigin(origin); |
| } |
| |
| // Implements the "'Same-site' and 'cross-site' Requests" algorithm from <https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1>. |
| // The algorithm is ammended to treat URLs that inherit their security origin from their owner (e.g. about:blank) |
| // as same-site. This matches the behavior of Chrome and Firefox. |
| void FrameLoader::addSameSiteInfoToRequestIfNeeded(ResourceRequest& request, const Document* initiator) |
| { |
| if (!request.isSameSiteUnspecified()) |
| return; |
| if (!initiator) { |
| request.setIsSameSite(true); |
| return; |
| } |
| if (SecurityPolicy::shouldInheritSecurityOriginFromOwner(request.url())) { |
| request.setIsSameSite(true); |
| return; |
| } |
| request.setIsSameSite(registrableDomainsAreEqual(initiator->firstPartyForSameSiteCookies(), request.url())); |
| } |
| |
| void FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded(ResourceRequest& request) |
| { |
| if (request.url().protocolIs("https")) { |
| // FIXME: Identify HSTS cases and avoid adding the header. <https://bugs.webkit.org/show_bug.cgi?id=157885> |
| return; |
| } |
| |
| request.setHTTPHeaderField(HTTPHeaderName::UpgradeInsecureRequests, ASCIILiteral("1")); |
| } |
| |
| void FrameLoader::loadPostRequest(FrameLoadRequest&& request, const String& referrer, FrameLoadType loadType, Event* event, FormState* formState, CompletionHandler<void()>&& completionHandler) |
| { |
| String frameName = request.frameName(); |
| LockHistory lockHistory = request.lockHistory(); |
| AllowNavigationToInvalidURL allowNavigationToInvalidURL = request.allowNavigationToInvalidURL(); |
| NewFrameOpenerPolicy openerPolicy = request.newFrameOpenerPolicy(); |
| |
| const ResourceRequest& inRequest = request.resourceRequest(); |
| const URL& url = inRequest.url(); |
| const String& contentType = inRequest.httpContentType(); |
| String origin = inRequest.httpOrigin(); |
| |
| ResourceRequest workingResourceRequest(url); |
| |
| if (!referrer.isEmpty()) |
| workingResourceRequest.setHTTPReferrer(referrer); |
| workingResourceRequest.setHTTPOrigin(origin); |
| workingResourceRequest.setHTTPMethod("POST"); |
| workingResourceRequest.setHTTPBody(inRequest.httpBody()); |
| workingResourceRequest.setHTTPContentType(contentType); |
| addExtraFieldsToRequest(workingResourceRequest, loadType, true); |
| |
| if (Document* document = m_frame.document()) |
| document->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(workingResourceRequest, ContentSecurityPolicy::InsecureRequestType::Load); |
| |
| NavigationAction action { request.requester(), workingResourceRequest, request.initiatedByMainFrame(), loadType, true, event, request.shouldOpenExternalURLsPolicy(), request.downloadAttribute() }; |
| |
| if (!frameName.isEmpty()) { |
| // The search for a target frame is done earlier in the case of form submission. |
| if (Frame* targetFrame = formState ? 0 : findFrameForNavigation(frameName)) { |
| targetFrame->loader().loadWithNavigationAction(workingResourceRequest, action, lockHistory, loadType, WTFMove(formState), allowNavigationToInvalidURL, WTFMove(completionHandler)); |
| return; |
| } |
| |
| policyChecker().checkNewWindowPolicy(WTFMove(action), workingResourceRequest, WTFMove(formState), frameName, [this, allowNavigationToInvalidURL, openerPolicy, completionHandler = WTFMove(completionHandler)] (const ResourceRequest& request, FormState* formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue) { |
| continueLoadAfterNewWindowPolicy(request, formState, frameName, action, shouldContinue, allowNavigationToInvalidURL, openerPolicy); |
| completionHandler(); |
| }); |
| return; |
| } |
| |
| // must grab this now, since this load may stop the previous load and clear this flag |
| bool isRedirect = m_quickRedirectComing; |
| loadWithNavigationAction(workingResourceRequest, action, lockHistory, loadType, WTFMove(formState), allowNavigationToInvalidURL, [this, isRedirect, protectedFrame = makeRef(m_frame), completionHandler = WTFMove(completionHandler)] { |
| if (isRedirect) { |
| m_quickRedirectComing = false; |
| if (m_provisionalDocumentLoader) |
| m_provisionalDocumentLoader->setIsClientRedirect(true); |
| else if (m_policyDocumentLoader) |
| m_policyDocumentLoader->setIsClientRedirect(true); |
| } |
| completionHandler(); |
| }); |
| } |
| |
| unsigned long FrameLoader::loadResourceSynchronously(const ResourceRequest& request, ClientCredentialPolicy clientCredentialPolicy, const FetchOptions& options, const HTTPHeaderMap& originalRequestHeaders, ResourceError& error, ResourceResponse& response, RefPtr<SharedBuffer>& data) |
| { |
| ASSERT(m_frame.document()); |
| String referrer = SecurityPolicy::generateReferrerHeader(m_frame.document()->referrerPolicy(), request.url(), outgoingReferrer()); |
| |
| ResourceRequest initialRequest = request; |
| initialRequest.setTimeoutInterval(10); |
| |
| if (!referrer.isEmpty()) |
| initialRequest.setHTTPReferrer(referrer); |
| addHTTPOriginIfNeeded(initialRequest, outgoingOrigin()); |
| |
| initialRequest.setFirstPartyForCookies(m_frame.mainFrame().loader().documentLoader()->request().url()); |
| |
| addExtraFieldsToSubresourceRequest(initialRequest); |
| |
| unsigned long identifier = 0; |
| ResourceRequest newRequest(initialRequest); |
| requestFromDelegate(newRequest, identifier, error); |
| |
| #if ENABLE(CONTENT_EXTENSIONS) |
| if (error.isNull()) { |
| if (auto* page = m_frame.page()) { |
| if (m_documentLoader) { |
| auto blockedStatus = page->userContentProvider().processContentExtensionRulesForLoad(newRequest.url(), ResourceType::Raw, *m_documentLoader); |
| applyBlockedStatusToRequest(blockedStatus, page, newRequest); |
| if (blockedStatus.blockedLoad) { |
| newRequest = { }; |
| error = ResourceError(errorDomainWebKitInternal, 0, initialRequest.url(), emptyString()); |
| response = { }; |
| data = nullptr; |
| } |
| } |
| } |
| } |
| #endif |
| |
| m_frame.document()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(newRequest, ContentSecurityPolicy::InsecureRequestType::Load); |
| |
| if (error.isNull()) { |
| ASSERT(!newRequest.isNull()); |
| |
| if (!documentLoader()->applicationCacheHost().maybeLoadSynchronously(newRequest, error, response, data)) { |
