Source/core/fetch/CrossOriginAccessControl.h - Issue 1016373002: Perform CORS access checks on Beacon redirects.

Side by Side Diff: Source/core/fetch/CrossOriginAccessControl.h

Issue 1016373002: Perform CORS access checks on Beacon redirects. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: rebased + add mixed content test Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « LayoutTests/http/tests/navigation/beacon-cross-origin.https-expected.txt ('k') | Source/core/fetch/CrossOriginAccessControl.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2008 Apple Inc. All Rights Reserved.	2 * Copyright (C) 2008 Apple Inc. All Rights Reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions	5 * modification, are permitted provided that the following conditions

6 * are met:	6 * are met:

7 * 1. Redistributions of source code must retain the above copyright	7 * 1. Redistributions of source code must retain the above copyright

8 * notice, this list of conditions and the following disclaimer.	8 * notice, this list of conditions and the following disclaimer.

9 * 2. Redistributions in binary form must reproduce the above copyright	9 * 2. Redistributions in binary form must reproduce the above copyright

10 * notice, this list of conditions and the following disclaimer in the	10 * notice, this list of conditions and the following disclaimer in the

(...skipping 27 matching lines...) Expand all Loading...
38	38

39 class Resource;	39 class Resource;

40 struct ResourceLoaderOptions;	40 struct ResourceLoaderOptions;

41 class ResourceRequest;	41 class ResourceRequest;

42 class ResourceResponse;	42 class ResourceResponse;

43 class SecurityOrigin;	43 class SecurityOrigin;

44	44

45 class CrossOriginAccessControl {	45 class CrossOriginAccessControl {

46 public:	46 public:

47 static bool isLegalRedirectLocation(const KURL&, String& errorDescription);	47 static bool isLegalRedirectLocation(const KURL&, String& errorDescription);

48 static bool handleRedirect(Resource, SecurityOrigin, ResourceRequest&, con st ResourceResponse&, ResourceLoaderOptions&, String&);	48 static bool handleRedirect(SecurityOrigin*, ResourceRequest&, const Resource Response&, StoredCredentials, ResourceLoaderOptions&, String&);

49 };	49 };

50	50

51 bool isOnAccessControlResponseHeaderWhitelist(const String&);	51 bool isOnAccessControlResponseHeaderWhitelist(const String&);

52	52

53 void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin*, StoredCred entials);	53 void updateRequestForAccessControl(ResourceRequest&, SecurityOrigin*, StoredCred entials);

54 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, Secu rityOrigin*);	54 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, Secu rityOrigin*);

55	55

56 bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, Securi tyOrigin*, String& errorDescription);	56 bool passesAccessControlCheck(const ResourceResponse&, StoredCredentials, Securi tyOrigin*, String& errorDescription);

57 bool passesPreflightStatusCheck(const ResourceResponse&, String& errorDescriptio n);	57 bool passesPreflightStatusCheck(const ResourceResponse&, String& errorDescriptio n);

58 void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHea derSet&);	58 void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHea derSet&);

59	59

60 } // namespace blink	60 } // namespace blink

61	61

62 #endif // CrossOriginAccessControl_h	62 #endif // CrossOriginAccessControl_h

OLD	NEW