diff options
author | nolan.robin.cao <nolan.robin.cao@gmail.com> | 2016-02-15 09:53:41 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-02-15 17:54:39 +0000 |
commit | 6237c2318370ef36985f4249c9a876578ed825c1 (patch) | |
tree | bbf8da6d9c031547bbf7147b76ed352832444459 | |
parent | 9756e3ee8eb786f7806374e3862d173e1905a140 (diff) | |
download | chromium_src-6237c2318370ef36985f4249c9a876578ed825c1.zip chromium_src-6237c2318370ef36985f4249c9a876578ed825c1.tar.gz chromium_src-6237c2318370ef36985f4249c9a876578ed825c1.tar.bz2 |
Cache API should reject Responses with VARY:*
The Service Worker spec was changed [1] to ensure that Responses with VARY:*
are rejected by Cache API. Implement that and update test results.
[1] Spec: https://github.com/slightlyoff/ServiceWorker/issues/656#issuecomment-88724007
BUG=476814
Review URL: https://codereview.chromium.org/1671993002
Cr-Commit-Position: refs/heads/master@{#375473}
4 files changed, 26 insertions, 70 deletions
diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt deleted file mode 100644 index feafe1e..0000000 --- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/serviceworker/cache-put-expected.txt +++ /dev/null @@ -1,24 +0,0 @@ -This is a testharness.js-based test. -PASS Cache.put -PASS Cache.put called with simple Request and Response -PASS Cache.put called with Request and Response from fetch() -PASS Cache.put with Request without a body -PASS Cache.put with Response without a body -PASS Cache.put with a Response containing an empty URL -PASS Cache.put with an empty response body -PASS Cache.put with HTTP 500 response -PASS Cache.put called twice with matching Requests and different Responses -PASS Cache.put called twice with request URLs that differ only by a fragment -PASS Cache.put with a string request -PASS Cache.put with an invalid response -PASS Cache.put with a non-HTTP/HTTPS request -PASS Cache.put with a relative URL -PASS Cache.put with a non-GET request -PASS Cache.put with a null response -PASS Cache.put with a POST request -PASS Cache.put with a used response body -PASS getReader() after Cache.put -FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject." -FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject." -Harness: the test ran to completion. - diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt deleted file mode 100644 index e27a34a..0000000 --- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/window/cache-put-expected.txt +++ /dev/null @@ -1,23 +0,0 @@ -This is a testharness.js-based test. -PASS Cache.put called with simple Request and Response -PASS Cache.put called with Request and Response from fetch() -PASS Cache.put with Request without a body -PASS Cache.put with Response without a body -PASS Cache.put with a Response containing an empty URL -PASS Cache.put with an empty response body -PASS Cache.put with HTTP 500 response -PASS Cache.put called twice with matching Requests and different Responses -PASS Cache.put called twice with request URLs that differ only by a fragment -PASS Cache.put with a string request -PASS Cache.put with an invalid response -PASS Cache.put with a non-HTTP/HTTPS request -PASS Cache.put with a relative URL -PASS Cache.put with a non-GET request -PASS Cache.put with a null response -PASS Cache.put with a POST request -PASS Cache.put with a used response body -PASS getReader() after Cache.put -FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject." -FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject." -Harness: the test ran to completion. - diff --git a/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt b/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt deleted file mode 100644 index e27a34a..0000000 --- a/third_party/WebKit/LayoutTests/http/tests/cachestorage/worker/cache-put-expected.txt +++ /dev/null @@ -1,23 +0,0 @@ -This is a testharness.js-based test. -PASS Cache.put called with simple Request and Response -PASS Cache.put called with Request and Response from fetch() -PASS Cache.put with Request without a body -PASS Cache.put with Response without a body -PASS Cache.put with a Response containing an empty URL -PASS Cache.put with an empty response body -PASS Cache.put with HTTP 500 response -PASS Cache.put called twice with matching Requests and different Responses -PASS Cache.put called twice with request URLs that differ only by a fragment -PASS Cache.put with a string request -PASS Cache.put with an invalid response -PASS Cache.put with a non-HTTP/HTTPS request -PASS Cache.put with a relative URL -PASS Cache.put with a non-GET request -PASS Cache.put with a null response -PASS Cache.put with a POST request -PASS Cache.put with a used response body -PASS getReader() after Cache.put -FAIL Cache.put with a VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject VARY:* Responses with a TypeError. Promise did not reject." -FAIL Cache.put with an embedded VARY:* Response promise_test: Unhandled rejection with value: "assert_promise_rejects: Cache.put should reject Responses with an embedded VARY:* with a TypeError. Promise did not reject." -Harness: the test ran to completion. - diff --git a/third_party/WebKit/Source/modules/cachestorage/Cache.cpp b/third_party/WebKit/Source/modules/cachestorage/Cache.cpp index 27591b76..102ed50 100644 --- a/third_party/WebKit/Source/modules/cachestorage/Cache.cpp +++ b/third_party/WebKit/Source/modules/cachestorage/Cache.cpp @@ -197,6 +197,23 @@ void RecordResponseTypeForAdd(const Member<Response>& response) responseTypeHistogram.count(static_cast<int>(type)); }; +bool varyHeaderContainsAsterisk(const Response* response) +{ + const FetchHeaderList* headers = response->headers()->headerList(); + for (size_t i = 0; i < headers->size(); ++i) { + const FetchHeaderList::Header& header = headers->entry(i); + if (header.first == "vary") { + Vector<String> fields; + header.second.split(',', fields); + for (size_t j = 0; j < fields.size(); ++j) { + if (fields[j].stripWhiteSpace() == "*") + return true; + } + } + } + return false; +} + } // namespace // TODO(nhiroki): Unfortunately, we have to go through V8 to wait for the fetch @@ -219,6 +236,10 @@ public: ScriptPromise rejection = ScriptPromise::reject(scriptState(), V8ThrowException::createTypeError(scriptState()->isolate(), "Request failed")); return ScriptValue(scriptState(), rejection.v8Value()); } + if (varyHeaderContainsAsterisk(response)) { + ScriptPromise rejection = ScriptPromise::reject(scriptState(), V8ThrowException::createTypeError(scriptState()->isolate(), "Vary header contains *")); + return ScriptValue(scriptState(), rejection.v8Value()); + } } for (const auto& response : responses) @@ -547,6 +568,11 @@ ScriptPromise Cache::putImpl(ScriptState* scriptState, const HeapVector<Member<R } ASSERT(!requests[i]->hasBody()); + if (varyHeaderContainsAsterisk(responses[i])) { + barrierCallback->onError("Vary header contains *"); + return promise; + } + if (responses[i]->isBodyLocked() || responses[i]->bodyUsed()) { barrierCallback->onError("Response body is already used"); return promise; |