| Vector<char> buffer; |
| platformStrategies()->loaderStrategy()->loadResourceSynchronously(*this, identifier, newRequest, clientCredentialPolicy, options, originalRequestHeaders, error, response, buffer); |
| data = SharedBuffer::create(WTFMove(buffer)); |
| documentLoader()->applicationCacheHost().maybeLoadFallbackSynchronously(newRequest, error, response, data); |
| ResourceLoadObserver::shared().logSubresourceLoading(&m_frame, newRequest, response); |
| } |
| } |
| notifier().sendRemainingDelegateMessages(m_documentLoader.get(), identifier, request, response, data ? data->data() : nullptr, data ? data->size() : 0, -1, error); |
| return identifier; |
| } |
| |
| const ResourceRequest& FrameLoader::originalRequest() const |
| { |
| return activeDocumentLoader()->originalRequestCopy(); |
| } |
| |
| void FrameLoader::receivedMainResourceError(const ResourceError& error) |
| { |
| // Retain because the stop may release the last reference to it. |
| Ref<Frame> protect(m_frame); |
| |
| RefPtr<DocumentLoader> loader = activeDocumentLoader(); |
| // FIXME: Don't want to do this if an entirely new load is going, so should check |
| // that both data sources on the frame are either this or nil. |
| stop(); |
| if (m_client.shouldFallBack(error)) |
| handleFallbackContent(); |
| |
| if (m_state == FrameStateProvisional && m_provisionalDocumentLoader) { |
| if (m_submittedFormURL == m_provisionalDocumentLoader->originalRequestCopy().url()) |
| m_submittedFormURL = URL(); |
| |
| // We might have made a page cache item, but now we're bailing out due to an error before we ever |
| // transitioned to the new page (before WebFrameState == commit). The goal here is to restore any state |
| // so that the existing view (that wenever got far enough to replace) can continue being used. |
| history().invalidateCurrentItemCachedPage(); |
| |
| // Call clientRedirectCancelledOrFinished here so that the frame load delegate is notified that the redirect's |
| // status has changed, if there was a redirect. The frame load delegate may have saved some state about |
| // the redirect in its -webView:willPerformClientRedirectToURL:delay:fireDate:forFrame:. Since we are definitely |
| // not going to use this provisional resource, as it was cancelled, notify the frame load delegate that the redirect |
| // has ended. |
| if (m_sentRedirectNotification) |
| clientRedirectCancelledOrFinished(false); |
| } |
| |
| checkCompleted(); |
| if (m_frame.page()) |
| checkLoadComplete(); |
| } |
| |
| void FrameLoader::continueFragmentScrollAfterNavigationPolicy(const ResourceRequest& request, bool shouldContinue) |
| { |
| m_quickRedirectComing = false; |
| |
| if (!shouldContinue) |
| return; |
| |
| // Calling stopLoading() on the provisional document loader can cause the underlying |
| // frame to be deallocated. |
| Ref<Frame> protectedFrame(m_frame); |
| |
| // If we have a provisional request for a different document, a fragment scroll should cancel it. |
| if (m_provisionalDocumentLoader && !equalIgnoringFragmentIdentifier(m_provisionalDocumentLoader->request().url(), request.url())) { |
| m_provisionalDocumentLoader->stopLoading(); |
| setProvisionalDocumentLoader(nullptr); |
| } |
| |
| bool isRedirect = m_quickRedirectComing || policyChecker().loadType() == FrameLoadType::RedirectWithLockedBackForwardList; |
| loadInSameDocument(request.url(), 0, !isRedirect); |
| } |
| |
| bool FrameLoader::shouldPerformFragmentNavigation(bool isFormSubmission, const String& httpMethod, FrameLoadType loadType, const URL& url) |
| { |
| // We don't do this if we are submitting a form with method other than "GET", explicitly reloading, |
| // currently displaying a frameset, or if the URL does not have a fragment. |
| // These rules were originally based on what KHTML was doing in KHTMLPart::openURL. |
| |
| // FIXME: What about load types other than Standard and Reload? |
| |
| return (!isFormSubmission || equalLettersIgnoringASCIICase(httpMethod, "get")) |
| && !isReload(loadType) |
| && loadType != FrameLoadType::Same |
| && !shouldReload(m_frame.document()->url(), url) |
| // We don't want to just scroll if a link from within a |
| // frameset is trying to reload the frameset into _top. |
| && !m_frame.document()->isFrameSet(); |
| } |
| |
| static bool itemAllowsScrollRestoration(HistoryItem* historyItem) |
| { |
| return !historyItem || historyItem->shouldRestoreScrollPosition(); |
| } |
| |
| static bool isSameDocumentReload(bool isNewNavigation, FrameLoadType loadType) |
| { |
| return !isNewNavigation && !isBackForwardLoadType(loadType); |
| } |
| |
| void FrameLoader::scrollToFragmentWithParentBoundary(const URL& url, bool isNewNavigation) |
| { |
| FrameView* view = m_frame.view(); |
| if (!view) |
| return; |
| |
| // Leaking scroll position to a cross-origin ancestor would permit the so-called "framesniffing" attack. |
| RefPtr<Frame> boundaryFrame(url.hasFragmentIdentifier() ? m_frame.document()->findUnsafeParentScrollPropagationBoundary() : 0); |
| |
| if (boundaryFrame) |
| boundaryFrame->view()->setSafeToPropagateScrollToParent(false); |
| |
| if (isSameDocumentReload(isNewNavigation, m_loadType) || itemAllowsScrollRestoration(history().currentItem())) |
| view->scrollToFragment(url); |
| |
| if (boundaryFrame) |
| boundaryFrame->view()->setSafeToPropagateScrollToParent(true); |
| } |
| |
| bool FrameLoader::shouldClose() |
| { |
| Page* page = m_frame.page(); |
| if (!page) |
| return true; |
| if (!page->chrome().canRunBeforeUnloadConfirmPanel()) |
| return true; |
| |
| // Store all references to each subframe in advance since beforeunload's event handler may modify frame |
| Vector<Ref<Frame>, 16> targetFrames; |
| targetFrames.append(m_frame); |
| for (Frame* child = m_frame.tree().firstChild(); child; child = child->tree().traverseNext(&m_frame)) |
| targetFrames.append(*child); |
| |
| bool shouldClose = false; |
| { |
| NavigationDisabler navigationDisabler(&m_frame); |
| size_t i; |
| |
| for (i = 0; i < targetFrames.size(); i++) { |
| if (!targetFrames[i]->tree().isDescendantOf(&m_frame)) |
| continue; |
| if (!targetFrames[i]->loader().dispatchBeforeUnloadEvent(page->chrome(), this)) |
| break; |
| } |
| |
