A sub-task for the OOR-CORS to support preflight. Design: https://docs.google.com/document/d/1JNmUcvbw2UcjfdI2uyUpveHXCbae-DQ1n8d_sVs5fLg/edit#heading=h.t697g1r710gr
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/62beb0a028e349f1e029f88b5ec12a37654a3bfc commit 62beb0a028e349f1e029f88b5ec12a37654a3bfc Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Fri Feb 02 07:23:14 2018 OOR-CORS: move CORS safelist check to services/network This is a preparation to implement CORS preflight in content/network. These methods originally in FetchUtils are used to create a blink ResourceRequest or URLRequest for a CORS preflight request. Original code roughly implements the mime-type checks, but new implementation relies on //net API that checks mime-type strictly. This will cause a behavior change, and some that were in a wrong format but luckily passed will start failing. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Iaac0809d4af9011cf4bcc9e7e431a1b1ad762e0a Reviewed-on: https://chromium-review.googlesource.com/883861 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Cr-Commit-Position: refs/heads/master@{#533986} [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/services/network/public/cpp/cors/cors.h [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/services/network/public/cpp/cors/cors_unittest.cc [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/fetch/FetchHeaderList.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/fetch/FetchManager.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/fetch/Headers.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/fetch/Request.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/modules/background_fetch/BackgroundFetchManager.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/modules/beacon/NavigatorBeacon.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/exported/WebCORS.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/exported/WebCORSPreflightResultCache.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/loader/cors/CORS.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/loader/cors/CORS.h [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/loader/fetch/FetchUtils.cpp [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/Source/platform/loader/fetch/FetchUtils.h [modify] https://crrev.com/62beb0a028e349f1e029f88b5ec12a37654a3bfc/third_party/WebKit/public/platform/WebCORS.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5b6a88a9bff62563a0c9c0b0eaaafabbaf53c896 commit 5b6a88a9bff62563a0c9c0b0eaaafabbaf53c896 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Wed Feb 14 06:26:38 2018 OOR-CORS: move fetch forbidden header check to services/network Since IsForbiddenHeaderName() is needed to be called even in services/network, this patch moves its implementation from platform/loader to services/network to be used in network service, the browser process, and Blink. DEFINE_THREAD_SAFE_STATIC_LOCAL is not needed outside Blink, and static local variable can be accessed safely among multiple-threads. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Idbd298e9a9528b26b3c0d906dc246303bc9a576b Reviewed-on: https://chromium-review.googlesource.com/910131 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Cr-Commit-Position: refs/heads/master@{#536663} [modify] https://crrev.com/5b6a88a9bff62563a0c9c0b0eaaafabbaf53c896/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/5b6a88a9bff62563a0c9c0b0eaaafabbaf53c896/services/network/public/cpp/cors/cors.h [modify] https://crrev.com/5b6a88a9bff62563a0c9c0b0eaaafabbaf53c896/third_party/WebKit/Source/platform/loader/fetch/FetchUtils.cpp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a2e932e3b7b49ffe691f8248479eba3404f8f71a commit a2e932e3b7b49ffe691f8248479eba3404f8f71a Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Mon Feb 19 09:48:08 2018 OOR-CORS: Modifies CORS::GetErrorString to take a unified struct CORS::GetErrorString takes multiple arguments, and required parameters depend on error kinds. This will make developers who want to call it be confused, when we add more parameters, we need to modify all call sites. This patch introduces CORS::ErrorParameter to unify parameters for GetErrorString. This solves problems mentioned above, and also allows us to have better coding error checks. Once the OOR migration is done, we will be able to remove error specific ErrorParameter builders, or can even remove ErrorParameter again because we can remove the most intermediate call sites from Blink. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I2647ddfea4c48aa48a744b8b636d032aec3531e1 Reviewed-on: https://chromium-review.googlesource.com/918323 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Cr-Commit-Position: refs/heads/master@{#537615} [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/services/network/public/cpp/cors/cors.h [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/BUILD.gn [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/cors/CORS.cpp [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/cors/CORS.h [add] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/cors/CORSErrorString.cpp [add] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/cors/CORSErrorString.h [modify] https://crrev.com/a2e932e3b7b49ffe691f8248479eba3404f8f71a/third_party/WebKit/Source/platform/loader/fetch/ResourceLoader.cpp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8 commit 46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Tue Feb 20 13:39:33 2018 OOR-CORS: Port WebCORSPreflightResultCacheItem to network service This patch reimplements WebCORSPreflightResultCacheItem equivalent in network service, and share the implementation between the network service and Blink. The next patch will replace whole WebCORSPreflightResultCache, and this is the preparation to make the next patch small. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Ifa06967830465236dbe198908062e1952095e55b Reviewed-on: https://chromium-review.googlesource.com/915543 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#537769} [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/services/network/public/cpp/BUILD.gn [add] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/services/network/public/cpp/cors/preflight_result.cc [add] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/services/network/public/cpp/cors/preflight_result.h [add] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/services/network/public/cpp/cors/preflight_result_unittest.cc [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/services/network/public/mojom/cors.mojom [delete] https://crrev.com/8c06fa8355e60da4d7c56979458cb9ca2fa24e65/third_party/WebKit/LayoutTests/external/wpt/cors/preflight-cache-expected.txt [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-preflight-star.any.js [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/Source/platform/exported/WebCORSPreflightResultCache.cpp [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/Source/platform/exported/WebCORSPreflightResultCacheTest.cpp [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/Source/platform/loader/cors/CORSErrorString.cpp [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/Source/platform/loader/cors/CORSErrorString.h [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/public/platform/DEPS [modify] https://crrev.com/46d3d442ff6a33e76e5853e1c68e3b5e6e006cb8/third_party/WebKit/public/platform/WebCORSPreflightResultCache.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92 commit a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Thu Feb 22 12:12:13 2018 OOR-CORS: Stop exposing CreateAccessControlPreflightRequest to Blink API This function was exposed to a Blink API, WebCORS, so that out-of-blink CORS can use the same code outside Blink. But, WebURLRequest equivalent in content is network::ResourceRequest, and is very different class. It makes me feel that we want to have different implementation to create a preflight request in Blink and in the network service. This change moves CreateAccessControlPreflightRequest, and related functions and tests to DocumentThreadableLoader. We have a choice to have this in platform/loader/cors as we have others there, but since we have no plan to support CORS-preflight in the platform ResourceFetcher layer, having this in DocumentThreadableLoader would make much sense. Bug: 803766 Change-Id: Id530cd2cf5334c724d591f9ad1c5329dca592ecb Reviewed-on: https://chromium-review.googlesource.com/923229 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#538410} [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/core/BUILD.gn [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.h [add] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/core/loader/DocumentThreadableLoaderTest.cpp [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/platform/exported/WebCORS.cpp [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/Source/platform/exported/WebCORSTest.cpp [modify] https://crrev.com/a396fabdc94f0ccecea3e83e1f9e9cdecfed9e92/third_party/WebKit/public/platform/WebCORS.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/63231ede323e1c0e352c4dcd90e7d0d5b977de5f commit 63231ede323e1c0e352c4dcd90e7d0d5b977de5f Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Mon Feb 26 08:52:53 2018 OOR-CORS: introduce cors::PreflightController This patch introduces cors::PreflightController that will handle URLLoader interfaces to make CORS-preflight request and response for CORS-preflight enabled request from CORSURLLoader in the near future. This will also own a unified CORS-preflight cache. The first patch implements a function that takes an original ResourceRequest and creates a ResourceRequest for a CORS-preflight request. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Iad50a2d297e445bacca8c3fdb364b942d237b5aa Reviewed-on: https://chromium-review.googlesource.com/923907 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#539089} [modify] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/BUILD.gn [rename] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/cors/cors_url_loader_unittest.cc [add] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/cors/preflight_controller.cc [add] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/cors/preflight_controller.h [add] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/63231ede323e1c0e352c4dcd90e7d0d5b977de5f/services/network/public/cpp/cors/cors.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a96c54d701ee674b753084bdbd18c636cd94fdc7 commit a96c54d701ee674b753084bdbd18c636cd94fdc7 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Wed Feb 28 07:04:20 2018 OOR-CORS: Port WebCORSPreflightResultCache to network service This patch implements network::cors::PreflightCache and replaces existing blink::WebCORSPreflightResultCache. Thin wrapper functions for DocumentThreadableLoader are placed in CORS, but these will be removed once OOR-CORS efforts are done. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I78d5c7832e7d104e6ebd7c775220a9add8fe3e49 Reviewed-on: https://chromium-review.googlesource.com/921561 Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#539739} [modify] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/services/network/public/cpp/BUILD.gn [add] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/services/network/public/cpp/cors/preflight_cache.cc [add] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/services/network/public/cpp/cors/preflight_cache.h [add] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/services/network/public/cpp/cors/preflight_cache_unittest.cc [modify] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/third_party/WebKit/Source/platform/BUILD.gn [delete] https://crrev.com/346fd738febe7358c7383db85c570199a824bd1c/third_party/WebKit/Source/platform/exported/WebCORSPreflightResultCache.cpp [delete] https://crrev.com/346fd738febe7358c7383db85c570199a824bd1c/third_party/WebKit/Source/platform/exported/WebCORSPreflightResultCacheTest.cpp [modify] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/third_party/WebKit/Source/platform/loader/cors/CORS.cpp [modify] https://crrev.com/a96c54d701ee674b753084bdbd18c636cd94fdc7/third_party/WebKit/Source/platform/loader/cors/CORS.h [delete] https://crrev.com/346fd738febe7358c7383db85c570199a824bd1c/third_party/WebKit/public/platform/WebCORSPreflightResultCache.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8726890bde326de301dc3b4a22d664754b38f3b0 commit 8726890bde326de301dc3b4a22d664754b38f3b0 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Wed Feb 28 09:36:07 2018 OOR-CORS: drop |skip_service_worker| argument from IsNoCORSAllowedContext Today, the Service Worker spec explicitly defines that requests from all plugins should not be handled by Service Workers, and actually Blink and Pepper set |skip_service_worker| to true, that means |skip_service_worker| is always true for |kRequestContextPlugin|. So, now we can simply remove |skip_service_worker| argument from IsNoCORSAllowedContext, and return always true for |kRequestContextPlugin|. Bug: 803766 Change-Id: I1a421895190bd981439ad0eb02fdc776c9a77c10 Reviewed-on: https://chromium-review.googlesource.com/930611 Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#539767} [modify] https://crrev.com/8726890bde326de301dc3b4a22d664754b38f3b0/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/8726890bde326de301dc3b4a22d664754b38f3b0/third_party/WebKit/Source/platform/exported/WebCORS.cpp [modify] https://crrev.com/8726890bde326de301dc3b4a22d664754b38f3b0/third_party/WebKit/public/platform/WebCORS.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/d92559950377fb22be5f1a082cdb9cd006ffe612 commit d92559950377fb22be5f1a082cdb9cd006ffe612 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Wed Mar 07 09:24:30 2018 OOR-CORS: call Resource::SetSourceOrigin on each Resource creation This is a preparation to merge the source origin and the fetcher origin in Resource. Now the source origin is set when the Resource is cacheable, or for preloads. With this logic, in most cases, SetSourceOrigin is called twice, or isn't called for some cases that do not need the origin for managing the memory cache. This patch makes the origin available on each Resource creation so that all Resource instances can have it to be used for another purpose, e.g. caching meta information for SW, and so on. Bug: 803766 Change-Id: Ib03fbe52f473d6cf70a5920c94f4bf421d851334 Reviewed-on: https://chromium-review.googlesource.com/940364 Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#541392} [modify] https://crrev.com/d92559950377fb22be5f1a082cdb9cd006ffe612/third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5cadf9ffb8602525f7c001f4222a472d9371e5a1 commit 5cadf9ffb8602525f7c001f4222a472d9371e5a1 