Index: Source/core/html/HTMLLinkElement.cpp |
diff --git a/Source/core/html/HTMLLinkElement.cpp b/Source/core/html/HTMLLinkElement.cpp |
index f7a257c06cf0927a7f32d789df1d93445134b9c4..7311236b88f01e58bebda508708019ccc75f574a 100644 |
--- a/Source/core/html/HTMLLinkElement.cpp |
+++ b/Source/core/html/HTMLLinkElement.cpp |
@@ -489,6 +489,7 @@ LinkStyle::LinkStyle(HTMLLinkElement* owner) |
, m_loading(false) |
, m_firedLoad(false) |
, m_loadedSheet(false) |
+ , m_fetchFollowingCORS(false) |
{ |
} |
@@ -533,6 +534,7 @@ void LinkStyle::setCSSStyleSheet(const String& href, const KURL& baseURL, const |
m_sheet = CSSStyleSheet::create(restoredSheet, m_owner); |
m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media())); |
m_sheet->setTitle(m_owner->title()); |
+ setCrossOriginStylesheetStatus(baseURL, m_sheet.get()); |
m_loading = false; |
restoredSheet->checkLoaded(); |
@@ -547,6 +549,7 @@ void LinkStyle::setCSSStyleSheet(const String& href, const KURL& baseURL, const |
m_sheet = CSSStyleSheet::create(styleSheet, m_owner); |
m_sheet->setMediaQueries(MediaQuerySet::create(m_owner->media())); |
m_sheet->setTitle(m_owner->title()); |
+ setCrossOriginStylesheetStatus(baseURL, m_sheet.get()); |
styleSheet->parseAuthorStyleSheet(cachedStyleSheet, m_owner->document().securityOrigin()); |
@@ -673,6 +676,17 @@ void LinkStyle::setDisabledState(bool disabled) |
} |
} |
+void LinkStyle::setCrossOriginStylesheetStatus(const KURL& baseURL, CSSStyleSheet* sheet) |
+{ |
+ if (m_fetchFollowingCORS && resource() && !resource()->errorOccurred()) { |
+ // Record the security origin the CORS access check succeeded at, if cross origin. |
+ // Only origins that are script accessible to it may access the stylesheet's rules. |
+ if (!m_owner->document().securityOrigin()->canRequest(baseURL)) |
Mike West
2015/03/17 20:05:46
I'm not sure it's useful to check canRequest here,
sof
2015/03/17 21:52:15
Yes, it serves no purpose to do this check here (n
|
+ sheet->setAllowRuleAccessFromOrigin(m_owner->document().securityOrigin()); |
+ } |
+ m_fetchFollowingCORS = false; |
+} |
+ |
void LinkStyle::process() |
{ |
ASSERT(m_owner->shouldProcessStyle()); |
@@ -723,8 +737,10 @@ void LinkStyle::process() |
// Load stylesheets that are not needed for the rendering immediately with low priority. |
FetchRequest request = builder.build(blocking); |
AtomicString crossOriginMode = m_owner->fastGetAttribute(HTMLNames::crossoriginAttr); |
- if (!crossOriginMode.isNull()) |
+ if (!crossOriginMode.isNull()) { |
request.setCrossOriginAccessControl(document().securityOrigin(), crossOriginMode); |
+ setFetchFollowingCORS(); |
+ } |
setResource(document().fetcher()->fetchCSSStyleSheet(request)); |
if (!resource()) { |