| if (i == targetFrames.size()) |
| shouldClose = true; |
| } |
| |
| if (!shouldClose) |
| m_submittedFormURL = URL(); |
| |
| m_currentNavigationHasShownBeforeUnloadConfirmPanel = false; |
| return shouldClose; |
| } |
| |
| void FrameLoader::dispatchUnloadEvents(UnloadEventPolicy unloadEventPolicy) |
| { |
| if (!m_frame.document()) |
| return; |
| |
| // We store the frame's page in a local variable because the frame might get detached inside dispatchEvent. |
| ForbidPromptsScope forbidPrompts(m_frame.page()); |
| IgnoreOpensDuringUnloadCountIncrementer ignoreOpensDuringUnloadCountIncrementer(m_frame.document()); |
| |
| if (m_didCallImplicitClose && !m_wasUnloadEventEmitted) { |
| auto* currentFocusedElement = m_frame.document()->focusedElement(); |
| if (is<HTMLInputElement>(currentFocusedElement)) |
| downcast<HTMLInputElement>(*currentFocusedElement).endEditing(); |
| if (m_pageDismissalEventBeingDispatched == PageDismissalType::None) { |
| if (unloadEventPolicy == UnloadEventPolicyUnloadAndPageHide) { |
| m_pageDismissalEventBeingDispatched = PageDismissalType::PageHide; |
| m_frame.document()->domWindow()->dispatchEvent(PageTransitionEvent::create(eventNames().pagehideEvent, m_frame.document()->pageCacheState() == Document::AboutToEnterPageCache), m_frame.document()); |
| } |
| |
| // FIXME: update Page Visibility state here. |
| // https://bugs.webkit.org/show_bug.cgi?id=116770 |
| |
| if (m_frame.document()->pageCacheState() == Document::NotInPageCache) { |
| Ref<Event> unloadEvent(Event::create(eventNames().unloadEvent, false, false)); |
| // The DocumentLoader (and thus its LoadTiming) might get destroyed |
| // while dispatching the event, so protect it to prevent writing the end |
| // time into freed memory. |
| RefPtr<DocumentLoader> documentLoader = m_provisionalDocumentLoader; |
| m_pageDismissalEventBeingDispatched = PageDismissalType::Unload; |
| if (documentLoader && documentLoader->timing().startTime() && !documentLoader->timing().unloadEventStart() && !documentLoader->timing().unloadEventEnd()) { |
| auto& timing = documentLoader->timing(); |
| timing.markUnloadEventStart(); |
| m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document()); |
| timing.markUnloadEventEnd(); |
| } else |
| m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document()); |
| } |
| } |
| m_pageDismissalEventBeingDispatched = PageDismissalType::None; |
| m_wasUnloadEventEmitted = true; |
| } |
| |
| // Dispatching the unload event could have made m_frame.document() null. |
| if (!m_frame.document()) |
| return; |
| |
| if (m_frame.document()->pageCacheState() != Document::NotInPageCache) |
| return; |
| |
| // Don't remove event listeners from a transitional empty document (see bug 28716 for more information). |
| bool keepEventListeners = m_stateMachine.isDisplayingInitialEmptyDocument() && m_provisionalDocumentLoader |
| && m_frame.document()->isSecureTransitionTo(m_provisionalDocumentLoader->url()); |
| |
| if (!keepEventListeners) |
| m_frame.document()->removeAllEventListeners(); |
| } |
| |
| static bool shouldAskForNavigationConfirmation(Document& document, const BeforeUnloadEvent& event) |
| { |
| // Confirmation dialog should not be displayed when the allow-modals flag is not set. |
| if (document.isSandboxed(SandboxModals)) |
| return false; |
| |
| bool userDidInteractWithPage = document.topDocument().userDidInteractWithPage(); |
| // Web pages can request we ask for confirmation before navigating by: |
| // - Cancelling the BeforeUnloadEvent (modern way) |
| // - Setting the returnValue attribute on the BeforeUnloadEvent to a non-empty string. |
| // - Returning a non-empty string from the event handler, which is then set as returnValue |
| // attribute on the BeforeUnloadEvent. |
| return userDidInteractWithPage && (event.defaultPrevented() || !event.returnValue().isEmpty()); |
| } |
| |
| bool FrameLoader::dispatchBeforeUnloadEvent(Chrome& chrome, FrameLoader* frameLoaderBeingNavigated) |
| { |
| DOMWindow* domWindow = m_frame.document()->domWindow(); |
| if (!domWindow) |
| return true; |
| |
| RefPtr<Document> document = m_frame.document(); |
| if (!document->bodyOrFrameset()) |
| return true; |
| |
| Ref<BeforeUnloadEvent> beforeUnloadEvent = BeforeUnloadEvent::create(); |
| m_pageDismissalEventBeingDispatched = PageDismissalType::BeforeUnload; |
| |
| { |
| ForbidPromptsScope forbidPrompts(m_frame.page()); |
| IgnoreOpensDuringUnloadCountIncrementer ignoreOpensDuringUnloadCountIncrementer(m_frame.document()); |
| domWindow->dispatchEvent(beforeUnloadEvent, domWindow->document()); |
| } |
| |
| m_pageDismissalEventBeingDispatched = PageDismissalType::None; |
| |
| if (!beforeUnloadEvent->defaultPrevented()) |
| document->defaultEventHandler(beforeUnloadEvent.get()); |
| |
| if (!shouldAskForNavigationConfirmation(*document, beforeUnloadEvent)) |
| return true; |
| |
| // If the navigating FrameLoader has already shown a beforeunload confirmation panel for the current navigation attempt, |
| // this frame is not allowed to cause another one to be shown. |
| if (frameLoaderBeingNavigated->m_currentNavigationHasShownBeforeUnloadConfirmPanel) { |
| document->addConsoleMessage(MessageSource::JS, MessageLevel::Error, ASCIILiteral("Blocked attempt to show multiple beforeunload confirmation dialogs for the same navigation.")); |
| return true; |
| } |
| |
| // We should only display the beforeunload dialog for an iframe if its SecurityOrigin matches all |
| // ancestor frame SecurityOrigins up through the navigating FrameLoader. |
| if (frameLoaderBeingNavigated != this) { |
| Frame* parentFrame = m_frame.tree().parent(); |
| while (parentFrame) { |
| Document* parentDocument = parentFrame->document(); |
| if (!parentDocument) |
| return true; |
| if (!m_frame.document() || !m_frame.document()->securityOrigin().canAccess(parentDocument->securityOrigin())) { |
| document->addConsoleMessage(MessageSource::JS, MessageLevel::Error, ASCIILiteral("Blocked attempt to show beforeunload confirmation dialog on behalf of a frame with different security origin. Protocols, domains, and ports must match.")); |
| return true; |
| } |
| |
| if (&parentFrame->loader() == frameLoaderBeingNavigated) |
| break; |
| |