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Mon Mar 12 08:22:17 2018 OOR-CORS: unify Resource's fetcher security origin to the source origin To simplify how Blink handles origins, I will remove the fetcher security origin from the Resource. It was used for caching SW related meta data, but the new source origin would match the concept better. Bug: 803766 , 811669 Change-Id: I872cbc33a640126bacfc79ff15f16b588d35fc02 Reviewed-on: https://chromium-review.googlesource.com/940286 Reviewed-by: Tsuyoshi Horo <horo@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#542442} [modify] https://crrev.com/5cadf9ffb8602525f7c001f4222a472d9371e5a1/third_party/WebKit/Source/platform/loader/fetch/Resource.cpp [modify] https://crrev.com/5cadf9ffb8602525f7c001f4222a472d9371e5a1/third_party/WebKit/Source/platform/loader/fetch/Resource.h [modify] https://crrev.com/5cadf9ffb8602525f7c001f4222a472d9371e5a1/third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f7f9493df845d725f34cbf50e2437456d3be3bea commit f7f9493df845d725f34cbf50e2437456d3be3bea Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Tue Mar 27 08:32:58 2018 OOR-CORS: Simplify DocumentThreadableLoader's preflight request creation code Now DocumentThreadableLoader uses Blink API types to construct a CORS-preflight request, but this isn't necessary. Also, this change prefer using std::unique_ptr for ResourceRequest so to respect the direction of crbug.com/787704. Bug: 803766 , 787704 Change-Id: I897b17b7ea20e47316c05436c7d36438e03f2d7d Reviewed-on: https://chromium-review.googlesource.com/964074 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#546062} [modify] https://crrev.com/f7f9493df845d725f34cbf50e2437456d3be3bea/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp [modify] https://crrev.com/f7f9493df845d725f34cbf50e2437456d3be3bea/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.h [modify] https://crrev.com/f7f9493df845d725f34cbf50e2437456d3be3bea/third_party/WebKit/Source/core/loader/DocumentThreadableLoaderTest.cpp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b5ebd0c64c9d694aa356f626abc0ab9898343623 commit b5ebd0c64c9d694aa356f626abc0ab9898343623 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Tue Apr 03 11:30:34 2018 OOR-CORS: use request_initiator for setting preflight Origin header Blink should set the request_initiator correctly to use OOR-CORS for security checks. Blink had several Origin variants, but now the right SecurityOrigin is set to the blink::ResourceRequest's RequestorOrigin. If something get broken, we need to modify Blink-site to set a suitable origin. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Ic5e184a58009189f128082c4232526e046e743cc Reviewed-on: https://chromium-review.googlesource.com/964103 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#547670} [modify] https://crrev.com/b5ebd0c64c9d694aa356f626abc0ab9898343623/services/network/cors/preflight_controller.cc [modify] https://crrev.com/b5ebd0c64c9d694aa356f626abc0ab9898343623/services/network/cors/preflight_controller_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f66381076fa5d0a88273718f1ccc2b40fe5201ee commit f66381076fa5d0a88273718f1ccc2b40fe5201ee Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Fri Apr 06 09:13:53 2018 OOR-CORS: implement CORS preflicht in the network service This patch adds preflight cache and request implementation in cors::PreflightController. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I3681fee55e58636c00218e25eafc446bdd9e30e8 Tbr: kinuko@chromium.org Reviewed-on: https://chromium-review.googlesource.com/992212 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#548720} [modify] https://crrev.com/f66381076fa5d0a88273718f1ccc2b40fe5201ee/services/network/cors/preflight_controller.cc [modify] https://crrev.com/f66381076fa5d0a88273718f1ccc2b40fe5201ee/services/network/cors/preflight_controller.h [modify] https://crrev.com/f66381076fa5d0a88273718f1ccc2b40fe5201ee/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/f66381076fa5d0a88273718f1ccc2b40fe5201ee/services/network/public/mojom/cors.mojom
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0700c6770ebc779f77b17b7f9faff79e48f90e85 commit 0700c6770ebc779f77b17b7f9faff79e48f90e85 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Fri Apr 06 12:14:54 2018 OOR-CORS: Define more CORS related header names and use them Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Idf30c00040eb3196902a4a611e2b51b00e995ca9 Reviewed-on: https://chromium-review.googlesource.com/996735 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#548742} [modify] https://crrev.com/0700c6770ebc779f77b17b7f9faff79e48f90e85/services/network/cors/preflight_controller.cc [modify] https://crrev.com/0700c6770ebc779f77b17b7f9faff79e48f90e85/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/0700c6770ebc779f77b17b7f9faff79e48f90e85/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/0700c6770ebc779f77b17b7f9faff79e48f90e85/services/network/public/cpp/cors/cors.