diff options
Diffstat (limited to 'chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc')
-rw-r--r-- | chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc b/chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc index cd2ec6c9b14..40e9601c5fb 100644 --- a/chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc +++ b/chromium/third_party/blink/renderer/platform/loader/fetch/resource_loader.cc @@ -418,7 +418,7 @@ ResourceLoader::ResourceLoader(ResourceFetcher* fetcher, ResourceLoader::~ResourceLoader() = default; -void ResourceLoader::Trace(Visitor* visitor) { +void ResourceLoader::Trace(Visitor* visitor) const { visitor->Trace(fetcher_); visitor->Trace(scheduler_); visitor->Trace(resource_); @@ -749,6 +749,8 @@ bool ResourceLoader::WillFollowRedirect( const ResourceResponse& redirect_response( passed_redirect_response.ToResourceResponse()); + const KURL& url_before_redirects = initial_request.Url(); + if (!IsManualRedirectFetchRequest(initial_request)) { bool unused_preload = resource_->IsUnusedPreload(); @@ -761,14 +763,13 @@ bool ResourceLoader::WillFollowRedirect( // ensure that violations are sent. Context().CheckCSPForRequest( request_context, request_destination, new_url, options, - reporting_disposition, + reporting_disposition, url_before_redirects, ResourceRequest::RedirectStatus::kFollowedRedirect); base::Optional<ResourceRequestBlockedReason> blocked_reason = - Context().CanRequest( - resource_type, *new_request, new_url, options, - reporting_disposition, - ResourceRequest::RedirectStatus::kFollowedRedirect); + Context().CanRequest(resource_type, *new_request, new_url, options, + reporting_disposition, + new_request->GetRedirectInfo()); if (Context().CalculateIfAdSubresource(*new_request, resource_type, options.initiator_info)) @@ -1043,18 +1044,24 @@ void ResourceLoader::DidReceiveResponseInternal( // pre-request checks, and consider running the checks regardless of service // worker interception. const KURL& response_url = response.ResponseUrl(); + const base::Optional<ResourceRequest::RedirectInfo>& + previous_redirect_info = request.GetRedirectInfo(); + const KURL& original_url = previous_redirect_info + ? previous_redirect_info->original_url + : request.Url(); + const ResourceRequest::RedirectInfo redirect_info(original_url, + request.Url()); // CanRequest() below only checks enforced policies: check report-only // here to ensure violations are sent. Context().CheckCSPForRequest( request_context, request_destination, response_url, options, - ReportingDisposition::kReport, + ReportingDisposition::kReport, original_url, ResourceRequest::RedirectStatus::kFollowedRedirect); base::Optional<ResourceRequestBlockedReason> blocked_reason = - Context().CanRequest( - resource_type, ResourceRequest(initial_request), response_url, - options, ReportingDisposition::kReport, - ResourceRequest::RedirectStatus::kFollowedRedirect); + Context().CanRequest(resource_type, ResourceRequest(initial_request), + response_url, options, + ReportingDisposition::kReport, redirect_info); if (blocked_reason) { HandleError(ResourceError::CancelledDueToAccessCheckError( response_url, blocked_reason.value())); |