Index: media/blink/buffered_data_source.cc |
diff --git a/media/blink/buffered_data_source.cc b/media/blink/buffered_data_source.cc |
index d5f32b1ca298d4c787731c70eb26ead26632bea0..412b9c01c51b687da936ebc2c2da8b78d93cbbe4 100644 |
--- a/media/blink/buffered_data_source.cc |
+++ b/media/blink/buffered_data_source.cc |
@@ -356,6 +356,7 @@ void BufferedDataSource::StartCallback( |
loader_->Stop(); |
return; |
} |
+ response_original_url_ = loader_->response_original_url(); |
// All responses must be successful. Resources that are assumed to be fully |
// buffered must have a known content length. |
@@ -403,8 +404,12 @@ void BufferedDataSource::PartialReadStartCallback( |
BufferedResourceLoader::Status status) { |
DCHECK(render_task_runner_->BelongsToCurrentThread()); |
DCHECK(loader_.get()); |
+ if (status == BufferedResourceLoader::kOk && |
+ response_original_url_ == loader_->response_original_url()) { |
falken
2015/07/03 04:00:25
Actually a question. Should this really just compa
horo
2015/07/06 11:45:47
Changed to compare the origin.
And added canReques
|
+ // We don't support mixed range responses. Otherwise malicious attackers can |
falken
2015/07/03 03:43:44
I'm not sure "mixed range response" is a term of a
horo
2015/07/06 11:45:47
Changed to "mixing different origin responses".
|
+ // scan the bytes of other origin resources by mixing their generated bytes |
+ // and the target response. See http://crbug.com/489060#c32 for details. |
- if (status == BufferedResourceLoader::kOk) { |
// Once the request has started successfully, we can proceed with |
// reading from it. |
ReadInternal(); |