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5d8e1a05fa705f53e8832e48e8332bbb9b33aaa4 commit 5d8e1a05fa705f53e8832e48e8332bbb9b33aaa4 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Mon Apr 09 11:11:04 2018 OOR-CORS: join split OOR/Blink CORS code paths To make changes following to support OOR-CORS understandable, join split CORS code paths again. DocumentThreadableLoader still has |out_of_blink_cors_| flag to switch behaviors. At this point, it differentiates response handling since CORS checks in OOR-CORS mode are always performed in Network Service side. This patch should not change any behavior in both CORS modes. Bug: 803766 Change-Id: Iffd4e56be95df0ce70afb94a2bfe8ca77001f684 Reviewed-on: https://chromium-review.googlesource.com/999460 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#549148} [modify] https://crrev.com/5d8e1a05fa705f53e8832e48e8332bbb9b33aaa4/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/5d8e1a05fa705f53e8832e48e8332bbb9b33aaa4/third_party/blink/renderer/core/loader/document_threadable_loader.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/1139efa963e19087c1d6ad965052cdd5117e381a commit 1139efa963e19087c1d6ad965052cdd5117e381a Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Tue Apr 10 07:33:15 2018 OOR-CORS: move network::CORSURLLoader{Factory} outside of public/cpp Since these files are not used by Blink, we can put them in services/network/cors. This will make it easier for CORSURLLoader to depend on cors::PreflightController. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Ibebe686a54e70872b33db06bf7ed72d653d4d1f6 Reviewed-on: https://chromium-review.googlesource.com/999692 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#549444} [modify] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/content/browser/loader/resource_message_filter.cc [modify] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/BUILD.gn [rename] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/cors/cors_url_loader.cc [rename] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/cors/cors_url_loader.h [rename] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/cors/cors_url_loader_factory.cc [rename] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/cors/cors_url_loader_factory.h [modify] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/cors/cors_url_loader_unittest.cc [modify] https://crrev.com/1139efa963e19087c1d6ad965052cdd5117e381a/services/network/public/cpp/BUILD.gn
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/58b5d61eb090fbe8aa6dfea4172b43df2e3845b0 commit 58b5d61eb090fbe8aa6dfea4172b43df2e3845b0 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Wed Apr 18 09:52:30 2018 OOR-CORS: strip username and password in CORSURLLoader In the legacy Blink CORS, these information are stripped in DocumentThreadableLoader in MakeCrossOriginAccessRequest(). Current OOR-CORS implementation only has DCHECKS for them, but hasn't stripped. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: If1a4657804215a8ce9a302acb658f9407348a79a Reviewed-on: https://chromium-review.googlesource.com/999672 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#551621} [modify] https://crrev.com/58b5d61eb090fbe8aa6dfea4172b43df2e3845b0/services/network/cors/cors_url_loader.cc [modify] https://crrev.com/58b5d61eb090fbe8aa6dfea4172b43df2e3845b0/services/network/cors/cors_url_loader.h [modify] https://crrev.com/58b5d61eb090fbe8aa6dfea4172b43df2e3845b0/services/network/cors/cors_url_loader_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/35567f7e33be9b7415fd595b1f67eb9362a15a19 commit 35567f7e33be9b7415fd595b1f67eb9362a15a19 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Mon Apr 23 10:35:00 2018 OOR-CORS: complete preflight checks The initial check-in of OOR-CORS preflight implementation had minimum logic to run a CORS preflight request. This patch adds remaining preflight checks to complete the OOR-CORS preflight logic. The added checks are: - external preflight check - request header checks that are based on preflight response Equivalent code for legacy path exists in CORS::EnsurePreflightResultAndCacheOnSuccess() This patch also changes to hold a copy of the original ResourceRequest instead of having each copy of required ResourceRequest field. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I640455705bce29acd3319bf6f26a99551217f2e6 Bug: 803766 Reviewed-on: https://chromium-review.googlesource.com/996834 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#552663} [modify] https://crrev.com/35567f7e33be9b7415fd595b1f67eb9362a15a19/services/network/cors/preflight_controller.cc [modify] https://crrev.com/35567f7e33be9b7415fd595b1f67eb9362a15a19/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/35567f7e33be9b7415fd595b1f67eb9362a15a19/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/35567f7e33be9b7415fd595b1f67eb9362a15a19/services/network/public/cpp/cors/cors.