| parentFrame = parentFrame->tree().parent(); |
| } |
| |
| // The navigatingFrameLoader should always be in our ancestory. |
| ASSERT(parentFrame); |
| ASSERT(&parentFrame->loader() == frameLoaderBeingNavigated); |
| } |
| |
| frameLoaderBeingNavigated->m_currentNavigationHasShownBeforeUnloadConfirmPanel = true; |
| |
| String text = document->displayStringModifiedByEncoding(beforeUnloadEvent->returnValue()); |
| return chrome.runBeforeUnloadConfirmPanel(text, m_frame); |
| } |
| |
| void FrameLoader::continueLoadAfterNavigationPolicy(const ResourceRequest& request, FormState* formState, ShouldContinue shouldContinue, AllowNavigationToInvalidURL allowNavigationToInvalidURL) |
| { |
| // If we loaded an alternate page to replace an unreachableURL, we'll get in here with a |
| // nil policyDataSource because loading the alternate page will have passed |
| // through this method already, nested; otherwise, policyDataSource should still be set. |
| ASSERT(m_policyDocumentLoader || !m_provisionalDocumentLoader->unreachableURL().isEmpty()); |
| |
| bool isTargetItem = history().provisionalItem() ? history().provisionalItem()->isTargetItem() : false; |
| |
| bool urlIsDisallowed = allowNavigationToInvalidURL == AllowNavigationToInvalidURL::No && !request.url().isValid(); |
| bool canContinue = shouldContinue != ShouldContinue::No && shouldClose() && !urlIsDisallowed; |
| |
| if (!canContinue) { |
| // If we were waiting for a quick redirect, but the policy delegate decided to ignore it, then we |
| // need to report that the client redirect was cancelled. |
| // FIXME: The client should be told about ignored non-quick redirects, too. |
| if (m_quickRedirectComing) |
| clientRedirectCancelledOrFinished(false); |
| |
| setPolicyDocumentLoader(nullptr); |
| checkCompleted(); |
| checkLoadComplete(); |
| |
| // If the navigation request came from the back/forward menu, and we punt on it, we have the |
| // problem that we have optimistically moved the b/f cursor already, so move it back. For sanity, |
| // we only do this when punting a navigation for the target frame or top-level frame. |
| if ((isTargetItem || m_frame.isMainFrame()) && isBackForwardLoadType(policyChecker().loadType())) { |
| if (Page* page = m_frame.page()) { |
| if (HistoryItem* resetItem = m_frame.mainFrame().loader().history().currentItem()) { |
| page->backForward().setCurrentItem(resetItem); |
| m_frame.loader().client().updateGlobalHistoryItemForPage(); |
| } |
| } |
| } |
| return; |
| } |
| |
| FrameLoadType type = policyChecker().loadType(); |
| // A new navigation is in progress, so don't clear the history's provisional item. |
| stopAllLoaders(ShouldNotClearProvisionalItem); |
| |
| // <rdar://problem/6250856> - In certain circumstances on pages with multiple frames, stopAllLoaders() |
| // might detach the current FrameLoader, in which case we should bail on this newly defunct load. |
| if (!m_frame.page()) |
| return; |
| |
| setProvisionalDocumentLoader(m_policyDocumentLoader.get()); |
| m_loadType = type; |
| setState(FrameStateProvisional); |
| |
| setPolicyDocumentLoader(nullptr); |
| |
| if (isBackForwardLoadType(type)) { |
| auto& diagnosticLoggingClient = m_frame.page()->diagnosticLoggingClient(); |
| if (history().provisionalItem()->isInPageCache()) { |
| diagnosticLoggingClient.logDiagnosticMessageWithResult(DiagnosticLoggingKeys::pageCacheKey(), DiagnosticLoggingKeys::retrievalKey(), DiagnosticLoggingResultPass, ShouldSample::Yes); |
| loadProvisionalItemFromCachedPage(); |
| return; |
| } |
| diagnosticLoggingClient.logDiagnosticMessageWithResult(DiagnosticLoggingKeys::pageCacheKey(), DiagnosticLoggingKeys::retrievalKey(), DiagnosticLoggingResultFail, ShouldSample::Yes); |
| } |
| |
| CompletionHandler<void(void)> completionHandler = [this, shouldContinue] { |
| if (!m_provisionalDocumentLoader) |
| return; |
| |
| prepareForLoadStart(); |
| |
| // The load might be cancelled inside of prepareForLoadStart(), nulling out the m_provisionalDocumentLoader, |
| // so we need to null check it again. |
| if (!m_provisionalDocumentLoader) { |
| RELEASE_LOG_IF_ALLOWED("dispatchWillSubmitForm completionHandler: Frame load canceled (frame = %p, main = %d)", &m_frame, m_frame.isMainFrame()); |
| return; |
| } |
| |
| DocumentLoader* activeDocLoader = activeDocumentLoader(); |
| if (activeDocLoader && activeDocLoader->isLoadingMainResource()) { |
| RELEASE_LOG_IF_ALLOWED("dispatchWillSubmitForm completionHandler: Main frame already being loaded (frame = %p, main = %d)", &m_frame, m_frame.isMainFrame()); |
| return; |
| } |
| |
| m_loadingFromCachedPage = false; |
| |
| // We handle suspension by navigating forward to about:blank, which leaves us setup to navigate back to resume. |
| if (shouldContinue == ShouldContinue::ForSuspension) |
| m_provisionalDocumentLoader->willContinueMainResourceLoadAfterRedirect({ blankURL() }); |
| |
| m_provisionalDocumentLoader->startLoadingMainResource(shouldContinue); |
| }; |
| |
| if (!formState) { |
| completionHandler(); |
| return; |
| } |
| |
| m_client.dispatchWillSubmitForm(*formState, WTFMove(completionHandler)); |
| } |
| |
| void FrameLoader::continueLoadAfterNewWindowPolicy(const ResourceRequest& request, |
| FormState* formState, const String& frameName, const NavigationAction& action, ShouldContinue shouldContinue, AllowNavigationToInvalidURL allowNavigationToInvalidURL, NewFrameOpenerPolicy openerPolicy) |
| { |
| ASSERT(shouldContinue != ShouldContinue::ForSuspension); |
| if (shouldContinue != ShouldContinue::Yes) |
| return; |
| |
| Ref<Frame> frame(m_frame); |
| RefPtr<Frame> mainFrame = m_client.dispatchCreatePage(action); |
| if (!mainFrame) |
| return; |
| |
| SandboxFlags sandboxFlags = frame->loader().effectiveSandboxFlags(); |
| if (sandboxFlags & SandboxPropagatesToAuxiliaryBrowsingContexts) |
| mainFrame->loader().forceSandboxFlags(sandboxFlags); |
| |
| if (!equalIgnoringASCIICase(frameName, "_blank")) |
| mainFrame->tree().setName(frameName); |
| |
| mainFrame->page()->setOpenedByDOM(); |
| mainFrame->loader().m_client.dispatchShow(); |
| if (openerPolicy == NewFrameOpenerPolicy::Allow) { |
| mainFrame->loader().setOpener(frame.ptr()); |
