Lines Matching refs:request
13 const { Request, makeRequest } = require('./request')
79 // 2 terminated listeners get added per request,
143 // 3. Let request be requestObject’s request.
144 const request = requestObject[kState]
148 // 1. Abort the fetch() call with p, request, null, and
150 abortFetch(p, request, null, requestObject.signal.reason)
156 // 5. Let globalObject be request’s client’s global object.
157 const globalObject = request.client.globalObject
160 // request’s service-workers mode to "none".
162 request.serviceWorkers = 'none'
190 // 4. Abort the fetch() call with p, request, responseObject,
192 abortFetch(p, request, responseObject, requestObject.signal.reason)
201 // 13. Set controller to the result of calling fetch given request,
217 // 2. Abort the fetch() call with p, request, responseObject, and
220 abortFetch(p, request, responseObject, controller.serializedAbortReason)
247 request,
328 function abortFetch (p, request, responseObject, error) {
339 // 2. If request’s body is not null and is readable, then cancel request’s
341 if (request.body != null && isReadable(request.body?.stream)) {
342 request.body.stream.cancel(error).catch((err) => {
374 request,
389 // 3. If request’s client is non-null, then:
390 if (request.client != null) {
391 // 1. Set taskDestination to request’s client’s global object.
392 taskDestination = request.client.globalObject
394 // 2. Set crossOriginIsolatedCapability to request’s client’s cross-origin
397 request.client.crossOriginIsolatedCapability
413 // request is request,
415 // process request body chunk length is processRequestBodyChunkLength,
416 // process request end-of-body is processRequestEndOfBody,
424 request,
435 // 7. If request’s body is a byte sequence, then set request’s body to
436 // request’s body as a body.
439 assert(!request.body || request.body.stream)
441 // 8. If request’s window is "client", then set request’s window to request’s
442 // client, if request’s client’s global object is a Window object; otherwise
444 if (request.window === 'client') {
445 // TODO: What if request.client is null?
446 request.window =
447 request.client?.globalObject?.constructor?.name === 'Window'
448 ? request.client
452 // 9. If request’s origin is "client", then set request’s origin to request’s
454 if (request.origin === 'client') {
455 // TODO: What if request.client is null?
456 request.origin = request.client?.origin
462 // 11. If request’s policy container is "client", then:
463 if (request.policyContainer === 'client') {
464 // 1. If request’s client is non-null, then set request’s policy
465 // container to a clone of request’s client’s policy container. [HTML]
466 if (request.client != null) {
467 request.policyContainer = clonePolicyContainer(
468 request.client.policyContainer
471 // 2. Otherwise, set request’s policy container to a new policy
473 request.policyContainer = makePolicyContainer()
477 // 12. If request’s header list does not contain `Accept`, then:
478 if (!request.headersList.contains('accept')) {
483 // any, switching on request’s destination:
494 // 3. Append `Accept`/value to request’s header list.
495 request.headersList.append('accept', value)
498 // 13. If request’s header list does not contain `Accept-Language`, then
500 // request’s header list.
501 if (!request.headersList.contains('accept-language')) {
502 request.headersList.append('accept-language', '*')
505 // 14. If request’s priority is null, then use request’s initiator and
506 // destination appropriately in setting request’s priority to a
508 if (request.priority === null) {
512 // 15. If request is a subresource request, then:
513 if (subresourceSet.has(request.destination)) {
529 // 1. Let request be fetchParams’s request.
530 const request = fetchParams.request
535 // 3. If request’s local-URLs-only flag is set and request’s current URL is
537 if (request.localURLsOnly && !urlIsLocal(requestCurrentURL(request))) {
541 // 4. Run report Content Security Policy violations for request.
544 // 5. Upgrade request to a potentially trustworthy URL, if appropriate.
545 tryUpgradeRequestToAPotentiallyTrustworthyURL(request)
547 // 6. If should request be blocked due to a bad port, should fetching request
548 // be blocked as mixed content, or should request be blocked by Content
550 if (requestBadPort(request) === 'blocked') {
553 // TODO: should fetching request be blocked as mixed content?
554 // TODO: should request be blocked by Content Security Policy?
556 // 7. If request’s referrer policy is the empty string, then set request’s
557 // referrer policy to request’s policy container’s referrer policy.