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5755187e19cf1ec4e7e3216090abbbc146f99fd9 commit 5755187e19cf1ec4e7e3216090abbbc146f99fd9 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Fri Apr 27 19:43:36 2018 OOR-CORS: Use Network Service side CORS-preflight in OOR-CORS mode This patch changes DocumentThreadableLoader not to handle CORS-preflight, but to delegate it to CORSURLLoader. Originally preflight errors and usual CORS errors shared a common error code set, and append extra error strings for preflight errors, based on the context that DocumentThreadableLoader knows. After this change, we define different error code for each case so that DocumentThreadableLoader can create right error strings without error contexts that only CORSURLLoader knows. CORSURLLoader is also modified to set the HTTP Origin header when it is needed, and now use PreflightController to perform required preflight checks. PreflightController is modified to use WrappedLegacyURLLoaderFactory. This is unfortunate, but to make it work with legacy URLLoaderFactory that relies on ResourceDispatcherHost that needs the legacy request_id. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: Ibf82243ecf14be84bb11122f733c4cb9030d41b8 Bug: 803766 Tbr: kinuko@chromium.org Reviewed-on: https://chromium-review.googlesource.com/997914 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#554461} [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/cors/cors_url_loader.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/cors/cors_url_loader.h [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/cors/preflight_controller.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/cors/preflight_controller.h [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/public/cpp/cors/cors.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/public/cpp/cors/cors.h [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/public/cpp/cors/cors_unittest.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/public/cpp/cors/preflight_cache.h [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/services/network/public/mojom/cors.mojom [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/WebKit/LayoutTests/TestExpectations [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/workers/access-control-basic-get-fail-non-simple-expected.txt [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/WebKit/LayoutTests/virtual/outofblink-cors/external/wpt/fetch/api/cors/cors-cookies-redirect.any-expected.txt [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/WebKit/LayoutTests/virtual/outofblink-cors/external/wpt/fetch/api/cors/cors-cookies-redirect.any.worker-expected.txt [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/blink/renderer/platform/loader/cors/cors.cc [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/blink/renderer/platform/loader/cors/cors.h [modify] https://crrev.com/5755187e19cf1ec4e7e3216090abbbc146f99fd9/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/1f675b46670aff95516ec8b9d61bc0f55e930a47 commit 1f675b46670aff95516ec8b9d61bc0f55e930a47 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Sat Apr 28 09:45:43 2018 OOR-CORS: store more information to CORSErrorStatus on preflight errors Current implementation does not store rejected method or header information to CORSErrorStatus on CORS-preflight checks, and results in missing hint parameter on CreateErrorString() in Blink. This patch provides required information to generate right error messages, and fixes some crashed layout tests. Bug: 803766 , 836741 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: If4de6b916a77d204812a7b010e39080bf059bc9e Tbr: kinuko@chromium.org Reviewed-on: https://chromium-review.googlesource.com/1030670 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#554642} [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/services/network/cors/preflight_controller.cc [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/services/network/public/cpp/cors/cors_error_status.cc [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/services/network/public/cpp/cors/cors_error_status.h [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/services/network/public/cpp/network_param_ipc_traits.h [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/third_party/WebKit/LayoutTests/TestExpectations [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/third_party/blink/renderer/platform/loader/cors/cors_error_string.h [modify] https://crrev.com/1f675b46670aff95516ec8b9d61bc0f55e930a47/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/be696555da68c40674d8b7ebac7bce364fae0885 commit be696555da68c40674d8b7ebac7bce364fae0885 Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Sat Apr 28 09:54:43 2018 OOR-CORS: fix to finalize preflight request on some errors Current code does not finalize preflight requests correctly when the preflight request failed without receiving HTTP response headers. Bug: 803766 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I1c91e3ecf76fdb368e3d55256885f52edf6fcbb3 Reviewed-on: https://chromium-review.googlesource.com/1027556 Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#554643} [modify] https://crrev.com/be696555da68c40674d8b7ebac7bce364fae0885/services/network/cors/preflight_controller.