| mainFrame->document()->setReferrerPolicy(frame->document()->referrerPolicy()); |
| } |
| |
| NavigationAction newAction { *frame->document(), request, InitiatedByMainFrame::Unknown, NavigationType::Other, action.shouldOpenExternalURLsPolicy() }; |
| mainFrame->loader().loadWithNavigationAction(request, newAction, LockHistory::No, FrameLoadType::Standard, formState, allowNavigationToInvalidURL, [] { }); |
| } |
| |
| void FrameLoader::requestFromDelegate(ResourceRequest& request, unsigned long& identifier, ResourceError& error) |
| { |
| ASSERT(!request.isNull()); |
| |
| identifier = 0; |
| if (Page* page = m_frame.page()) { |
| identifier = page->progress().createUniqueIdentifier(); |
| notifier().assignIdentifierToInitialRequest(identifier, m_documentLoader.get(), request); |
| } |
| |
| ResourceRequest newRequest(request); |
| notifier().dispatchWillSendRequest(m_documentLoader.get(), identifier, newRequest, ResourceResponse()); |
| |
| if (newRequest.isNull()) |
| error = cancelledError(request); |
| else |
| error = ResourceError(); |
| |
| request = newRequest; |
| } |
| |
| void FrameLoader::loadedResourceFromMemoryCache(CachedResource& resource, ResourceRequest& newRequest, ResourceError& error) |
| { |
| Page* page = m_frame.page(); |
| if (!page) |
| return; |
| |
| if (!resource.shouldSendResourceLoadCallbacks() || m_documentLoader->haveToldClientAboutLoad(resource.url())) |
| return; |
| |
| // Main resource delegate messages are synthesized in MainResourceLoader, so we must not send them here. |
| if (resource.type() == CachedResource::MainResource) |
| return; |
| |
| if (!page->areMemoryCacheClientCallsEnabled()) { |
| InspectorInstrumentation::didLoadResourceFromMemoryCache(*page, m_documentLoader.get(), &resource); |
| m_documentLoader->recordMemoryCacheLoadForFutureClientNotification(resource.resourceRequest()); |
| m_documentLoader->didTellClientAboutLoad(resource.url()); |
| return; |
| } |
| |
| if (m_client.dispatchDidLoadResourceFromMemoryCache(m_documentLoader.get(), newRequest, resource.response(), resource.encodedSize())) { |
| InspectorInstrumentation::didLoadResourceFromMemoryCache(*page, m_documentLoader.get(), &resource); |
| m_documentLoader->didTellClientAboutLoad(resource.url()); |
| return; |
| } |
| |
| unsigned long identifier; |
| requestFromDelegate(newRequest, identifier, error); |
| |
| ResourceResponse response = resource.response(); |
| response.setSource(ResourceResponse::Source::MemoryCache); |
| notifier().sendRemainingDelegateMessages(m_documentLoader.get(), identifier, newRequest, response, 0, resource.encodedSize(), 0, error); |
| } |
| |
| void FrameLoader::applyUserAgentIfNeeded(ResourceRequest& request) |
| { |
| if (!request.hasHTTPHeaderField(HTTPHeaderName::UserAgent)) { |
| String userAgent = this->userAgent(request.url()); |
| ASSERT(!userAgent.isNull()); |
| request.setHTTPUserAgent(userAgent); |
| } |
| } |
| |
| bool FrameLoader::shouldInterruptLoadForXFrameOptions(const String& content, const URL& url, unsigned long requestIdentifier) |
| { |
| Frame& topFrame = m_frame.tree().top(); |
| if (&m_frame == &topFrame) |
| return false; |
| |
| XFrameOptionsDisposition disposition = parseXFrameOptionsHeader(content); |
| |
| switch (disposition) { |
| case XFrameOptionsSameOrigin: { |
| RefPtr<SecurityOrigin> origin = SecurityOrigin::create(url); |
| if (!origin->isSameSchemeHostPort(topFrame.document()->securityOrigin())) |
| return true; |
| for (Frame* frame = m_frame.tree().parent(); frame; frame = frame->tree().parent()) { |
| if (!origin->isSameSchemeHostPort(frame->document()->securityOrigin())) |
| break; |
| } |
| return false; |
| } |
| case XFrameOptionsDeny: |
| return true; |
| case XFrameOptionsAllowAll: |
| return false; |
| case XFrameOptionsConflict: |
| m_frame.document()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Multiple 'X-Frame-Options' headers with conflicting values ('" + content + "') encountered when loading '" + url.stringCenterEllipsizedToLength() + "'. Falling back to 'DENY'.", requestIdentifier); |
| return true; |
| case XFrameOptionsInvalid: |
| m_frame.document()->addConsoleMessage(MessageSource::JS, MessageLevel::Error, "Invalid 'X-Frame-Options' header encountered when loading '" + url.stringCenterEllipsizedToLength() + "': '" + content + "' is not a recognized directive. The header will be ignored.", requestIdentifier); |
| return false; |
| case XFrameOptionsNone: |
| return false; |
| } |
| ASSERT_NOT_REACHED(); |
| return false; |
| } |
| |
| void FrameLoader::loadProvisionalItemFromCachedPage() |
| { |
| DocumentLoader* provisionalLoader = provisionalDocumentLoader(); |
| LOG(PageCache, "WebCorePageCache: Loading provisional DocumentLoader %p with URL '%s' from CachedPage", provisionalDocumentLoader(), provisionalDocumentLoader()->url().stringCenterEllipsizedToLength().utf8().data()); |
| |
| prepareForLoadStart(); |
| |
| m_loadingFromCachedPage = true; |
| |
| // Should have timing data from previous time(s) the page was shown. |
| ASSERT(provisionalLoader->timing().startTime()); |
| provisionalLoader->resetTiming(); |
| provisionalLoader->timing().markStartTime(); |
| |
| provisionalLoader->setCommitted(true); |
| commitProvisionalLoad(); |
| } |
| |
| bool FrameLoader::shouldTreatURLAsSameAsCurrent(const URL& url) const |
| { |
| if (!history().currentItem()) |
| return false; |
| return url == history().currentItem()->url() || url == history().currentItem()->originalURL(); |
| } |
| |
| bool FrameLoader::shouldTreatURLAsSrcdocDocument(const URL& url) const |
| { |
| if (!equalLettersIgnoringASCIICase(url.string(), "about:srcdoc")) |
| return false; |
| HTMLFrameOwnerElement* ownerElement = m_frame.ownerElement(); |
| if (!ownerElement) |
| return false; |
| if (!ownerElement->hasTagName(iframeTag)) |
| return false; |
| return ownerElement->hasAttributeWithoutSynchronization(srcdocAttr); |
| } |
| |
| Frame* FrameLoader::findFrameForNavigation(const AtomicString& name, Document* activeDocument) |
| { |
| Frame* frame = m_frame.tree().find(name); |
| |
| // FIXME: Eventually all callers should supply the actual activeDocument so we can call canNavigate with the right document. |
| if (!activeDocument) |
| activeDocument = m_frame.document(); |
