| Index: Source/core/fetch/CrossOriginAccessControl.cpp
|
| diff --git a/Source/core/fetch/CrossOriginAccessControl.cpp b/Source/core/fetch/CrossOriginAccessControl.cpp
|
| index 33a60d0ae78ebceab697275e4e97fdd959c3f6ff..d2a87bf2abb80e348a9c74a42f1098733e7c9d46 100644
|
| --- a/Source/core/fetch/CrossOriginAccessControl.cpp
|
| +++ b/Source/core/fetch/CrossOriginAccessControl.cpp
|
| @@ -143,6 +143,11 @@ bool passesAccessControlCheck(const ResourceResponse& response, StoredCredential
|
| AtomicallyInitializedStatic(AtomicString&, accessControlAllowOrigin = *new AtomicString("access-control-allow-origin", AtomicString::ConstructFromLiteral));
|
| AtomicallyInitializedStatic(AtomicString&, accessControlAllowCredentials = *new AtomicString("access-control-allow-credentials", AtomicString::ConstructFromLiteral));
|
|
|
| + if (!response.httpStatusCode()) {
|
| + errorDescription = "Received an invalid response. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
|
| + return false;
|
| + }
|
| +
|
| // A wildcard Access-Control-Allow-Origin can not be used if credentials are to be sent,
|
| // even with Access-Control-Allow-Credentials set to true.
|
| const AtomicString& accessControlOriginString = response.httpHeaderField(accessControlAllowOrigin);
|
|
|
Chromium Code Reviews
Issue 110273006:
Show better CORS error message when status code is not set (Closed)
Base URL: svn://svn.chromium.org/blink/trunk