From 5a4f13dcd404558c5a22652c15a13da479091e84 Mon Sep 17 00:00:00 2001 From: Timothy Flynn Date: Fri, 26 Apr 2024 13:35:10 -0400 Subject: [PATCH] LibWeb: Remove OOM propagation from Fetch::Infrastructure::Requests --- .../LibWeb/Fetch/Fetching/Checks.cpp | 8 +++---- .../Libraries/LibWeb/Fetch/Fetching/Checks.h | 4 ++-- .../LibWeb/Fetch/Fetching/Fetching.cpp | 8 +++---- .../Fetch/Infrastructure/HTTP/Requests.cpp | 24 ++++++++----------- .../Fetch/Infrastructure/HTTP/Requests.h | 8 +++---- 5 files changed, 24 insertions(+), 28 deletions(-) diff --git a/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.cpp b/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.cpp index ac0e49bff83..39dfec4e578 100644 --- a/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.cpp +++ b/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.cpp @@ -12,7 +12,7 @@ namespace Web::Fetch::Fetching { // https://fetch.spec.whatwg.org/#concept-cors-check -ErrorOr cors_check(Infrastructure::Request const& request, Infrastructure::Response const& response) +bool cors_check(Infrastructure::Request const& request, Infrastructure::Response const& response) { // 1. Let origin be the result of getting `Access-Control-Allow-Origin` from response’s header list. auto origin = response.header_list()->get("Access-Control-Allow-Origin"sv.bytes()); @@ -27,7 +27,7 @@ ErrorOr cors_check(Infrastructure::Request const& request, Infrastructure: return true; // 4. If the result of byte-serializing a request origin with request is not origin, then return failure. - if (TRY(request.byte_serialize_origin()) != *origin) + if (request.byte_serialize_origin() != *origin) return false; // 5. If request’s credentials mode is not "include", then return success. @@ -46,7 +46,7 @@ ErrorOr cors_check(Infrastructure::Request const& request, Infrastructure: } // https://fetch.spec.whatwg.org/#concept-tao-check -ErrorOr tao_check(Infrastructure::Request const& request, Infrastructure::Response const& response) +bool tao_check(Infrastructure::Request const& request, Infrastructure::Response const& response) { // 1. If request’s timing allow failed flag is set, then return failure. if (request.timing_allow_failed()) @@ -60,7 +60,7 @@ ErrorOr tao_check(Infrastructure::Request const& request, Infrastructure:: return true; // 4. If values contains the result of serializing a request origin with request, then return success. - if (values.has_value() && values->contains_slow(TRY(request.serialize_origin()))) + if (values.has_value() && values->contains_slow(request.serialize_origin())) return true; // 5. If request’s mode is "navigate" and request’s current URL’s origin is not same origin with request’s origin, then return failure. diff --git a/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.h b/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.h index e391db8c853..d4a51dcc7b3 100644 --- a/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.h +++ b/Userland/Libraries/LibWeb/Fetch/Fetching/Checks.h @@ -11,7 +11,7 @@ namespace Web::Fetch::Fetching { -ErrorOr cors_check(Infrastructure::Request const&, Infrastructure::Response const&); -ErrorOr tao_check(Infrastructure::Request const&, Infrastructure::Response const&); +[[nodiscard]] bool cors_check(Infrastructure::Request const&, Infrastructure::Response const&); +[[nodiscard]] bool tao_check(Infrastructure::Request const&, Infrastructure::Response const&); } diff --git a/Userland/Libraries/LibWeb/Fetch/Fetching/Fetching.cpp b/Userland/Libraries/LibWeb/Fetch/Fetching/Fetching.cpp index d6b036dcce1..377ae146596 100644 --- a/Userland/Libraries/LibWeb/Fetch/Fetching/Fetching.cpp +++ b/Userland/Libraries/LibWeb/Fetch/Fetching/Fetching.cpp @@ -994,13 +994,13 @@ WebIDL::ExceptionOr> http_fetch(JS::Realm& rea // NOTE: As the CORS check is not to be applied to responses whose status is 304 or 407, or responses from // a service worker for that matter, it is applied here. if (request->response_tainting() == Infrastructure::Request::ResponseTainting::CORS - && !TRY_OR_IGNORE(cors_check(request, *response))) { + && !cors_check(request, *response)) { returned_pending_response->resolve(Infrastructure::Response::network_error(vm, "Request with 'cors' response tainting failed CORS check"_string)); return; } // 5. If the TAO check for request and response returns failure, then set request’s timing allow failed flag. - if (!TRY_OR_IGNORE(tao_check(request, *response))) + if (!tao_check(request, *response)) request->set_timing_allow_failed(true); } @@ -1353,7 +1353,7 @@ WebIDL::ExceptionOr> http_network_or_cache_fet } // 12. Append a request `Origin` header for httpRequest. - TRY_OR_THROW_OOM(vm, http_request->add_origin_header()); + http_request->add_origin_header(); // FIXME: 13. Append the Fetch metadata headers for httpRequest. @@ -1876,7 +1876,7 @@ WebIDL::ExceptionOr> cors_preflight_fetch(JS:: // 7. If a CORS check