- Revision
- 222819
- Author
- [email protected]
- Date
- 2017-10-03 16:35:41 -0700 (Tue, 03 Oct 2017)
Log Message
Share code to normalize an HTTP method
https://bugs.webkit.org/show_bug.cgi?id=177837
Reviewed by Andy Estes.
Currently we duplicate code in XMLHttpRequest and FetchRequest to normalize an HTTP method.
We should add a common helper function and update both classes to make use of it.
No functionality changed. So, no new tests.
* Modules/fetch/FetchRequest.cpp:
(WebCore::setMethod): Modified to use WebCore::normalizeHTTPMethod().
* platform/network/HTTPParsers.cpp:
(WebCore::normalizeHTTPMethod): Moved from XMLHttpRequest.cpp.
* platform/network/HTTPParsers.h:
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::open): Modified to use WebCore::normalizeHTTPMethod().
(WebCore::XMLHttpRequest::uppercaseKnownHTTPMethod): Deleted; moved to HTTPParsers.cpp.
* xml/XMLHttpRequest.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (222818 => 222819)
--- trunk/Source/WebCore/ChangeLog 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/ChangeLog 2017-10-03 23:35:41 UTC (rev 222819)
@@ -1,5 +1,27 @@
2017-10-03 Daniel Bates <[email protected]>
+ Share code to normalize an HTTP method
+ https://bugs.webkit.org/show_bug.cgi?id=177837
+
+ Reviewed by Andy Estes.
+
+ Currently we duplicate code in XMLHttpRequest and FetchRequest to normalize an HTTP method.
+ We should add a common helper function and update both classes to make use of it.
+
+ No functionality changed. So, no new tests.
+
+ * Modules/fetch/FetchRequest.cpp:
+ (WebCore::setMethod): Modified to use WebCore::normalizeHTTPMethod().
+ * platform/network/HTTPParsers.cpp:
+ (WebCore::normalizeHTTPMethod): Moved from XMLHttpRequest.cpp.
+ * platform/network/HTTPParsers.h:
+ * xml/XMLHttpRequest.cpp:
+ (WebCore::XMLHttpRequest::open): Modified to use WebCore::normalizeHTTPMethod().
+ (WebCore::XMLHttpRequest::uppercaseKnownHTTPMethod): Deleted; moved to HTTPParsers.cpp.
+ * xml/XMLHttpRequest.h:
+
+2017-10-03 Daniel Bates <[email protected]>
+
Share code to determine a forbidden method
https://bugs.webkit.org/show_bug.cgi?id=177833
Modified: trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp (222818 => 222819)
--- trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2017-10-03 23:35:41 UTC (rev 222819)
@@ -41,8 +41,7 @@
return Exception { TypeError, ASCIILiteral("Method is not a valid HTTP token.") };
if (isForbiddenMethod(initMethod))
return Exception { TypeError, ASCIILiteral("Method is forbidden.") };
- String method = initMethod.convertToASCIIUppercase();
- request.setHTTPMethod((method == "DELETE" || method == "GET" || method == "HEAD" || method == "OPTIONS" || method == "POST" || method == "PUT") ? method : initMethod);
+ request.setHTTPMethod(normalizeHTTPMethod(initMethod));
return std::nullopt;
}
Modified: trunk/Source/WebCore/platform/network/HTTPParsers.cpp (222818 => 222819)
--- trunk/Source/WebCore/platform/network/HTTPParsers.cpp 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/platform/network/HTTPParsers.cpp 2017-10-03 23:35:41 UTC (rev 222819)
@@ -881,4 +881,19 @@
}
}
+// Implements <https://fetch.spec.whatwg.org/#concept-method-normalize>.
+String normalizeHTTPMethod(const String& method)
+{
+ const char* const methods[] = { "DELETE", "GET", "HEAD", "OPTIONS", "POST", "PUT" };
+ for (auto* value : methods) {
+ if (equalIgnoringASCIICase(method, value)) {
+ // Don't bother allocating a new string if it's already all uppercase.
+ if (method == value)
+ break;
+ return ASCIILiteral { value };
+ }
+ }
+ return method;
}
+
+}
Modified: trunk/Source/WebCore/platform/network/HTTPParsers.h (222818 => 222819)
--- trunk/Source/WebCore/platform/network/HTTPParsers.h 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/platform/network/HTTPParsers.h 2017-10-03 23:35:41 UTC (rev 222819)
@@ -101,6 +101,8 @@
bool isCrossOriginSafeHeader(const String&, const HTTPHeaderSet&);
bool isCrossOriginSafeRequestHeader(HTTPHeaderName, const String&);
+String normalizeHTTPMethod(const String&);
+
inline bool isHTTPSpace(UChar character)
{
return character <= ' ' && (character == ' ' || character == '\n' || character == '\t' || character == '\r');
Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (222818 => 222819)
--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp 2017-10-03 23:35:41 UTC (rev 222819)
@@ -327,20 +327,6 @@
return { };
}
-String XMLHttpRequest::uppercaseKnownHTTPMethod(const String& method)
-{
- const char* const methods[] = { "DELETE", "GET", "HEAD", "OPTIONS", "POST", "PUT" };
- for (auto* value : methods) {
- if (equalIgnoringASCIICase(method, value)) {
- // Don't bother allocating a new string if it's already all uppercase.
- if (method == value)
- break;
- return ASCIILiteral(value);
- }
- }
- return method;
-}
-
ExceptionOr<void> XMLHttpRequest::open(const String& method, const String& url)
{
// If the async argument is omitted, set async to true.
@@ -388,7 +374,7 @@
}
}
- m_method = uppercaseKnownHTTPMethod(method);
+ m_method = normalizeHTTPMethod(method);
m_url = url;
scriptExecutionContext()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(m_url, ContentSecurityPolicy::InsecureRequestType::Load);
Modified: trunk/Source/WebCore/xml/XMLHttpRequest.h (222818 => 222819)
--- trunk/Source/WebCore/xml/XMLHttpRequest.h 2017-10-03 23:17:12 UTC (rev 222818)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.h 2017-10-03 23:35:41 UTC (rev 222819)
@@ -103,9 +103,6 @@
bool responseCacheIsValid() const { return m_responseCacheIsValid; }
void didCacheResponse();
- // Expose HTTP validation methods for other untrusted requests.
- static String uppercaseKnownHTTPMethod(const String&);
-
enum class ResponseType { EmptyString, Arraybuffer, Blob, Document, Json, Text };
ExceptionOr<void> setResponseType(ResponseType);
ResponseType responseType() const;