| |
| if (!activeDocument->canNavigate(frame)) |
| return nullptr; |
| |
| return frame; |
| } |
| |
| void FrameLoader::loadSameDocumentItem(HistoryItem& item) |
| { |
| ASSERT(item.documentSequenceNumber() == history().currentItem()->documentSequenceNumber()); |
| |
| Ref<Frame> protect(m_frame); |
| |
| // Save user view state to the current history item here since we don't do a normal load. |
| // FIXME: Does form state need to be saved here too? |
| history().saveScrollPositionAndViewStateToItem(history().currentItem()); |
| if (FrameView* view = m_frame.view()) |
| view->setWasScrolledByUser(false); |
| |
| history().setCurrentItem(&item); |
| |
| // loadInSameDocument() actually changes the URL and notifies load delegates of a "fake" load |
| loadInSameDocument(item.url(), item.stateObject(), false); |
| |
| // Restore user view state from the current history item here since we don't do a normal load. |
| history().restoreScrollPositionAndViewState(); |
| } |
| |
| // FIXME: This function should really be split into a couple pieces, some of |
| // which should be methods of HistoryController and some of which should be |
| // methods of FrameLoader. |
| void FrameLoader::loadDifferentDocumentItem(HistoryItem& item, FrameLoadType loadType, FormSubmissionCacheLoadPolicy cacheLoadPolicy, NavigationPolicyCheck navigationPolicyCheck) |
| { |
| // Remember this item so we can traverse any child items as child frames load |
| history().setProvisionalItem(&item); |
| |
| auto initiatedByMainFrame = InitiatedByMainFrame::Unknown; |
| |
| SetForScope<bool> currentLoadShouldCheckNavigationPolicyGuard(m_currentLoadShouldCheckNavigationPolicy, navigationPolicyCheck != NavigationPolicyCheck::Bypass); |
| |
| if (CachedPage* cachedPage = PageCache::singleton().get(item, m_frame.page())) { |
| auto documentLoader = cachedPage->documentLoader(); |
| m_client.updateCachedDocumentLoader(*documentLoader); |
| documentLoader->setTriggeringAction({ *m_frame.document(), documentLoader->request(), initiatedByMainFrame, loadType, false }); |
| documentLoader->setLastCheckedRequest(ResourceRequest()); |
| loadWithDocumentLoader(documentLoader, loadType, 0, AllowNavigationToInvalidURL::Yes, navigationPolicyCheck, [] { }); |
| return; |
| } |
| |
| URL itemURL = item.url(); |
| URL itemOriginalURL = item.originalURL(); |
| URL currentURL; |
| if (documentLoader()) |
| currentURL = documentLoader()->url(); |
| RefPtr<FormData> formData = item.formData(); |
| |
| ResourceRequest request(itemURL); |
| |
| if (!item.referrer().isNull()) |
| request.setHTTPReferrer(item.referrer()); |
| |
| ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy = shouldOpenExternalURLsPolicyToApply(m_frame, initiatedByMainFrame, item.shouldOpenExternalURLsPolicy()); |
| bool isFormSubmission = false; |
| Event* event = nullptr; |
| |
| // If this was a repost that failed the page cache, we might try to repost the form. |
| NavigationAction action; |
| if (formData) { |
| formData->generateFiles(m_frame.document()); |
| |
| request.setHTTPMethod("POST"); |
| request.setHTTPBody(WTFMove(formData)); |
| request.setHTTPContentType(item.formContentType()); |
| RefPtr<SecurityOrigin> securityOrigin = SecurityOrigin::createFromString(item.referrer()); |
| addHTTPOriginIfNeeded(request, securityOrigin->toString()); |
| addHTTPUpgradeInsecureRequestsIfNeeded(request); |
| |
| // Make sure to add extra fields to the request after the Origin header is added for the FormData case. |
| // See https://bugs.webkit.org/show_bug.cgi?id=22194 for more discussion. |
| addExtraFieldsToRequest(request, loadType, true); |
| |
| // FIXME: Slight hack to test if the NSURL cache contains the page we're going to. |
| // We want to know this before talking to the policy delegate, since it affects whether |
| // we show the DoYouReallyWantToRepost nag. |
| // |
| // This trick has a small bug (3123893) where we might find a cache hit, but then |
| // have the item vanish when we try to use it in the ensuing nav. This should be |
| // extremely rare, but in that case the user will get an error on the navigation. |
| |
| if (cacheLoadPolicy == MayAttemptCacheOnlyLoadForFormSubmissionItem) { |
| request.setCachePolicy(ReturnCacheDataDontLoad); |
| action = { *m_frame.document(), request, initiatedByMainFrame, loadType, isFormSubmission, event, shouldOpenExternalURLsPolicy }; |
| } else { |
| request.setCachePolicy(ReturnCacheDataElseLoad); |
| action = { *m_frame.document(), request, initiatedByMainFrame, NavigationType::FormResubmitted, shouldOpenExternalURLsPolicy, event }; |
| } |
| } else { |
| switch (loadType) { |
| case FrameLoadType::Reload: |
| case FrameLoadType::ReloadFromOrigin: |
| case FrameLoadType::ReloadExpiredOnly: |
| request.setCachePolicy(ReloadIgnoringCacheData); |
| break; |
| case FrameLoadType::Back: |
| case FrameLoadType::Forward: |
| case FrameLoadType::IndexedBackForward: { |
| #if PLATFORM(COCOA) |
| bool allowStaleData = true; |
| #else |
| bool allowStaleData = !item.wasRestoredFromSession(); |
| #endif |
| if (allowStaleData) |
| request.setCachePolicy(ReturnCacheDataElseLoad); |
| item.setWasRestoredFromSession(false); |
| break; |
| } |
| case FrameLoadType::Standard: |
| case FrameLoadType::RedirectWithLockedBackForwardList: |
| break; |
| case FrameLoadType::Same: |
| case FrameLoadType::Replace: |
| ASSERT_NOT_REACHED(); |
| } |
| |
| addExtraFieldsToRequest(request, loadType, true); |
| |
| ResourceRequest requestForOriginalURL(request); |
| requestForOriginalURL.setURL(itemOriginalURL); |
| action = { *m_frame.document(), requestForOriginalURL, initiatedByMainFrame, loadType, isFormSubmission, event, shouldOpenExternalURLsPolicy }; |
| } |
| |
| loadWithNavigationAction(request, action, LockHistory::No, loadType, 0, AllowNavigationToInvalidURL::Yes, [] { }); |
| } |
| |
| // Loads content into this frame, as specified by history item |
| void FrameLoader::loadItem(HistoryItem& item, FrameLoadType loadType, NavigationPolicyCheck navigationPolicyCheck) |
| { |
| m_requestedHistoryItem = &item; |
| HistoryItem* currentItem = history().currentItem(); |
| bool sameDocumentNavigation = currentItem && item.shouldDoSameDocumentNavigationTo(*currentItem); |
