diff options
author | michaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-02-22 20:03:01 +0000 |
---|---|---|
committer | michaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-02-22 20:03:01 +0000 |
commit | eb2ee141e4b40cbc89baaa982c77fe10da6c9f48 (patch) | |
tree | 889fc7e7b89c0483cf97973289d4dff251c6f25b /webkit/appcache/appcache_update_job.cc | |
parent | f72298c8e0ce1427e8ed682ca5dad0573d6c2763 (diff) | |
download | chromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.zip chromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.tar.gz chromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.tar.bz2 |
Appcache cross-origin HTTPS resources.
BUG=69594
TEST=updated unit tests
Review URL: http://codereview.chromium.org/6526037
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75622 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/appcache/appcache_update_job.cc')
-rw-r--r-- | webkit/appcache/appcache_update_job.cc | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/webkit/appcache/appcache_update_job.cc b/webkit/appcache/appcache_update_job.cc index f2fe26f..d0d4e3b 100644 --- a/webkit/appcache/appcache_update_job.cc +++ b/webkit/appcache/appcache_update_job.cc @@ -123,10 +123,27 @@ void AppCacheUpdateJob::URLFetcher::OnResponseStarted( DCHECK(request == request_); if (request->status().is_success() && (request->GetResponseCode() / 100) == 2) { + + // See http://code.google.com/p/chromium/issues/detail?id=69594 + // We willfully violate the HTML5 spec at this point in order + // to support the appcaching of cross-origin HTTPS resources. + // We've opted for a milder constraint and allow caching unless + // the resource has a "no-store" header. A spec change has been + // requested on the whatwg list. + // TODO(michaeln): Consider doing this for cross-origin HTTP resources too. + if (url_.SchemeIsSecure() && + url_.GetOrigin() != job_->manifest_url_.GetOrigin()) { + if (request->response_headers()-> + HasHeaderValue("cache-control", "no-store")) { + request->Cancel(); + OnResponseCompleted(); + return; + } + } + // Write response info to storage for URL fetches. Wait for async write // completion before reading any response data. - if (fetch_type_ == URL_FETCH || - fetch_type_ == MASTER_ENTRY_FETCH) { + if (fetch_type_ == URL_FETCH || fetch_type_ == MASTER_ENTRY_FETCH) { response_writer_.reset(job_->CreateResponseWriter()); scoped_refptr<HttpResponseInfoIOBuffer> io_buffer( new HttpResponseInfoIOBuffer( |