for request and response returns success and response’s status is an ok status, then: // NOTE: The CORS check is done on request rather than preflight to ensure the correct credentials mode is used. - if (TRY_OR_IGNORE(cors_check(request, response)) && Infrastructure::is_ok_status(response->status())) { + if (cors_check(request, response) && Infrastructure::is_ok_status(response->status())) { // 1. Let methods be the result of extracting header list values given `Access-Control-Allow-Methods` and response’s header list. auto methods_or_failure = Infrastructure::extract_header_list_values("Access-Control-Allow-Methods"sv.bytes(), response->header_list()); diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp index a8a1decf5b9..4c3a2f64d4d 100644 --- a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp +++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp @@ -186,21 +186,21 @@ bool Request::has_redirect_tainted_origin() const } // https://fetch.spec.whatwg.org/#serializing-a-request-origin -ErrorOr Request::serialize_origin() const +String Request::serialize_origin() const { // 1. If request has a redirect-tainted origin, then return "null". if (has_redirect_tainted_origin()) return "null"_string; // 2. Return request’s origin, serialized. - return String::from_byte_string(m_origin.get().serialize()); + return MUST(String::from_byte_string(m_origin.get().serialize())); } // https://fetch.spec.whatwg.org/#byte-serializing-a-request-origin -ErrorOr Request::byte_serialize_origin() const +ByteBuffer Request::byte_serialize_origin() const { // Byte-serializing a request origin, given a request request, is to return the result of serializing a request origin with request, isomorphic encoded. - return ByteBuffer::copy(TRY(serialize_origin()).bytes()); + return MUST(ByteBuffer::copy(serialize_origin().bytes())); } // https://fetch.spec.whatwg.org/#concept-request-clone @@ -259,7 +259,7 @@ JS::NonnullGCPtr Request::clone(JS::Realm& realm) const } // https://fetch.spec.whatwg.org/#concept-request-add-range-header -ErrorOr Request::add_range_header(u64 first, Optional const& last) +void Request::add_range_header(u64 first, Optional const& last) { // To add a range header to a request request, with an integer first, and an optional integer last, run these steps: @@ -270,14 +270,14 @@ ErrorOr Request::add_range_header(u64 first, Optional const& last) auto range_value = MUST(ByteBuffer::copy("bytes"sv.bytes())); // 3. Serialize and isomorphic encode first, and append the result to rangeValue. - TRY(range_value.try_append(TRY(String::number(first)).bytes())); + range_value.append(MUST(String::number(first)).bytes()); // 4. Append 0x2D (-) to rangeValue. - TRY(range_value.try_append('-')); + range_value.append('-'); // 5. If last is given, then serialize and isomorphic encode it, and append the result to rangeValue. if (last.has_value()) - TRY(range_value.try_append(TRY(String::number(*last)).bytes())); + range_value.append(MUST(String::number(*last)).bytes()); // 6. Append (`Range`, rangeValue) to request’s header list. auto header = Header { @@ -285,15 +285,13 @@ ErrorOr Request::add_range_header(u64 first, Optional const& last) .value = move(range_value), }; m_header_list->append(move(header)); - - return {}; } // https://fetch.spec.whatwg.org/#append-a-request-origin-header -ErrorOr Request::add_origin_header() +void Request::add_origin_header() { // 1. Let serializedOrigin be the result of byte-serializing a request origin with request. - auto serialized_origin = TRY(byte_serialize_origin()); + auto serialized_origin = byte_serialize_origin(); // 2. If request’s response tainting is "cors" or request’s mode is "websocket", then append (`Origin`, serializedOrigin) to request’s header list. if (m_response_tainting == ResponseTainting::CORS || m_mode == Mode::WebSocket) { @@ -345,8 +343,6 @@ ErrorOr Request::add_origin_header() }; m_header_list->append(move(header)); } - - return {}; } // https://fetch.spec.whatwg.org/#cross-origin-embedder-policy-allows-credentials diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h index 6d1bf9d9500..5836b973e08 100644 --- a/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h +++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.h @@ -302,13 +302,13 @@ public: [[nodiscard]] bool has_redirect_tainted_origin() const; - [[nodiscard]] ErrorOr serialize_origin() const; - [[nodiscard]] ErrorOr byte_serialize_origin() const; + [[nodiscard]] String serialize_origin() const; + [[nodiscard]] ByteBuffer byte_serialize_origin() const; [[nodiscard]] JS::NonnullGCPtr clone(JS::Realm&) const; - [[nodiscard]] ErrorOr add_range_header(u64 first, Optional const& last); - [[nodiscard]] ErrorOr add_origin_header(); + void add_range_header(u64 first, Optional const& last); + void add_origin_header(); [[nodiscard]] bool cross_origin_embedder_policy_allows_credentials() const;