| |
| if (sameDocumentNavigation) |
| loadSameDocumentItem(item); |
| else |
| loadDifferentDocumentItem(item, loadType, MayAttemptCacheOnlyLoadForFormSubmissionItem, navigationPolicyCheck); |
| } |
| |
| void FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad() |
| { |
| ASSERT(m_state == FrameStateProvisional); |
| ASSERT(!m_loadingFromCachedPage); |
| ASSERT(history().provisionalItem()); |
| ASSERT(history().provisionalItem()->formData()); |
| ASSERT(history().provisionalItem() == m_requestedHistoryItem.get()); |
| |
| FrameLoadType loadType = m_loadType; |
| HistoryItem& item = *history().provisionalItem(); |
| |
| stopAllLoaders(ShouldNotClearProvisionalItem); |
| loadDifferentDocumentItem(item, loadType, MayNotAttemptCacheOnlyLoadForFormSubmissionItem, NavigationPolicyCheck::Require); |
| } |
| |
| ResourceError FrameLoader::cancelledError(const ResourceRequest& request) const |
| { |
| ResourceError error = m_client.cancelledError(request); |
| error.setType(ResourceError::Type::Cancellation); |
| return error; |
| } |
| |
| ResourceError FrameLoader::blockedByContentBlockerError(const ResourceRequest& request) const |
| { |
| return m_client.blockedByContentBlockerError(request); |
| } |
| |
| ResourceError FrameLoader::blockedError(const ResourceRequest& request) const |
| { |
| ResourceError error = m_client.blockedError(request); |
| error.setType(ResourceError::Type::Cancellation); |
| return error; |
| } |
| |
| #if ENABLE(CONTENT_FILTERING) |
| ResourceError FrameLoader::blockedByContentFilterError(const ResourceRequest& request) const |
| { |
| ResourceError error = m_client.blockedByContentFilterError(request); |
| error.setType(ResourceError::Type::General); |
| return error; |
| } |
| #endif |
| |
| #if PLATFORM(IOS) |
| RetainPtr<CFDictionaryRef> FrameLoader::connectionProperties(ResourceLoader* loader) |
| { |
| return m_client.connectionProperties(loader->documentLoader(), loader->identifier()); |
| } |
| #endif |
| |
| ReferrerPolicy FrameLoader::effectiveReferrerPolicy() const |
| { |
| if (auto* parentFrame = m_frame.tree().parent()) |
| return parentFrame->document()->referrerPolicy(); |
| if (m_opener) |
| return m_opener->document()->referrerPolicy(); |
| return ReferrerPolicy::NoReferrerWhenDowngrade; |
| } |
| |
| String FrameLoader::referrer() const |
| { |
| return m_documentLoader ? m_documentLoader->request().httpReferrer() : emptyString(); |
| } |
| |
| void FrameLoader::dispatchDidClearWindowObjectsInAllWorlds() |
| { |
| if (!m_frame.script().canExecuteScripts(NotAboutToExecuteScript)) |
| return; |
| |
| Vector<Ref<DOMWrapperWorld>> worlds; |
| ScriptController::getAllWorlds(worlds); |
| for (auto& world : worlds) |
| dispatchDidClearWindowObjectInWorld(world); |
| } |
| |
| void FrameLoader::dispatchDidClearWindowObjectInWorld(DOMWrapperWorld& world) |
| { |
| if (!m_frame.script().canExecuteScripts(NotAboutToExecuteScript) || !m_frame.windowProxy().existingJSWindowProxy(world)) |
| return; |
| |
| m_client.dispatchDidClearWindowObjectInWorld(world); |
| |
| if (Page* page = m_frame.page()) |
| page->inspectorController().didClearWindowObjectInWorld(m_frame, world); |
| |
| InspectorInstrumentation::didClearWindowObjectInWorld(m_frame, world); |
| } |
| |
| void FrameLoader::dispatchGlobalObjectAvailableInAllWorlds() |
| { |
| Vector<Ref<DOMWrapperWorld>> worlds; |
| ScriptController::getAllWorlds(worlds); |
| for (auto& world : worlds) |
| m_client.dispatchGlobalObjectAvailable(world); |
| } |
| |
| SandboxFlags FrameLoader::effectiveSandboxFlags() const |
| { |
| SandboxFlags flags = m_forcedSandboxFlags; |
| if (Frame* parentFrame = m_frame.tree().parent()) |
| flags |= parentFrame->document()->sandboxFlags(); |
| if (HTMLFrameOwnerElement* ownerElement = m_frame.ownerElement()) |
| flags |= ownerElement->sandboxFlags(); |
| return flags; |
| } |
| |
| void FrameLoader::didChangeTitle(DocumentLoader* loader) |
| { |
| m_client.didChangeTitle(loader); |
| |
| if (loader == m_documentLoader) { |
| // Must update the entries in the back-forward list too. |
| history().setCurrentItemTitle(loader->title()); |
| // This must go through the WebFrame because it has the right notion of the current b/f item. |
| m_client.setTitle(loader->title(), loader->urlForHistory()); |
| m_client.setMainFrameDocumentReady(true); // update observers with new DOMDocument |
| m_client.dispatchDidReceiveTitle(loader->title()); |
| } |
| |
| #if ENABLE(REMOTE_INSPECTOR) |
| if (m_frame.isMainFrame()) |
| m_frame.page()->remoteInspectorInformationDidChange(); |
| #endif |
| } |
| |
| void FrameLoader::dispatchDidCommitLoad(std::optional<HasInsecureContent> initialHasInsecureContent) |
| { |
| if (m_stateMachine.creatingInitialEmptyDocument()) |
| return; |
| |
| m_client.dispatchDidCommitLoad(initialHasInsecureContent); |
| |
| if (m_frame.isMainFrame()) { |
| m_frame.page()->resetSeenPlugins(); |
| m_frame.page()->resetSeenMediaEngines(); |
| } |
| |
| InspectorInstrumentation::didCommitLoad(m_frame, m_documentLoader.get()); |
| |
| #if ENABLE(REMOTE_INSPECTOR) |
| if (m_frame.isMainFrame()) |
| m_frame.page()->remoteInspectorInformationDidChange(); |
| #endif |
| } |
| |
| void FrameLoader::tellClientAboutPastMemoryCacheLoads() |
| { |
| ASSERT(m_frame.page()); |
| ASSERT(m_frame.page()->areMemoryCacheClientCallsEnabled()); |
| |
| if (!m_documentLoader) |
| return; |
| |
| Vector<ResourceRequest> pastLoads; |
| m_documentLoader->takeMemoryCacheLoadsForClientNotification(pastLoads); |
| |
| for (auto& pastLoad : pastLoads) { |
| CachedResource* resource = MemoryCache::singleton().resourceForRequest(pastLoad, m_frame.page()->sessionID()); |
| |
| // FIXME: These loads, loaded from cache, but now gone from the cache by the time |
| // Page::setMemoryCacheClientCallsEnabled(true) is called, will not be seen by the client. |
| // Consider if there's some efficient way of remembering enough to deliver this client call. |
| // We have the URL, but not the rest of the response or the length. |
| if (!resource) |
| continue; |
| |
| ResourceRequest request(resource->url()); |
| m_client.dispatchDidLoadResourceFromMemoryCache(m_documentLoader.get(), request, resource->response(), resource->encodedSize()); |