558 if (request.referrerPolicy === '') {
559 request.referrerPolicy = request.policyContainer.referrerPolicy
562 // 8. If request’s referrer is not "no-referrer", then set request’s
563 // referrer to the result of invoking determine request’s referrer.
564 if (request.referrer !== 'no-referrer') {
565 request.referrer = determineRequestsReferrer(request)
568 // 9. Set request’s current URL’s scheme to "https" if all of the following
570 // - request’s current URL’s scheme is "http"
571 // - request’s current URL’s host is a domain
572 // - Matching request’s current URL’s host per Known HSTS Host Domain Name
585 const currentURL = requestCurrentURL(request)
588 // - request’s current URL’s origin is same origin with request’s origin,
589 // and request’s response tainting is "basic"
590 (sameOrigin(currentURL, request.url) && request.responseTainting === 'basic') ||
591 // request’s current URL’s scheme is "data"
593 // - request’s mode is "navigate" or "websocket"
594 (request.mode === 'navigate' || request.mode === 'websocket')
596 // 1. Set request’s response tainting to "basic".
597 request.responseTainting = 'basic'
603 // request’s mode is "same-origin"
604 if (request.mode === 'same-origin') {
606 return makeNetworkError('request mode cannot be "same-origin"')
609 // request’s mode is "no-cors"
610 if (request.mode === 'no-cors') {
611 // 1. If request’s redirect mode is not "follow", then return a network
613 if (request.redirect !== 'follow') {
615 'redirect mode cannot be "follow" for "no-cors" request'
619 // 2. Set request’s response tainting to "opaque".
620 request.responseTainting = 'opaque'
626 // request’s current URL’s scheme is not an HTTP(S) scheme
627 if (!urlIsHttpHttpsScheme(requestCurrentURL(request))) {
632 // - request’s use-CORS-preflight flag is set
633 // - request’s unsafe-request flag is set and either request’s method is
634 // not a CORS-safelisted method or CORS-unsafe request-header names with
635 // request’s header list is not empty
636 // 1. Set request’s response tainting to "cors".
640 // entries using request.
645 // 1. Set request’s response tainting to "cors".
646 request.responseTainting = 'cors'
661 // If request’s response tainting is "cors", then:
662 if (request.responseTainting === 'cors') {
666 // 2. If request’s credentials mode is not "include" and headerNames
676 // internal response, depending on request’s response tainting:
677 if (request.responseTainting === 'basic') {
679 } else if (request.responseTainting === 'cors') {
681 } else if (request.responseTainting === 'opaque') {
694 // request’s URL list.
696 internalResponse.urlList.push(...request.urlList)
699 // 16. If request’s timing allow failed flag is unset, then set
701 if (!request.timingAllowFailed) {
707 // - should internalResponse to request be blocked as mixed content
708 // - should internalResponse to request be blocked by Content Security Policy
709 // - should internalResponse to request be blocked due to its MIME type
710 // - should internalResponse to request be blocked due to nosniff
714 // internalResponse’s range-requested flag is set, and request’s header
721 !request.headers.contains('range')
726 // 19. If response is not a network error and either request’s method is
732 (request.method === 'HEAD' ||
733 request.method === 'CONNECT' ||
740 // 20. If request’s integrity metadata is not the empty string, then:
741 if (request.integrity) {
747 // 2. If request’s response tainting is "opaque", or response’s body is null,
749 if (request.responseTainting === 'opaque' || response.body == null) {
756 // 1. If bytes do not match request’s integrity metadata,
758 if (!bytesMatch(bytes, request.integrity)) {
785 if (isCancelled(fetchParams) && fetchParams.request.redirectCount === 0) {
789 // 2. Let request be fetchParams’s request.
790 const { request } = fetchParams
792 const { protocol: scheme } = requestCurrentURL(request)
794 // 3. Switch on request’s current URL’s scheme and run the associated steps:
797 // If request’s current URL’s path is the string "blank", then return a new response
809 // 1. Let blobURLEntry be request’s current URL’s blob URL entry.
810 const blobURLEntry = requestCurrentURL(request)
820 // 2. If request’s method is not `GET`, blobURLEntry is null, or blobURLEntry’s
822 if (request.method !== 'GET' || !isBlobLike(blobURLEntryObject)) {
854 // data: URL processor on request’s current URL.
