OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
173 if (isInterestingStatusCode(statusCode)) | 173 if (isInterestingStatusCode(statusCode)) |
174 errorDescription.append(" The response had HTTP status code " +
String::number(statusCode) + "."); | 174 errorDescription.append(" The response had HTTP status code " +
String::number(statusCode) + "."); |
175 | 175 |
176 if (context == WebURLRequest::RequestContextFetch) | 176 if (context == WebURLRequest::RequestContextFetch) |
177 errorDescription.append(" If an opaque response serves your need
s, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
"); | 177 errorDescription.append(" If an opaque response serves your need
s, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
"); |
178 | 178 |
179 return false; | 179 return false; |
180 } | 180 } |
181 | 181 |
182 String detail; | 182 String detail; |
183 if (allowOriginHeaderValue.string().find(isOriginSeparator, 0) != kNotFo
und) { | 183 if (allowOriginHeaderValue.getString().find(isOriginSeparator, 0) != kNo
tFound) { |
184 detail = "The 'Access-Control-Allow-Origin' header contains multiple
values '" + allowOriginHeaderValue + "', but only one is allowed."; | 184 detail = "The 'Access-Control-Allow-Origin' header contains multiple
values '" + allowOriginHeaderValue + "', but only one is allowed."; |
185 } else { | 185 } else { |
186 KURL headerOrigin(KURL(), allowOriginHeaderValue); | 186 KURL headerOrigin(KURL(), allowOriginHeaderValue); |
187 if (!headerOrigin.isValid()) | 187 if (!headerOrigin.isValid()) |
188 detail = "The 'Access-Control-Allow-Origin' header contains the
invalid value '" + allowOriginHeaderValue + "'."; | 188 detail = "The 'Access-Control-Allow-Origin' header contains the
invalid value '" + allowOriginHeaderValue + "'."; |
189 else | 189 else |
190 detail = "The 'Access-Control-Allow-Origin' header has a value '
" + allowOriginHeaderValue + "' that is not equal to the supplied origin."; | 190 detail = "The 'Access-Control-Allow-Origin' header has a value '
" + allowOriginHeaderValue + "' that is not equal to the supplied origin."; |
191 } | 191 } |
192 errorDescription = buildAccessControlFailureMessage(detail, securityOrig
in); | 192 errorDescription = buildAccessControlFailureMessage(detail, securityOrig
in); |
193 if (context == WebURLRequest::RequestContextFetch) | 193 if (context == WebURLRequest::RequestContextFetch) |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
289 newRequest.setHTTPOrigin(securityOrigin); | 289 newRequest.setHTTPOrigin(securityOrigin); |
290 // If the user didn't request credentials in the first place, update our | 290 // If the user didn't request credentials in the first place, update our |
291 // state so we neither request them nor expect they must be allowed. | 291 // state so we neither request them nor expect they must be allowed. |
292 if (options.credentialsRequested == ClientDidNotRequestCredentials) | 292 if (options.credentialsRequested == ClientDidNotRequestCredentials) |
293 options.allowCredentials = DoNotAllowStoredCredentials; | 293 options.allowCredentials = DoNotAllowStoredCredentials; |
294 } | 294 } |
295 return true; | 295 return true; |
296 } | 296 } |
297 | 297 |
298 } // namespace blink | 298 } // namespace blink |
OLD | NEW |