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c4189fd6b16899bef539939ab6d3028d17415232 commit c4189fd6b16899bef539939ab6d3028d17415232 Author: Christos Froussios <cfroussios@chromium.org> Date: Mon Apr 30 09:12:04 2018 Revert "OOR-CORS: store more information to CORSErrorStatus on preflight errors" This reverts commit 1f675b46670aff95516ec8b9d61bc0f55e930a47. Reason for revert: Breaks builder WebKit Linux Trusty ASAN Original change's description: > OOR-CORS: store more information to CORSErrorStatus on preflight errors > > Current implementation does not store rejected method or header > information to CORSErrorStatus on CORS-preflight checks, and > results in missing hint parameter on CreateErrorString() in Blink. > This patch provides required information to generate right error > messages, and fixes some crashed layout tests. > > Bug: 803766 , 836741 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo > Change-Id: If4de6b916a77d204812a7b010e39080bf059bc9e > Tbr: kinuko@chromium.org > Reviewed-on: https://chromium-review.googlesource.com/1030670 > Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> > Reviewed-by: Yutaka Hirano <yhirano@chromium.org> > Cr-Commit-Position: refs/heads/master@{#554642} TBR=kinuko@chromium.org,toyoshim@chromium.org,yhirano@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: 803766 , 836741 , 838057 Change-Id: Ia8eb9bf63b1b0c6edda93eb7d45c1bb20d26a7b7 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Reviewed-on: https://chromium-review.googlesource.com/1034532 Reviewed-by: Christos Froussios <cfroussios@chromium.org> Commit-Queue: Christos Froussios <cfroussios@chromium.org> Cr-Commit-Position: refs/heads/master@{#554712} [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/services/network/cors/preflight_controller.cc [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/services/network/public/cpp/cors/cors_error_status.cc [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/services/network/public/cpp/cors/cors_error_status.h [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/services/network/public/cpp/network_param_ipc_traits.h [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/third_party/WebKit/LayoutTests/TestExpectations [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/third_party/blink/renderer/platform/loader/cors/cors_error_string.h [modify] https://crrev.com/c4189fd6b16899bef539939ab6d3028d17415232/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/4741ed4fb65821a94134605ad9ecaf11b61b6786 commit 4741ed4fb65821a94134605ad9ecaf11b61b6786 Author: Christos Froussios <cfroussios@chromium.org> Date: Mon Apr 30 12:25:55 2018 Reland "OOR-CORS: store more information to CORSErrorStatus on preflight errors" This reverts commit c4189fd6b16899bef539939ab6d3028d17415232. Reason for revert: Reverting caused other, bigger failures. I will disable the test instead. Original change's description: > Revert "OOR-CORS: store more information to CORSErrorStatus on preflight errors" > > This reverts commit 1f675b46670aff95516ec8b9d61bc0f55e930a47. > > Reason for revert: Breaks builder WebKit Linux Trusty ASAN > > Original change's description: > > OOR-CORS: store more information to CORSErrorStatus on preflight errors > > > > Current implementation does not store rejected method or header > > information to CORSErrorStatus on CORS-preflight checks, and > > results in missing hint parameter on CreateErrorString() in Blink. > > This patch provides required information to generate right error > > messages, and fixes some crashed layout tests. > > > > Bug: 803766 , 836741 > > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo > > Change-Id: If4de6b916a77d204812a7b010e39080bf059bc9e > > Tbr: kinuko@chromium.org > > Reviewed-on: https://chromium-review.googlesource.com/1030670 > > Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> > > Reviewed-by: Yutaka Hirano <yhirano@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#554642} > > TBR=kinuko@chromium.org,toyoshim@chromium.org,yhirano@chromium.org > > # Not skipping CQ checks because original CL landed > 1 day ago. > > Bug: 803766 , 836741 , 838057 > Change-Id: Ia8eb9bf63b1b0c6edda93eb7d45c1bb20d26a7b7 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo > Reviewed-on: https://chromium-review.googlesource.com/1034532 > Reviewed-by: Christos Froussios <cfroussios@chromium.org> > Commit-Queue: Christos Froussios <cfroussios@chromium.org> > Cr-Commit-Position: refs/heads/master@{#554712} TBR=kinuko@chromium.org,toyoshim@chromium.org,yhirano@chromium.org,cfroussios@chromium.org Change-Id: