| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2007, 2010 Apple Inc. All rights reserved. | 2 * Copyright (C) 2007, 2010 Apple Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 result.append(')'); | 66 result.append(')'); |
| 67 } | 67 } |
| 68 return result.toString(); | 68 return result.toString(); |
| 69 } | 69 } |
| 70 | 70 |
| 71 bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const | 71 bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const |
| 72 { | 72 { |
| 73 return m_fetched && m_fetched->loadFailedOrCanceled(); | 73 return m_fetched && m_fetched->loadFailedOrCanceled(); |
| 74 } | 74 } |
| 75 | 75 |
| 76 static bool shouldSetCrossOriginAccessControl(const KURL& resource) | 76 static void setCrossOriginAccessControl(FetchRequest& request, SecurityOrigin* s
ecurityOrigin) |
| 77 { | 77 { |
| 78 // Local fonts are accessible from file: URLs even when | 78 // Local fonts are accessible from file: URLs even when |
| 79 // allowFileAccessFromFileURLs is false. | 79 // allowFileAccessFromFileURLs is false. |
| 80 if (resource.isLocalFile()) | 80 if (request.url().isLocalFile()) |
| 81 return false; | 81 return; |
| 82 return true; | 82 |
| 83 StoredCredentials allowCredentials = DoNotAllowStoredCredentials; |
| 84 bool sameOriginRequest = securityOrigin->canRequestNoSuborigin(request.url()
); |
| 85 // Include credentials for same origin requests (and assume that |
| 86 // redirects out of origin will be handled per Fetch spec.) |
| 87 if (sameOriginRequest) |
| 88 allowCredentials = AllowStoredCredentials; |
| 89 request.setCrossOriginAccessControl(securityOrigin, allowCredentials, Client
DidNotRequestCredentials); |
| 83 } | 90 } |
| 84 | 91 |
| 85 FontResource* CSSFontFaceSrcValue::fetch(Document* document) | 92 FontResource* CSSFontFaceSrcValue::fetch(Document* document) |
| 86 { | 93 { |
| 87 if (!m_fetched) { | 94 if (!m_fetched) { |
| 88 FetchRequest request(ResourceRequest(document->completeURL(m_resource)),
FetchInitiatorTypeNames::css); | 95 FetchRequest request(ResourceRequest(document->completeURL(m_resource)),
FetchInitiatorTypeNames::css); |
| 89 request.setContentSecurityCheck(m_shouldCheckContentSecurityPolicy); | 96 request.setContentSecurityCheck(m_shouldCheckContentSecurityPolicy); |
| 90 SecurityOrigin* securityOrigin = document->securityOrigin(); | 97 SecurityOrigin* securityOrigin = document->securityOrigin(); |
| 91 if (shouldSetCrossOriginAccessControl(request.url())) | 98 setCrossOriginAccessControl(request, securityOrigin); |
| 92 request.setCrossOriginAccessControl(securityOrigin, DoNotAllowStored
Credentials); | |
| 93 request.mutableResourceRequest().setHTTPReferrer(SecurityPolicy::generat
eReferrer(m_referrer.referrerPolicy, request.url(), m_referrer.referrer)); | 99 request.mutableResourceRequest().setHTTPReferrer(SecurityPolicy::generat
eReferrer(m_referrer.referrerPolicy, request.url(), m_referrer.referrer)); |
| 94 m_fetched = FontResource::fetch(request, document->fetcher()); | 100 m_fetched = FontResource::fetch(request, document->fetcher()); |
| 95 } else { | 101 } else { |
| 96 // FIXME: CSSFontFaceSrcValue::fetch is invoked when @font-face rule | 102 // FIXME: CSSFontFaceSrcValue::fetch is invoked when @font-face rule |
| 97 // is processed by StyleResolver / StyleEngine. | 103 // is processed by StyleResolver / StyleEngine. |
| 98 restoreCachedResourceIfNeeded(document); | 104 restoreCachedResourceIfNeeded(document); |
| 99 } | 105 } |
| 100 return m_fetched.get(); | 106 return m_fetched.get(); |
| 101 } | 107 } |
| 102 | 108 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 115 m_fetched->lastResourceRequest().url(), MixedContentChecker::SendReport)
; | 121 m_fetched->lastResourceRequest().url(), MixedContentChecker::SendReport)
; |
| 116 document->fetcher()->requestLoadStarted(m_fetched.get(), request, ResourceFe
tcher::ResourceLoadingFromCache); | 122 document->fetcher()->requestLoadStarted(m_fetched.get(), request, ResourceFe
tcher::ResourceLoadingFromCache); |
| 117 } | 123 } |
| 118 | 124 |
| 119 bool CSSFontFaceSrcValue::equals(const CSSFontFaceSrcValue& other) const | 125 bool CSSFontFaceSrcValue::equals(const CSSFontFaceSrcValue& other) const |
| 120 { | 126 { |
| 121 return m_isLocal == other.m_isLocal && m_format == other.m_format && m_resou
rce == other.m_resource; | 127 return m_isLocal == other.m_isLocal && m_format == other.m_format && m_resou
rce == other.m_resource; |
| 122 } | 128 } |
| 123 | 129 |
| 124 } | 130 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1267023004:
WebFonts: Send credentials for same origin requests (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master