Improve handling of CORS redirects for some resource loads.

Source/core/fetch/ResourceFetcher.cpp

Index: Source/core/fetch/ResourceFetcher.cpp
diff --git a/Source/core/fetch/ResourceFetcher.cpp b/Source/core/fetch/ResourceFetcher.cpp
index e3d0397c0a0855a990b6e513feb5637637bce64a..a25889ebe77e737da43da4aa548170b3aedca9d8 100644
--- a/Source/core/fetch/ResourceFetcher.cpp
+++ b/Source/core/fetch/ResourceFetcher.cpp
@@ -31,6 +31,7 @@
 #include "bindings/v8/ScriptController.h"
 #include "core/dom/Document.h"
 #include "core/fetch/CSSStyleSheetResource.h"
+#include "core/fetch/CrossOriginAccessControl.h"
 #include "core/fetch/DocumentResource.h"
 #include "core/fetch/FetchContext.h"
 #include "core/fetch/FontResource.h"
@@ -550,17 +551,20 @@ bool ResourceFetcher::canRequest(Resource::Type type, const KURL& url, const Res
     return true;
 }
 
-bool ResourceFetcher::canAccessResource(Resource* resource, const KURL& url) const
+bool ResourceFetcher::canAccessResource(Resource* resource, SecurityOrigin* sourceOrigin, const KURL& url) const
 {
     // Redirects can change the response URL different from one of request.
     if (!canRequest(resource->type(), url, resource->options(), false, FetchRequest::UseDefaultOriginRestrictionForType))
         return false;
 
-    if (!document() || document()->securityOrigin()->canRequest(url))
+    if (!sourceOrigin && document())
+        sourceOrigin = document()->securityOrigin();
+
+    if (!sourceOrigin || sourceOrigin->canRequest(url))

[abarth-chromium, 2014/02/05 08:20:44]

The !sourceOrigin case here cannot occur.  document()->securityOrigin() is
always non-null.

         return true;
 
     String errorDescription;
-    if (!resource->passesAccessControlCheck(document()->securityOrigin(), errorDescription)) {
+    if (!resource->passesAccessControlCheck(sourceOrigin, errorDescription)) {
         if (frame() && frame()->document()) {
             String resourceType = Resource::resourceTypeToString(resource->type(), resource->options().initiatorInfo);
             frame()->document()->addConsoleMessage(JSMessageSource, ErrorMessageLevel, resourceType + " from origin '" + SecurityOrigin::create(url)->toString() + "' has been blocked from loading by Cross-Origin Resource Sharing policy: " + errorDescription);
@@ -1306,10 +1310,23 @@ bool ResourceFetcher::isLoadedBy(ResourceLoaderHost* possibleOwner) const
     return this == possibleOwner;
 }
 
-bool ResourceFetcher::shouldRequest(Resource* resource, const ResourceRequest& request, const ResourceLoaderOptions& options)
+bool ResourceFetcher::canAccessRedirect(Resource* resource, ResourceRequest& request, const ResourceResponse& redirectResponse, ResourceLoaderOptions& options)
 {
     if (!canRequest(resource->type(), request.url(), options, false, FetchRequest::UseDefaultOriginRestrictionForType))
         return false;
+    if (options.corsEnabled == IsCORSEnabled) {
+        SecurityOrigin* sourceOrigin = options.securityOrigin.get();
+        if (!sourceOrigin && document())
+            sourceOrigin = document()->securityOrigin();
+        if (!sourceOrigin)
+            return false;

[abarth-chromium, 2014/02/05 08:20:44]

This can't ever occur.  documet()->securityOrigin() is always non-null.

[sof, 2014/02/05 10:05:42]

Just being conservative, good to know. Gone.

+        String errorMessage;
+        if (!CrossOriginAccessControl::handleRedirect(resource, sourceOrigin, request, redirectResponse, options, errorMessage)) {
+            if (frame() && frame()->document())

[abarth-chromium, 2014/02/05 08:20:44]

frame()->document() will always be non-null in this case.  In fact, it will
always be equal to document()

[sof, 2014/02/05 10:05:42]

I did have it as "if (document())" initially (like in canAccessResource()), but
noticed that in a HTML Imports testcase
(import-script-block-crossorigin-dynamic) which generates CORS errors from
within an imported document, the errors weren't being propagated out (=> console
errors not being displayed in the test's output.)

Where do we want to report such errors to?

+                frame()->document()->addConsoleMessage(JSMessageSource, ErrorMessageLevel, errorMessage);

[abarth-chromium, 2014/02/05 08:20:44]

Why not just call addCnosoleMessage on document() directory?  There's no way to
get here after the document detaches from the frame.  You can add an
ASSERT(frame()); if you like.

+            return false;
+        }
+    }
     if (resource->type() == Resource::Image && shouldDeferImageLoad(request.url()))
         return false;
     return true;