Iaf20d807cf9f71976a3d1c8a46678afb48682029 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: 803766 , 836741 , 838057 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Reviewed-on: https://chromium-review.googlesource.com/1034702 Reviewed-by: Christos Froussios <cfroussios@chromium.org> Commit-Queue: Christos Froussios <cfroussios@chromium.org> Cr-Commit-Position: refs/heads/master@{#554726} [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/services/network/cors/preflight_controller.cc [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/services/network/public/cpp/cors/cors_error_status.cc [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/services/network/public/cpp/cors/cors_error_status.h [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/services/network/public/cpp/network_param_ipc_traits.h [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/third_party/WebKit/LayoutTests/TestExpectations [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/third_party/blink/renderer/platform/loader/cors/cors_error_string.h [modify] https://crrev.com/4741ed4fb65821a94134605ad9ecaf11b61b6786/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a55aa055bc686157c8a0daa3cb441b875455e5bd commit a55aa055bc686157c8a0daa3cb441b875455e5bd Author: Takashi Toyoshima <toyoshim@chromium.org> Date: Thu May 10 10:44:21 2018 OOR-CORS: define a new CORSError to express disallowed preflight redirect Current PreflightController implementation uses an existing error code to report disallowed preflight redirects tentatively, and results in wrong console messages. This change defines a dedicated error code and use GetErrorString() to generate a console message even for legacy code path. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo Change-Id: I1af9b8570c2811a9a575e4504b88d6b37db688ea Bug: 803766 Tbr: kinuko@chromium.org Reviewed-on: https://chromium-review.googlesource.com/1027558 Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#557490} [modify] https://crrev.com/a55aa055bc686157c8a0daa3cb441b875455e5bd/services/network/cors/preflight_controller.cc [modify] https://crrev.com/a55aa055bc686157c8a0daa3cb441b875455e5bd/services/network/public/mojom/cors.mojom [modify] https://crrev.com/a55aa055bc686157c8a0daa3cb441b875455e5bd/third_party/blink/renderer/core/loader/document_threadable_loader.cc [modify] https://crrev.com/a55aa055bc686157c8a0daa3cb441b875455e5bd/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc [modify] https://crrev.com/a55aa055bc686157c8a0daa3cb441b875455e5bd/third_party/blink/renderer/platform/loader/cors/cors_error_string.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8c7a0e70709bab71c5e0717d36f8fe27e3be3569 commit 8c7a0e70709bab71c5e0717d36f8fe27e3be3569 Author: Yutaka Hirano <yhirano@chromium.org> Date: Wed Jul 11 03:45:31 2018 [OOR-CORS] Suppress preflight when needed With this CL, CORSURLLoader doesn't make a preflight request when - The request mode is no-cors, or - cors_preflight_policy is kPreventPreflight . Bug: 736308, 803766 Cq-Include-Trybots: luci.chromium.try:linux_mojo Change-Id: If0476052f5ad15cc978187dffc984783719c3d2f Reviewed-on: https://chromium-review.googlesource.com/1126840 Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#574061} [modify] https://crrev.com/8c7a0e70709bab71c5e0717d36f8fe27e3be3569/services/network/cors/cors_url_loader.cc [modify] https://crrev.com/8c7a0e70709bab71c5e0717d36f8fe27e3be3569/services/network/public/cpp/network_ipc_param_traits.h [modify] https://crrev.com/8c7a0e70709bab71c5e0717d36f8fe27e3be3569/third_party/WebKit/LayoutTests/TestExpectations
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ec3424c1810196a75492d1e2ba84aa4193d66f81 commit ec3424c1810196a75492d1e2ba84aa4193d66f81 Author: Yutaka Hirano <yhirano@chromium.org> Date: Wed Jul 11 06:13:11 2018 [OOR-CORS] Handle preflight request failure Currently PreflightLoader doesn't do anything when the preflight request fails by network errors. This CL fixes that. Bug: 736308, 803766 Cq-Include-Trybots: luci.chromium.try:linux_mojo Change-Id: Ica8f911e060b185980a653d7ddecb08f5c86c8ac Reviewed-on: https://chromium-review.googlesource.com/1126894 Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Adam Rice <ricea@chromium.org> Cr-Commit-Position: refs/heads/master@{#574085} [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/services/network/cors/cors_url_loader.cc [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/services/network/cors/cors_url_loader.h [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/services/network/cors/preflight_controller.cc [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/services/network/cors/preflight_controller.h [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/services/network/cors/preflight_controller_unittest.cc [modify] https://crrev.com/ec3424c1810196a75492d1e2ba84aa4193d66f81/third_party/WebKit/LayoutTests/TestExpectations
Comment 1 by toyoshim@chromium.org
, Jan 19 2018