855 const currentURL = requestCurrentURL(request)
898 // 1. Set fetchParams’s request’s done flag.
899 fetchParams.request.done = true
913 // 1. Set response’s URL list to « fetchParams’s request’s URL list[0] ».
914 response.urlList = [fetchParams.request.urlList[0]]
925 // 1. Set fetchParams’s request’s done flag.
926 fetchParams.request.done = true
1002 // 1. Let request be fetchParams’s request.
1003 const request = fetchParams.request
1014 // 5. If request’s service-workers mode is "all", then:
1015 if (request.serviceWorkers === 'all') {
1024 // 2. If request’s redirect mode is "follow", then set request’s
1026 if (request.redirect === 'follow') {
1027 request.serviceWorkers = 'none'
1034 // 4. If request’s response tainting is "cors" and a CORS check
1035 // for request and response returns failure, then return a network error.
1037 request.responseTainting === 'cors' &&
1038 corsCheck(request, response) === 'failure'
1043 // 5. If the TAO check for request and response returns failure, then set
1044 // request’s timing allow failed flag.
1045 if (TAOCheck(request, response) === 'failure') {
1046 request.timingAllowFailed = true
1050 // 7. If either request’s response tainting or response’s type
1052 // request’s origin, request’s client, request’s destination,
1055 (request.responseTainting === 'opaque' || response.type === 'opaque') &&
1057 request.origin,
1058 request.client,
1059 request.destination,
1068 // 1. If actualResponse’s status is not 303, request’s body is not null,
1072 if (request.redirect !== 'manual') {
1076 // 2. Switch on request’s redirect mode:
1077 if (request.redirect === 'error') {
1080 } else if (request.redirect === 'manual') {
1087 } else if (request.redirect === 'follow') {
1105 // 1. Let request be fetchParams’s request.
1106 const request = fetchParams.request
1114 // 3. Let locationURL be actualResponse’s location URL given request’s current
1121 requestCurrentURL(request).hash
1139 // 7. If request’s redirect count is 20, then return a network error.
1140 if (request.redirectCount === 20) {
1144 // 8. Increase request’s redirect count by 1.
1145 request.redirectCount += 1
1147 // 9. If request’s mode is "cors", locationURL includes credentials, and
1148 // request’s origin is not same origin with locationURL’s origin, then return
1151 request.mode === 'cors' &&
1153 !sameOrigin(request, locationURL)
1155 return Promise.resolve(makeNetworkError('cross origin not allowed for request mode "cors"'))
1158 // 10. If request’s response tainting is "cors" and locationURL includes
1161 request.responseTainting === 'cors' &&
1165 'URL cannot contain credentials for request mode "cors"'
1169 // 11. If actualResponse’s status is not 303, request’s body is non-null,
1170 // and request’s body’s source is null, then return a network error.
1173 request.body != null &&
1174 request.body.source == null
1180 // - actualResponse’s status is 301 or 302 and request’s method is `POST`
1181 // - actualResponse’s status is 303 and request’s method is not `GET` or `HEAD`
1183 ([301, 302].includes(actualResponse.status) && request.method === 'POST') ||
1185 !GET_OR_HEAD.includes(request.method))
1188 // 1. Set request’s method to `GET` and request’s body to null.
1189 request.method = 'GET'
1190 request.body = null
1192 // 2. For each headerName of request-body-header name, delete headerName from
1193 // request’s header list.
1195 request.headersList.delete(headerName)
1199 // 13. If request’s current URL’s origin is not same origin with locationURL’s
1200 // origin, then for each headerName of CORS non-wildcard request-header name,
1201 // delete headerName from request’s header list.
1202 if (!sameOrigin(requestCurrentURL(request), locationURL)) {
1203 // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
1204 request.headersList.delete('authorization')
1207 request.headersList.delete('proxy-authorization', true)
1209 // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement.
1210 request.headersList.delete('cookie')
1211 request.headersList.delete('host')
1214 // 14. If request’s body is non-null, then set request’s body to the first return
1215 // value of safely extracting request’s body’s source.
