| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2003, 2006, 2008 Apple Inc. All rights reserved. | 2 * Copyright (C) 2003, 2006, 2008 Apple Inc. All rights reserved. |
| 3 * Copyright (C) 2005, 2006 Alexey Proskuryakov <ap@nypop.com> | 3 * Copyright (C) 2005, 2006 Alexey Proskuryakov <ap@nypop.com> |
| 4 * Copyright (C) 2011 Google Inc. All rights reserved. | 4 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 5 * Copyright (C) 2012 Intel Corporation | 5 * Copyright (C) 2012 Intel Corporation |
| 6 * | 6 * |
| 7 * This library is free software; you can redistribute it and/or | 7 * This library is free software; you can redistribute it and/or |
| 8 * modify it under the terms of the GNU Lesser General Public | 8 * modify it under the terms of the GNU Lesser General Public |
| 9 * License as published by the Free Software Foundation; either | 9 * License as published by the Free Software Foundation; either |
| 10 * version 2 of the License, or (at your option) any later version. | 10 * version 2 of the License, or (at your option) any later version. |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 113 unsigned long timeout() const { return m_timeoutMilliseconds; } | 113 unsigned long timeout() const { return m_timeoutMilliseconds; } |
| 114 void setTimeout(unsigned long timeout, ExceptionCode&); | 114 void setTimeout(unsigned long timeout, ExceptionCode&); |
| 115 #endif | 115 #endif |
| 116 | 116 |
| 117 void sendFromInspector(PassRefPtr<FormData>, ExceptionCode&); | 117 void sendFromInspector(PassRefPtr<FormData>, ExceptionCode&); |
| 118 | 118 |
| 119 // Expose HTTP validation methods for other untrusted requests. | 119 // Expose HTTP validation methods for other untrusted requests. |
| 120 static bool isAllowedHTTPMethod(const String&); | 120 static bool isAllowedHTTPMethod(const String&); |
| 121 static String uppercaseKnownHTTPMethod(const String&); | 121 static String uppercaseKnownHTTPMethod(const String&); |
| 122 static bool isAllowedHTTPHeader(const String&); | 122 static bool isAllowedHTTPHeader(const String&); |
| 123 static bool isLocallyAllowedHTTPHeader(const String& name); |
| 123 | 124 |
| 124 void setResponseType(const String&, ExceptionCode&); | 125 void setResponseType(const String&, ExceptionCode&); |
| 125 String responseType(); | 126 String responseType(); |
| 126 ResponseTypeCode responseTypeCode() const { return m_responseTypeCode; } | 127 ResponseTypeCode responseTypeCode() const { return m_responseTypeCode; } |
| 127 | 128 |
| 128 // response attribute has custom getter. | 129 // response attribute has custom getter. |
| 129 ArrayBuffer* responseArrayBuffer(ExceptionCode&); | 130 ArrayBuffer* responseArrayBuffer(ExceptionCode&); |
| 130 ArrayBuffer* optionalResponseArrayBuffer() const { return m_responseArrayBuf
fer.get(); } | 131 ArrayBuffer* optionalResponseArrayBuffer() const { return m_responseArrayBuf
fer.get(); } |
| 131 | 132 |
| 132 void setLastSendLineNumber(unsigned lineNumber) { m_lastSendLineNumber = lin
eNumber; } | 133 void setLastSendLineNumber(unsigned lineNumber) { m_lastSendLineNumber = lin
eNumber; } |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 241 | 242 |
| 242 // An enum corresponding to the allowed string values for the responseType a
ttribute. | 243 // An enum corresponding to the allowed string values for the responseType a
ttribute. |
| 243 ResponseTypeCode m_responseTypeCode; | 244 ResponseTypeCode m_responseTypeCode; |
| 244 | 245 |
| 245 RefPtr<SecurityOrigin> m_securityOrigin; | 246 RefPtr<SecurityOrigin> m_securityOrigin; |
| 246 }; | 247 }; |
| 247 | 248 |
| 248 } // namespace WebCore | 249 } // namespace WebCore |
| 249 | 250 |
| 250 #endif // XMLHttpRequest_h | 251 #endif // XMLHttpRequest_h |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 13979011:
Block all scripts from setting unsafe headers in XMLHttpRequest (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master