Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(60)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/fetch/ResourceLoaderOptions.h

Issue 137983010: (Re)organize handling of CORS access control during resource loading. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: HTMLImportLoader no longer needs a ResourceFetcher Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/fetch/ResourceLoaderHost.h ('k') | Source/core/html/HTMLImportChild.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Google Inc. All rights reserved. 2 * Copyright (C) 2011 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
85 TreatAsPassiveContent, 85 TreatAsPassiveContent,
86 TreatAsActiveContent, 86 TreatAsActiveContent,
87 TreatAsAlwaysAllowedContent 87 TreatAsAlwaysAllowedContent
88 }; 88 };
89 89
90 enum SynchronousPolicy { 90 enum SynchronousPolicy {
91 RequestSynchronously, 91 RequestSynchronously,
92 RequestAsynchronously 92 RequestAsynchronously
93 }; 93 };
94 94
95 // A resource fetch can be marked as being CORS enabled. The loader
96 // must perform an access check upon seeing the response.
97 enum CORSEnabled {
98 NotCORSEnabled,
99 IsCORSEnabled
100 };
101
95 struct ResourceLoaderOptions { 102 struct ResourceLoaderOptions {
96 ResourceLoaderOptions() 103 ResourceLoaderOptions()
97 : sniffContent(DoNotSniffContent) 104 : sniffContent(DoNotSniffContent)
98 , dataBufferingPolicy(BufferData) 105 , dataBufferingPolicy(BufferData)
99 , allowCredentials(DoNotAllowStoredCredentials) 106 , allowCredentials(DoNotAllowStoredCredentials)
100 , credentialsRequested(ClientDidNotRequestCredentials) 107 , credentialsRequested(ClientDidNotRequestCredentials)
101 , crossOriginCredentialPolicy(DoNotAskClientForCrossOriginCredentials) 108 , crossOriginCredentialPolicy(DoNotAskClientForCrossOriginCredentials)
102 , securityCheck(DoSecurityCheck) 109 , securityCheck(DoSecurityCheck)
103 , contentSecurityPolicyOption(CheckContentSecurityPolicy) 110 , contentSecurityPolicyOption(CheckContentSecurityPolicy)
104 , requestInitiatorContext(DocumentContext) 111 , requestInitiatorContext(DocumentContext)
105 , mixedContentBlockingTreatment(TreatAsDefaultForType) 112 , mixedContentBlockingTreatment(TreatAsDefaultForType)
106 , synchronousPolicy(RequestAsynchronously) 113 , synchronousPolicy(RequestAsynchronously)
114 , corsEnabled(NotCORSEnabled)
107 { 115 {
108 } 116 }
109 117
110 ResourceLoaderOptions( 118 ResourceLoaderOptions(
111 ContentSniffingPolicy sniffContent, 119 ContentSniffingPolicy sniffContent,
112 DataBufferingPolicy dataBufferingPolicy, 120 DataBufferingPolicy dataBufferingPolicy,
113 StoredCredentials allowCredentials, 121 StoredCredentials allowCredentials,
114 CredentialRequest credentialsRequested, 122 CredentialRequest credentialsRequested,
115 ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy, 123 ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy,
116 SecurityCheckPolicy securityCheck, 124 SecurityCheckPolicy securityCheck,
117 ContentSecurityPolicyCheck contentSecurityPolicyOption, 125 ContentSecurityPolicyCheck contentSecurityPolicyOption,
118 RequestInitiatorContext requestInitiatorContext) 126 RequestInitiatorContext requestInitiatorContext)
119 : sniffContent(sniffContent) 127 : sniffContent(sniffContent)
120 , dataBufferingPolicy(dataBufferingPolicy) 128 , dataBufferingPolicy(dataBufferingPolicy)
121 , allowCredentials(allowCredentials) 129 , allowCredentials(allowCredentials)
122 , credentialsRequested(credentialsRequested) 130 , credentialsRequested(credentialsRequested)
123 , crossOriginCredentialPolicy(crossOriginCredentialPolicy) 131 , crossOriginCredentialPolicy(crossOriginCredentialPolicy)
124 , securityCheck(securityCheck) 132 , securityCheck(securityCheck)
125 , contentSecurityPolicyOption(contentSecurityPolicyOption) 133 , contentSecurityPolicyOption(contentSecurityPolicyOption)
126 , requestInitiatorContext(requestInitiatorContext) 134 , requestInitiatorContext(requestInitiatorContext)
127 , mixedContentBlockingTreatment(TreatAsDefaultForType) 135 , mixedContentBlockingTreatment(TreatAsDefaultForType)
128 , synchronousPolicy(RequestAsynchronously) 136 , synchronousPolicy(RequestAsynchronously)
137 , corsEnabled(NotCORSEnabled)
129 { 138 {
130 } 139 }
131 140
132 ContentSniffingPolicy sniffContent; 141 ContentSniffingPolicy sniffContent;
133 DataBufferingPolicy dataBufferingPolicy; 142 DataBufferingPolicy dataBufferingPolicy;
134 StoredCredentials allowCredentials; // Whether HTTP credentials and cookies are sent with the request. 143 StoredCredentials allowCredentials; // Whether HTTP credentials and cookies are sent with the request.
135 CredentialRequest credentialsRequested; // Whether the client (e.g. XHR) wan ted credentials in the first place. 144 CredentialRequest credentialsRequested; // Whether the client (e.g. XHR) wan ted credentials in the first place.
136 ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy; // Whether we will ask the client for credentials (if we allow credentials at all). 145 ClientCrossOriginCredentialPolicy crossOriginCredentialPolicy; // Whether we will ask the client for credentials (if we allow credentials at all).
137 SecurityCheckPolicy securityCheck; 146 SecurityCheckPolicy securityCheck;
138 ContentSecurityPolicyCheck contentSecurityPolicyOption; 147 ContentSecurityPolicyCheck contentSecurityPolicyOption;
139 FetchInitiatorInfo initiatorInfo; 148 FetchInitiatorInfo initiatorInfo;
140 RequestInitiatorContext requestInitiatorContext; 149 RequestInitiatorContext requestInitiatorContext;
141 MixedContentBlockingTreatment mixedContentBlockingTreatment; 150 MixedContentBlockingTreatment mixedContentBlockingTreatment;
142 SynchronousPolicy synchronousPolicy; 151 SynchronousPolicy synchronousPolicy;
152 CORSEnabled corsEnabled; // If the resource is loaded out-of-origin, whether or not to use CORS.
143 RefPtr<SecurityOrigin> securityOrigin; 153 RefPtr<SecurityOrigin> securityOrigin;
144 }; 154 };
145 155
146 } // namespace WebCore 156 } // namespace WebCore
147 157
148 #endif // ResourceLoaderOptions_h 158 #endif // ResourceLoaderOptions_h
OLDNEW
« no previous file with comments | « Source/core/fetch/ResourceLoaderHost.h ('k') | Source/core/html/HTMLImportChild.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698