Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(158)

Side by Side Diff: media/blink/buffered_data_source.cc

Issue 1356353003: Relax cross-origin partial response requirements for CORS presence. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Revert accidental php change. Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | media/blink/buffered_data_source_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "media/blink/buffered_data_source.h" 5 #include "media/blink/buffered_data_source.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/callback_helpers.h" 8 #include "base/callback_helpers.h"
9 #include "base/location.h" 9 #include "base/location.h"
10 #include "base/single_thread_task_runner.h" 10 #include "base/single_thread_task_runner.h"
(...skipping 413 matching lines...) Expand 10 before | Expand all | Expand 10 after
424 ReadOperation::Run(read_op_.Pass(), kReadError); 424 ReadOperation::Run(read_op_.Pass(), kReadError);
425 } 425 }
426 426
427 bool BufferedDataSource::CheckPartialResponseURL( 427 bool BufferedDataSource::CheckPartialResponseURL(
428 const GURL& partial_response_original_url) const { 428 const GURL& partial_response_original_url) const {
429 // We check the redirected URL of partial responses in case malicious 429 // We check the redirected URL of partial responses in case malicious
430 // attackers scan the bytes of other origin resources by mixing their 430 // attackers scan the bytes of other origin resources by mixing their
431 // generated bytes and the target response. See http://crbug.com/489060#c32 431 // generated bytes and the target response. See http://crbug.com/489060#c32
432 // for details. 432 // for details.
433 // If the origin of the new response is different from the first response we 433 // If the origin of the new response is different from the first response we
434 // deny the redirected response. 434 // deny the redirected response unless the crossorigin attribute has been set.
435 return response_original_url_.GetOrigin() == 435 return (response_original_url_.GetOrigin() ==
436 partial_response_original_url.GetOrigin(); 436 partial_response_original_url.GetOrigin()) ||
437 DidPassCORSAccessCheck();
437 } 438 }
438 439
439 void BufferedDataSource::ReadCallback( 440 void BufferedDataSource::ReadCallback(
440 BufferedResourceLoader::Status status, 441 BufferedResourceLoader::Status status,
441 int bytes_read) { 442 int bytes_read) {
442 DCHECK(render_task_runner_->BelongsToCurrentThread()); 443 DCHECK(render_task_runner_->BelongsToCurrentThread());
443 444
444 // TODO(scherkus): we shouldn't have to lock to signal host(), see 445 // TODO(scherkus): we shouldn't have to lock to signal host(), see
445 // http://crbug.com/113712 for details. 446 // http://crbug.com/113712 for details.
446 base::AutoLock auto_lock(lock_); 447 base::AutoLock auto_lock(lock_);
(...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after
565 } 566 }
566 567
567 // If media is currently playing or the page indicated preload=auto or the 568 // If media is currently playing or the page indicated preload=auto or the
568 // the server does not support the byte range request or we do not want to go 569 // the server does not support the byte range request or we do not want to go
569 // too far ahead of the read head, use threshold strategy to enable/disable 570 // too far ahead of the read head, use threshold strategy to enable/disable
570 // deferring when the buffer is full/depleted. 571 // deferring when the buffer is full/depleted.
571 loader_->UpdateDeferStrategy(BufferedResourceLoader::kCapacityDefer); 572 loader_->UpdateDeferStrategy(BufferedResourceLoader::kCapacityDefer);
572 } 573 }
573 574
574 } // namespace media 575 } // namespace media
OLDNEW
« no previous file with comments | « no previous file | media/blink/buffered_data_source_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698