OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
95 | 95 |
96 return allowedCrossOriginResponseHeaders->contains(name); | 96 return allowedCrossOriginResponseHeaders->contains(name); |
97 } | 97 } |
98 | 98 |
99 void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin* sec urityOrigin, StoredCredentials allowCredentials) | 99 void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin* sec urityOrigin, StoredCredentials allowCredentials) |
100 { | 100 { |
101 request.removeCredentials(); | 101 request.removeCredentials(); |
102 request.setAllowCookies(allowCredentials == AllowStoredCredentials); | 102 request.setAllowCookies(allowCredentials == AllowStoredCredentials); |
103 | 103 |
104 if (securityOrigin) | 104 if (securityOrigin) |
105 request.setHTTPOrigin(securityOrigin->toString()); | 105 request.setHTTPOrigin(AtomicString(securityOrigin->toString())); |
106 } | 106 } |
107 | 107 |
108 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& reque st, SecurityOrigin* securityOrigin) | 108 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& reque st, SecurityOrigin* securityOrigin) |
109 { | 109 { |
110 ResourceRequest preflightRequest(request.url()); | 110 ResourceRequest preflightRequest(request.url()); |
111 updateRequestForAccessControl(preflightRequest, securityOrigin, DoNotAllowSt oredCredentials); | 111 updateRequestForAccessControl(preflightRequest, securityOrigin, DoNotAllowSt oredCredentials); |
112 preflightRequest.setHTTPMethod("OPTIONS"); | 112 preflightRequest.setHTTPMethod("OPTIONS"); |
113 preflightRequest.setHTTPHeaderField("Access-Control-Request-Method", request .httpMethod()); | 113 preflightRequest.setHTTPHeaderField("Access-Control-Request-Method", request .httpMethod()); |
114 preflightRequest.setPriority(request.priority()); | 114 preflightRequest.setPriority(request.priority()); |
115 | 115 |
116 const HTTPHeaderMap& requestHeaderFields = request.httpHeaderFields(); | 116 const HTTPHeaderMap& requestHeaderFields = request.httpHeaderFields(); |
117 | 117 |
118 if (requestHeaderFields.size() > 0) { | 118 if (requestHeaderFields.size() > 0) { |
119 StringBuilder headerBuffer; | 119 StringBuilder headerBuffer; |
120 HTTPHeaderMap::const_iterator it = requestHeaderFields.begin(); | 120 HTTPHeaderMap::const_iterator it = requestHeaderFields.begin(); |
121 headerBuffer.append(it->key); | 121 headerBuffer.append(it->key); |
122 ++it; | 122 ++it; |
123 | 123 |
124 HTTPHeaderMap::const_iterator end = requestHeaderFields.end(); | 124 HTTPHeaderMap::const_iterator end = requestHeaderFields.end(); |
125 for (; it != end; ++it) { | 125 for (; it != end; ++it) { |
126 headerBuffer.appendLiteral(", "); | 126 headerBuffer.appendLiteral(", "); |
127 headerBuffer.append(it->key); | 127 headerBuffer.append(it->key); |
128 } | 128 } |
129 | 129 |
130 preflightRequest.setHTTPHeaderField("Access-Control-Request-Headers", he aderBuffer.toString().lower()); | 130 preflightRequest.setHTTPHeaderField("Access-Control-Request-Headers", he aderBuffer.toAtomicString().lower()); |
eseidel
2013/12/31 22:05:03
Wrong order. No sense in making an atomic non-low
Inactive
2013/12/31 22:47:25
Done.
| |
131 } | 131 } |
132 | 132 |
133 return preflightRequest; | 133 return preflightRequest; |
134 } | 134 } |
135 | 135 |
136 static bool isOriginSeparator(UChar ch) | 136 static bool isOriginSeparator(UChar ch) |
137 { | 137 { |
138 return isASCIISpace(ch) || ch == ','; | 138 return isASCIISpace(ch) || ch == ','; |
139 } | 139 } |
140 | 140 |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
192 Vector<String> headers; | 192 Vector<String> headers; |
193 headerValue.split(',', false, headers); | 193 headerValue.split(',', false, headers); |
194 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++) { | 194 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++) { |
195 String strippedHeader = headers[headerCount].stripWhiteSpace(); | 195 String strippedHeader = headers[headerCount].stripWhiteSpace(); |
196 if (!strippedHeader.isEmpty()) | 196 if (!strippedHeader.isEmpty()) |
197 headerSet.add(strippedHeader); | 197 headerSet.add(strippedHeader); |
198 } | 198 } |
199 } | 199 } |
200 | 200 |
201 } // namespace WebCore | 201 } // namespace WebCore |
OLD | NEW |