| Index: Source/core/html/parser/HTMLPreloadScanner.cpp
|
| diff --git a/Source/core/html/parser/HTMLPreloadScanner.cpp b/Source/core/html/parser/HTMLPreloadScanner.cpp
|
| index 895d6a0d96d304c5990f0b09841b87b372392d43..b925f1b81ec4afcdbd7d484a27fa7e7cf0d96c76 100644
|
| --- a/Source/core/html/parser/HTMLPreloadScanner.cpp
|
| +++ b/Source/core/html/parser/HTMLPreloadScanner.cpp
|
| @@ -98,6 +98,8 @@ public:
|
| , m_inputIsImage(false)
|
| , m_deviceScaleFactor(deviceScaleFactor)
|
| , m_encounteredImgSrc(false)
|
| + , m_isCORSEnabled(false)
|
| + , m_allowCredentials(DoNotAllowStoredCredentials)
|
| {
|
| if (!match(m_tagImpl, imgTag)
|
| && !match(m_tagImpl, inputTag)
|
| @@ -139,7 +141,8 @@ public:
|
| TRACE_EVENT_INSTANT1("net", "PreloadRequest", "url", m_urlToLoad.ascii());
|
| TextPosition position = TextPosition(source.currentLine(), source.currentColumn());
|
| OwnPtr<PreloadRequest> request = PreloadRequest::create(initiatorFor(m_tagImpl), position, m_urlToLoad, predictedBaseURL, resourceType(), m_mediaAttribute);
|
| - request->setCrossOriginModeAllowsCookies(crossOriginModeAllowsCookies());
|
| + if (isCORSEnabled())
|
| + request->setCrossOriginEnabled(allowCredentials());
|
| request->setCharset(charset());
|
| return request.release();
|
| }
|
| @@ -154,14 +157,14 @@ private:
|
| if (match(m_tagImpl, scriptTag)) {
|
| if (match(attributeName, srcAttr))
|
| setUrlToLoad(attributeValue, DisallowURLReplacement);
|
| - else if (match(attributeName, crossoriginAttr) && !attributeValue.isNull())
|
| - m_crossOriginMode = stripLeadingAndTrailingHTMLSpaces(attributeValue);
|
| + else if (match(attributeName, crossoriginAttr))
|
| + setCrossOriginAllowed(attributeValue);
|
| } else if (match(m_tagImpl, imgTag)) {
|
| if (match(attributeName, srcAttr) && !m_encounteredImgSrc) {
|
| m_encounteredImgSrc = true;
|
| setUrlToLoad(bestFitSourceForImageAttributes(m_deviceScaleFactor, attributeValue, m_srcsetImageCandidate), AllowURLReplacement);
|
| - } else if (match(attributeName, crossoriginAttr) && !attributeValue.isNull()) {
|
| - m_crossOriginMode = stripLeadingAndTrailingHTMLSpaces(attributeValue);
|
| + } else if (match(attributeName, crossoriginAttr)) {
|
| + setCrossOriginAllowed(attributeValue);
|
| } else if (RuntimeEnabledFeatures::srcsetEnabled()
|
| && match(attributeName, srcsetAttr)
|
| && m_srcsetImageCandidate.isEmpty()) {
|
| @@ -221,7 +224,7 @@ private:
|
| return Resource::Raw;
|
| }
|
|
|
| - bool shouldPreload()
|
| + bool shouldPreload() const
|
| {
|
| if (m_urlToLoad.isEmpty())
|
| return false;
|
| @@ -232,21 +235,36 @@ private:
|
| return true;
|
| }
|
|
|
| - bool crossOriginModeAllowsCookies()
|
| + bool isCORSEnabled() const
|
| {
|
| - return m_crossOriginMode.isNull() || equalIgnoringCase(m_crossOriginMode, "use-credentials");
|
| + return m_isCORSEnabled;
|
| + }
|
| +
|
| + StoredCredentials allowCredentials() const
|
| + {
|
| + return m_allowCredentials;
|
| + }
|
| +
|
| + void setCrossOriginAllowed(const String& corsSetting)
|
| + {
|
| + m_isCORSEnabled = true;
|
| + if (!corsSetting.isNull() && equalIgnoringCase(stripLeadingAndTrailingHTMLSpaces(corsSetting), "use-credentials"))
|
| + m_allowCredentials = AllowStoredCredentials;
|
| + else
|
| + m_allowCredentials = DoNotAllowStoredCredentials;
|
| }
|
|
|
| const StringImpl* m_tagImpl;
|
| String m_urlToLoad;
|
| ImageCandidate m_srcsetImageCandidate;
|
| String m_charset;
|
| - String m_crossOriginMode;
|
| bool m_linkIsStyleSheet;
|
| String m_mediaAttribute;
|
| bool m_inputIsImage;
|
| float m_deviceScaleFactor;
|
| bool m_encounteredImgSrc;
|
| + bool m_isCORSEnabled;
|
| + StoredCredentials m_allowCredentials;
|
| };
|
|
|
| TokenPreloadScanner::TokenPreloadScanner(const KURL& documentURL, float deviceScaleFactor)
|
|
|
Chromium Code Reviews
Issue 104943004:
Have preloader handle crossorigin resources better. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master