| } |
| } |
| |
| NetworkingContext* FrameLoader::networkingContext() const |
| { |
| return m_networkingContext.get(); |
| } |
| |
| void FrameLoader::loadProgressingStatusChanged() |
| { |
| if (auto* view = m_frame.mainFrame().view()) |
| view->loadProgressingStatusChanged(); |
| } |
| |
| void FrameLoader::forcePageTransitionIfNeeded() |
| { |
| m_client.forcePageTransitionIfNeeded(); |
| } |
| |
| void FrameLoader::clearTestingOverrides() |
| { |
| m_overrideCachePolicyForTesting = std::nullopt; |
| m_overrideResourceLoadPriorityForTesting = std::nullopt; |
| m_isStrictRawResourceValidationPolicyDisabledForTesting = false; |
| } |
| |
| bool FrameLoader::isAlwaysOnLoggingAllowed() const |
| { |
| return frame().isAlwaysOnLoggingAllowed(); |
| } |
| |
| bool FrameLoaderClient::hasHTMLView() const |
| { |
| return true; |
| } |
| |
| RefPtr<Frame> createWindow(Frame& openerFrame, Frame& lookupFrame, FrameLoadRequest&& request, const WindowFeatures& features, bool& created) |
| { |
| ASSERT(!features.dialog || request.frameName().isEmpty()); |
| |
| created = false; |
| |
| // FIXME: Provide line number information with respect to the opener's document. |
| if (protocolIsJavaScript(request.resourceRequest().url()) && !openerFrame.document()->contentSecurityPolicy()->allowJavaScriptURLs(openerFrame.document()->url(), { })) |
| return nullptr; |
| |
| if (!request.frameName().isEmpty() && !equalIgnoringASCIICase(request.frameName(), "_blank")) { |
| if (RefPtr<Frame> frame = lookupFrame.loader().findFrameForNavigation(request.frameName(), openerFrame.document())) { |
| if (!equalIgnoringASCIICase(request.frameName(), "_self")) { |
| if (Page* page = frame->page()) |
| page->chrome().focus(); |
| } |
| return frame; |
| } |
| } |
| |
| // Sandboxed frames cannot open new auxiliary browsing contexts. |
| if (isDocumentSandboxed(openerFrame, SandboxPopups)) { |
| // FIXME: This message should be moved off the console once a solution to https://bugs.webkit.org/show_bug.cgi?id=103274 exists. |
| openerFrame.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Blocked opening '" + request.resourceRequest().url().stringCenterEllipsizedToLength() + "' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set."); |
| return nullptr; |
| } |
| |
| // FIXME: Setting the referrer should be the caller's responsibility. |
| String referrer = SecurityPolicy::generateReferrerHeader(openerFrame.document()->referrerPolicy(), request.resourceRequest().url(), openerFrame.loader().outgoingReferrer()); |
| if (!referrer.isEmpty()) |
| request.resourceRequest().setHTTPReferrer(referrer); |
| FrameLoader::addHTTPOriginIfNeeded(request.resourceRequest(), openerFrame.loader().outgoingOrigin()); |
| FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded(request.resourceRequest()); |
| FrameLoader::addSameSiteInfoToRequestIfNeeded(request.resourceRequest(), openerFrame.document()); |
| |
| Page* oldPage = openerFrame.page(); |
| if (!oldPage) |
| return nullptr; |
| |
| ShouldOpenExternalURLsPolicy shouldOpenExternalURLsPolicy = shouldOpenExternalURLsPolicyToApply(openerFrame, request); |
| NavigationAction action { request.requester(), request.resourceRequest(), request.initiatedByMainFrame(), NavigationType::Other, shouldOpenExternalURLsPolicy }; |
| Page* page = oldPage->chrome().createWindow(openerFrame, request, features, action); |
| if (!page) |
| return nullptr; |
| |
| RefPtr<Frame> frame = &page->mainFrame(); |
| |
| if (isDocumentSandboxed(openerFrame, SandboxPropagatesToAuxiliaryBrowsingContexts)) |
| frame->loader().forceSandboxFlags(openerFrame.document()->sandboxFlags()); |
| |
| if (!equalIgnoringASCIICase(request.frameName(), "_blank")) |
| frame->tree().setName(request.frameName()); |
| |
| page->chrome().setToolbarsVisible(features.toolBarVisible || features.locationBarVisible); |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().setStatusbarVisible(features.statusBarVisible); |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().setScrollbarsVisible(features.scrollbarsVisible); |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().setMenubarVisible(features.menuBarVisible); |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().setResizable(features.resizable); |
| |
| // 'x' and 'y' specify the location of the window, while 'width' and 'height' |
| // specify the size of the viewport. We can only resize the window, so adjust |
| // for the difference between the window size and the viewport size. |
| |
| // FIXME: We should reconcile the initialization of viewport arguments between iOS and non-IOS. |
| #if !PLATFORM(IOS) |
| FloatSize viewportSize = page->chrome().pageRect().size(); |
| FloatRect windowRect = page->chrome().windowRect(); |
| if (features.x) |
| windowRect.setX(*features.x); |
| if (features.y) |
| windowRect.setY(*features.y); |
| // Zero width and height mean using default size, not minumum one. |
| if (features.width && *features.width) |
| windowRect.setWidth(*features.width + (windowRect.width() - viewportSize.width())); |
| if (features.height && *features.height) |
| windowRect.setHeight(*features.height + (windowRect.height() - viewportSize.height())); |
| |
| // Ensure non-NaN values, minimum size as well as being within valid screen area. |
| FloatRect newWindowRect = DOMWindow::adjustWindowRect(*page, windowRect); |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().setWindowRect(newWindowRect); |
| #else |
| // On iOS, width and height refer to the viewport dimensions. |
| ViewportArguments arguments; |
| // Zero width and height mean using default size, not minimum one. |
| if (features.width && *features.width) |
| arguments.width = *features.width; |
| if (features.height && *features.height) |
| arguments.height = *features.height; |
| frame->setViewportArguments(arguments); |
| #endif |
| |
| if (!frame->page()) |
| return nullptr; |
| page->chrome().show(); |
| |
| created = true; |
| return frame; |
| } |
| |
| bool FrameLoader::shouldSuppressTextInputFromEditing() const |
| { |
| return m_frame.settings().shouldSuppressTextInputFromEditingDuringProvisionalNavigation() && m_state == FrameStateProvisional; |
| } |
| |
| } // namespace WebCore |