| Index: Source/core/css/CSSFontFaceSrcValue.cpp
|
| diff --git a/Source/core/css/CSSFontFaceSrcValue.cpp b/Source/core/css/CSSFontFaceSrcValue.cpp
|
| index 3f1fe5c89684800770c640b65c97dd71ae2d5c01..5b4751bab5c7062d3e05a92dc4839c0f659daa46 100644
|
| --- a/Source/core/css/CSSFontFaceSrcValue.cpp
|
| +++ b/Source/core/css/CSSFontFaceSrcValue.cpp
|
| @@ -73,22 +73,13 @@ bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const
|
| return m_fetched && m_fetched->loadFailedOrCanceled();
|
| }
|
|
|
| -bool CSSFontFaceSrcValue::shouldSetCrossOriginAccessControl(const KURL& resource, SecurityOrigin* securityOrigin)
|
| -{
|
| - if (resource.isLocalFile() || resource.protocolIsData())
|
| - return false;
|
| - return !securityOrigin->canRequestNoSuborigin(resource);
|
| -}
|
| -
|
| FontResource* CSSFontFaceSrcValue::fetch(Document* document)
|
| {
|
| if (!m_fetched) {
|
| FetchRequest request(ResourceRequest(document->completeURL(m_resource)), FetchInitiatorTypeNames::css);
|
| request.setContentSecurityCheck(m_shouldCheckContentSecurityPolicy);
|
| SecurityOrigin* securityOrigin = document->securityOrigin();
|
| - if (shouldSetCrossOriginAccessControl(request.url(), securityOrigin)) {
|
| - request.setCrossOriginAccessControl(securityOrigin, DoNotAllowStoredCredentials);
|
| - }
|
| + request.setCrossOriginAccessControl(securityOrigin, DoNotAllowStoredCredentials);
|
| request.mutableResourceRequest().setHTTPReferrer(SecurityPolicy::generateReferrer(m_referrer.referrerPolicy, request.url(), m_referrer.referrer));
|
| m_fetched = FontResource::fetch(request, document->fetcher());
|
| } else {
|
|
|
Chromium Code Reviews
Issue 1250793008:
Webfont fetch should be CORS-enabled even for same-origin URL (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master