CacheValidation.cpp [plain text]
#include "config.h"
#include "CacheValidation.h"
#include "CookiesStrategy.h"
#include "HTTPHeaderMap.h"
#include "NetworkStorageSession.h"
#include "PlatformCookieJar.h"
#include "PlatformStrategies.h"
#include "ResourceRequest.h"
#include "ResourceResponse.h"
#include <wtf/CurrentTime.h>
#include <wtf/text/StringView.h>
namespace WebCore {
const char* const headersToIgnoreAfterRevalidation[] = {
"allow",
"connection",
"etag",
"keep-alive",
"last-modified"
"proxy-authenticate",
"proxy-connection",
"trailer",
"transfer-encoding",
"upgrade",
"www-authenticate",
"x-frame-options",
"x-xss-protection",
};
const char* const headerPrefixesToIgnoreAfterRevalidation[] = {
"content-",
"x-content-",
"x-webkit-"
};
static inline bool shouldUpdateHeaderAfterRevalidation(const String& header)
{
for (auto& headerToIgnore : headersToIgnoreAfterRevalidation) {
if (equalIgnoringASCIICase(header, headerToIgnore))
return false;
}
for (size_t i = 0; i < WTF_ARRAY_LENGTH(headerPrefixesToIgnoreAfterRevalidation); i++) {
if (header.startsWith(headerPrefixesToIgnoreAfterRevalidation[i], false))
return false;
}
return true;
}
void updateResponseHeadersAfterRevalidation(ResourceResponse& response, const ResourceResponse& validatingResponse)
{
for (const auto& header : validatingResponse.httpHeaderFields()) {
if (!shouldUpdateHeaderAfterRevalidation(header.key))
continue;
response.setHTTPHeaderField(header.key, header.value);
}
}
std::chrono::microseconds computeCurrentAge(const ResourceResponse& response, std::chrono::system_clock::time_point responseTime)
{
using namespace std::chrono;
auto dateValue = response.date();
auto apparentAge = dateValue ? std::max(0us, duration_cast<microseconds>(responseTime - *dateValue)) : 0us;
auto ageValue = response.age().valueOr(0us);
auto correctedInitialAge = std::max(apparentAge, ageValue);
auto residentTime = duration_cast<microseconds>(system_clock::now() - responseTime);
return correctedInitialAge + residentTime;
}
std::chrono::microseconds computeFreshnessLifetimeForHTTPFamily(const ResourceResponse& response, std::chrono::system_clock::time_point responseTime)
{
using namespace std::chrono;
ASSERT(response.url().protocolIsInHTTPFamily());
auto maxAge = response.cacheControlMaxAge();
if (maxAge)
return *maxAge;
auto date = response.date();
auto effectiveDate = date.valueOr(responseTime);
if (auto expires = response.expires())
return duration_cast<microseconds>(*expires - effectiveDate);
switch (response.httpStatusCode()) {
case 301: case 410: return 365 * 24h;
default:
if (auto lastModified = response.lastModified())
return duration_cast<microseconds>((effectiveDate - *lastModified) * 0.1);
return 0us;
}
}
void updateRedirectChainStatus(RedirectChainCacheStatus& redirectChainCacheStatus, const ResourceResponse& response)
{
using namespace std::chrono;
if (redirectChainCacheStatus.status == RedirectChainCacheStatus::NotCachedRedirection)
return;
if (response.cacheControlContainsNoStore() || response.cacheControlContainsNoCache() || response.cacheControlContainsMustRevalidate()) {
redirectChainCacheStatus.status = RedirectChainCacheStatus::NotCachedRedirection;
return;
}
redirectChainCacheStatus.status = RedirectChainCacheStatus::CachedRedirection;
auto responseTimestamp = system_clock::now();
auto endOfValidity = responseTimestamp + computeFreshnessLifetimeForHTTPFamily(response, responseTimestamp) - computeCurrentAge(response, responseTimestamp);
redirectChainCacheStatus.endOfValidity = std::min(redirectChainCacheStatus.endOfValidity, endOfValidity);
}
bool redirectChainAllowsReuse(RedirectChainCacheStatus redirectChainCacheStatus, ReuseExpiredRedirectionOrNot reuseExpiredRedirection)
{
switch (redirectChainCacheStatus.status) {
case RedirectChainCacheStatus::NoRedirection:
return true;
case RedirectChainCacheStatus::NotCachedRedirection:
return false;
case RedirectChainCacheStatus::CachedRedirection:
return reuseExpiredRedirection || std::chrono::system_clock::now() <= redirectChainCacheStatus.endOfValidity;
}
ASSERT_NOT_REACHED();
return false;
}
inline bool isCacheHeaderSeparator(UChar c)
{
switch (c) {
case '(':
case ')':
case '<':
case '>':
case '@':
case ',':
case ';':
case ':':
case '\\':
case '"':
case '/':
case '[':
case ']':
case '?':
case '=':
case '{':
case '}':
case ' ':
case '\t':
return true;
default:
return false;
}
}
inline bool isControlCharacterOrSpace(UChar character)
{
return character <= ' ' || character == 127;
}
inline StringView trimToNextSeparator(StringView string)
{
return string.substring(0, string.find(isCacheHeaderSeparator));
}
static Vector<std::pair<String, String>> parseCacheHeader(const String& header)
{
Vector<std::pair<String, String>> result;
String safeHeaderString = header.removeCharacters(isControlCharacterOrSpace);
StringView safeHeader = safeHeaderString;
unsigned max = safeHeader.length();
unsigned pos = 0;
while (pos < max) {
size_t nextCommaPosition = safeHeader.find(',', pos);
