summaryrefslogtreecommitdiffstats
path: root/webkit/appcache/appcache_update_job.cc
diff options
context:
space:
mode:
authormichaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2011-02-22 20:03:01 +0000
committermichaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2011-02-22 20:03:01 +0000
commiteb2ee141e4b40cbc89baaa982c77fe10da6c9f48 (patch)
tree889fc7e7b89c0483cf97973289d4dff251c6f25b /webkit/appcache/appcache_update_job.cc
parentf72298c8e0ce1427e8ed682ca5dad0573d6c2763 (diff)
downloadchromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.zip
chromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.tar.gz
chromium_src-eb2ee141e4b40cbc89baaa982c77fe10da6c9f48.tar.bz2
Appcache cross-origin HTTPS resources.
BUG=69594 TEST=updated unit tests Review URL: http://codereview.chromium.org/6526037 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75622 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/appcache/appcache_update_job.cc')
-rw-r--r--webkit/appcache/appcache_update_job.cc21
1 files changed, 19 insertions, 2 deletions
diff --git a/webkit/appcache/appcache_update_job.cc b/webkit/appcache/appcache_update_job.cc
index f2fe26f..d0d4e3b 100644
--- a/webkit/appcache/appcache_update_job.cc
+++ b/webkit/appcache/appcache_update_job.cc
@@ -123,10 +123,27 @@ void AppCacheUpdateJob::URLFetcher::OnResponseStarted(
DCHECK(request == request_);
if (request->status().is_success() &&
(request->GetResponseCode() / 100) == 2) {
+
+ // See http://code.google.com/p/chromium/issues/detail?id=69594
+ // We willfully violate the HTML5 spec at this point in order
+ // to support the appcaching of cross-origin HTTPS resources.
+ // We've opted for a milder constraint and allow caching unless
+ // the resource has a "no-store" header. A spec change has been
+ // requested on the whatwg list.
+ // TODO(michaeln): Consider doing this for cross-origin HTTP resources too.
+ if (url_.SchemeIsSecure() &&
+ url_.GetOrigin() != job_->manifest_url_.GetOrigin()) {
+ if (request->response_headers()->
+ HasHeaderValue("cache-control", "no-store")) {
+ request->Cancel();
+ OnResponseCompleted();
+ return;
+ }
+ }
+
// Write response info to storage for URL fetches. Wait for async write
// completion before reading any response data.
- if (fetch_type_ == URL_FETCH ||
- fetch_type_ == MASTER_ENTRY_FETCH) {
+ if (fetch_type_ == URL_FETCH || fetch_type_ == MASTER_ENTRY_FETCH) {
response_writer_.reset(job_->CreateResponseWriter());
scoped_refptr<HttpResponseInfoIOBuffer> io_buffer(
new HttpResponseInfoIOBuffer(