1216 if (request.body != null) {
1217 assert(request.body.source != null)
1218 request.body = safelyExtractBody(request.body.source)[0]
1236 // 18. Append locationURL to request’s URL list.
1237 request.urlList.push(locationURL)
1239 // 19. Invoke set request’s referrer policy on redirect on request and
1241 setRequestReferrerPolicyOnRedirect(request, actualResponse)
1253 // 1. Let request be fetchParams’s request.
1254 const request = fetchParams.request
1276 // 1. If request’s window is "no-window" and request’s redirect mode is
1278 // request.
1279 if (request.window === 'no-window' && request.redirect === 'error') {
1281 httpRequest = request
1285 // 1. Set httpRequest to a clone of request.
1286 httpRequest = makeRequest(request)
1291 // 3. Set httpFetchParams’s request to httpRequest.
1292 httpFetchParams.request = httpRequest
1297 request.credentials === 'include' ||
1298 (request.credentials === 'same-origin' &&
1299 request.responseTainting === 'basic')
1346 // 12. Append a request `Origin` header for httpRequest.
1505 // 13. Set response’s request-includes-credentials to includeCredentials.
1509 // "cors", includeCredentials is true, and request’s window is an environment
1515 // 1. If request’s window is "no-window", then return a network error.
1516 if (request.window === 'no-window') {
1527 // 4. Prompt the end user as appropriate in request’s window and store
1543 // request’s body is null, or request’s body is non-null and request’s body’s source is non-null
1544 (request.body == null || request.body.source != null)
1596 // 1. Let request be fetchParams’s request.
1597 const request = fetchParams.request
1606 // given request.
1610 // 5. If httpCache is null, then set request’s cache mode to "no-store".
1612 request.cache = 'no-store'
1616 // partition key given request.
1623 // 8. Switch on request’s mode:
1624 if (request.mode === 'websocket') {
1626 // given request’s current URL.
1630 // networkPartitionKey, request’s current URL’s origin,
1644 // 3. If connection is not an HTTP/2 connection, request’s body is non-null,
1645 // and request’s body’s source is null, then append (`Transfer-Encoding`,
1646 // `chunked`) to request’s header list.
1648 // 4. Set timingInfo’s final network-request start time to the coarsened
1652 // 5. Set response to the result of making an HTTP request over connection
1653 // using request with the following caveats:
1658 // - If request’s body is non-null, and request’s body’s source is null,
1660 // a part of request’s body in that buffer. If the user agent reads from
1661 // request’s body beyond that buffer’s size and the user agent needs to
1662 // resend request, then instead return a network error.
1676 // - If request’s header list contains `Transfer-Encoding`/`chunked` and
1680 // - If the HTTP request results in a TLS client certificate dialog, then:
1682 // 1. If request’s window is an environment settings object, make the
1683 // dialog available in request’s window.
1687 // To transmit request’s body body, run these steps:
1689 // 1. If body is null and fetchParams’s process request end-of-body is
1690 // non-null, then queue a fetch task given fetchParams’s process request
1692 if (request.body == null && fetchParams.processRequestEndOfBody) {
1694 } else if (request.body != null) {
1707 // 3. If fetchParams’s process request body is non-null, then run
1708 // fetchParams’s process request body given bytes’s length.
1719 // 2. If fetchParams’s process request end-of-body is non-null,
1720 // then run fetchParams’s process request end-of-body.
1741 // 4. Incrementally read request’s body given processBodyChunk, processEndOfBody,
1745 for await (const bytes of request.body.stream) {
1833 // 2. If response is not a network error and request’s cache mode is
1834 // not "no-store", then update response in httpCache for request.
1838 // to block cookies for request (see section 7 of [COOKIES]), then run the
1841 // `Set-Cookie` in response’s header list, if any, and request’s current URL.
1954 const url = requestCurrentURL(request)
1962 method: request.method,
1963 body: fetchParams.controller.dispatcher.isMockActive ? request.body && (request.body.source || request.body.stream) : body,
1964 headers: request.headersList.entries,
1966 upgrade: request.mode === 'websocket' ? 'websocket' : undefined
2030 const willFollow = request.redirect === 'follow' &&
2035 if (request.method !== 'HEAD' && request.method !== 'CONNECT' && !nullBodyStatus.includes(status) && !willFollow) {