size_t nextEqualSignPosition = safeHeader.find('=', pos);
if (nextEqualSignPosition == notFound && nextCommaPosition == notFound) {
result.append({ trimToNextSeparator(safeHeader.substring(pos, max - pos)).toString(), emptyString() });
return result;
}
if (nextCommaPosition != notFound && (nextCommaPosition < nextEqualSignPosition || nextEqualSignPosition == notFound)) {
result.append({ trimToNextSeparator(safeHeader.substring(pos, nextCommaPosition - pos)).toString(), emptyString() });
pos += nextCommaPosition - pos + 1;
continue;
}
String directive = trimToNextSeparator(safeHeader.substring(pos, nextEqualSignPosition - pos)).toString();
pos += nextEqualSignPosition - pos + 1;
StringView value = safeHeader.substring(pos, max - pos);
if (value[0] == '"') {
size_t nextDoubleQuotePosition = value.find('"', 1);
if (nextDoubleQuotePosition == notFound) {
result.append({ directive, trimToNextSeparator(value.substring(1)).toString() });
return result;
}
result.append({ directive, value.substring(1, nextDoubleQuotePosition - 1).toString() });
pos += (safeHeader.find('"', pos) - pos) + nextDoubleQuotePosition + 1;
size_t nextCommaPosition2 = safeHeader.find(',', pos);
if (nextCommaPosition2 == notFound)
return result; pos += nextCommaPosition2 - pos + 1;
continue;
}
size_t nextCommaPosition2 = value.find(',');
if (nextCommaPosition2 == notFound) {
result.append({ directive, trimToNextSeparator(value).toString() });
return result;
}
result.append({ directive, trimToNextSeparator(value.substring(0, nextCommaPosition2)).toString() });
pos += (safeHeader.find(',', pos) - pos) + 1;
}
return result;
}
CacheControlDirectives parseCacheControlDirectives(const HTTPHeaderMap& headers)
{
using namespace std::chrono;
CacheControlDirectives result;
String cacheControlValue = headers.get(HTTPHeaderName::CacheControl);
if (!cacheControlValue.isEmpty()) {
auto directives = parseCacheHeader(cacheControlValue);
size_t directivesSize = directives.size();
for (size_t i = 0; i < directivesSize; ++i) {
if (equalLettersIgnoringASCIICase(directives[i].first, "no-cache") && directives[i].second.isEmpty())
result.noCache = true;
else if (equalLettersIgnoringASCIICase(directives[i].first, "no-store"))
result.noStore = true;
else if (equalLettersIgnoringASCIICase(directives[i].first, "must-revalidate"))
result.mustRevalidate = true;
else if (equalLettersIgnoringASCIICase(directives[i].first, "max-age")) {
if (result.maxAge) {
continue;
}
bool ok;
double maxAge = directives[i].second.toDouble(&ok);
if (ok)
result.maxAge = duration_cast<microseconds>(duration<double>(maxAge));
} else if (equalLettersIgnoringASCIICase(directives[i].first, "max-stale")) {
if (result.maxStale) {
continue;
}
if (directives[i].second.isEmpty()) {
result.maxStale = microseconds::max();
continue;
}
bool ok;
double maxStale = directives[i].second.toDouble(&ok);
if (ok)
result.maxStale = duration_cast<microseconds>(duration<double>(maxStale));
}
}
}
if (!result.noCache) {
String pragmaValue = headers.get(HTTPHeaderName::Pragma);
result.noCache = pragmaValue.contains("no-cache", false);
}
return result;
}
static String headerValueForVary(const ResourceRequest& request, const String& headerName, SessionID sessionID)
{
if (headerName == httpHeaderNameString(HTTPHeaderName::Cookie)) {
auto* cookieStrategy = platformStrategies() ? platformStrategies()->cookiesStrategy() : nullptr;
if (!cookieStrategy) {
ASSERT(sessionID == SessionID::defaultSessionID());
return cookieRequestHeaderFieldValue(NetworkStorageSession::defaultStorageSession(), request.firstPartyForCookies(), request.url());
}
return cookieStrategy->cookieRequestHeaderFieldValue(sessionID, request.firstPartyForCookies(), request.url());
}
return request.httpHeaderField(headerName);
}
Vector<std::pair<String, String>> collectVaryingRequestHeaders(const WebCore::ResourceRequest& request, const WebCore::ResourceResponse& response, SessionID sessionID)
{
String varyValue = response.httpHeaderField(WebCore::HTTPHeaderName::Vary);
if (varyValue.isEmpty())
return { };
Vector<String> varyingHeaderNames;
varyValue.split(',', false, varyingHeaderNames);
Vector<std::pair<String, String>> varyingRequestHeaders;
varyingRequestHeaders.reserveCapacity(varyingHeaderNames.size());
for (auto& varyHeaderName : varyingHeaderNames) {
String headerName = varyHeaderName.stripWhiteSpace();
String headerValue = headerValueForVary(request, headerName, sessionID);
varyingRequestHeaders.append(std::make_pair(headerName, headerValue));
}
return varyingRequestHeaders;
}
bool verifyVaryingRequestHeaders(const Vector<std::pair<String, String>>& varyingRequestHeaders, const WebCore::ResourceRequest& request, SessionID sessionID)
{
for (auto& varyingRequestHeader : varyingRequestHeaders) {
if (varyingRequestHeader.first == "*")
return false;
String headerValue = headerValueForVary(request, varyingRequestHeader.first, sessionID);
if (headerValue != varyingRequestHeader.second)
return false;
}
return true;
}
}