OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
90 return headerSet.release(); | 90 return headerSet.release(); |
91 } | 91 } |
92 | 92 |
93 bool isOnAccessControlResponseHeaderWhitelist(const String& name) | 93 bool isOnAccessControlResponseHeaderWhitelist(const String& name) |
94 { | 94 { |
95 AtomicallyInitializedStatic(HTTPHeaderSet*, allowedCrossOriginResponseHeader
s = createAllowedCrossOriginResponseHeadersSet().leakPtr()); | 95 AtomicallyInitializedStatic(HTTPHeaderSet*, allowedCrossOriginResponseHeader
s = createAllowedCrossOriginResponseHeadersSet().leakPtr()); |
96 | 96 |
97 return allowedCrossOriginResponseHeaders->contains(name); | 97 return allowedCrossOriginResponseHeaders->contains(name); |
98 } | 98 } |
99 | 99 |
100 void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin* sec
urityOrigin, StoredCredentials allowCredentials) | 100 void updateRequestForAccessControl(ResourceRequest& request, StoredCredentials a
llowCredentials, SecurityOrigin* securityOrigin) |
101 { | 101 { |
102 request.removeCredentials(); | 102 request.removeCredentials(); |
103 request.setAllowCookies(allowCredentials == AllowStoredCredentials); | 103 request.setAllowCookies(allowCredentials == AllowStoredCredentials); |
104 request.setHTTPOrigin(securityOrigin->toString()); | 104 |
| 105 if (securityOrigin) |
| 106 request.setHTTPOrigin(securityOrigin->toString()); |
105 } | 107 } |
106 | 108 |
107 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& reque
st, SecurityOrigin* securityOrigin) | 109 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& reque
st, SecurityOrigin* securityOrigin) |
108 { | 110 { |
109 ResourceRequest preflightRequest(request.url()); | 111 ResourceRequest preflightRequest(request.url()); |
110 updateRequestForAccessControl(preflightRequest, securityOrigin, DoNotAllowSt
oredCredentials); | 112 updateRequestForAccessControl(preflightRequest, DoNotAllowStoredCredentials,
securityOrigin); |
111 preflightRequest.setHTTPMethod("OPTIONS"); | 113 preflightRequest.setHTTPMethod("OPTIONS"); |
112 preflightRequest.setHTTPHeaderField("Access-Control-Request-Method", request
.httpMethod()); | 114 preflightRequest.setHTTPHeaderField("Access-Control-Request-Method", request
.httpMethod()); |
113 preflightRequest.setPriority(request.priority()); | 115 preflightRequest.setPriority(request.priority()); |
114 | 116 |
115 const HTTPHeaderMap& requestHeaderFields = request.httpHeaderFields(); | 117 const HTTPHeaderMap& requestHeaderFields = request.httpHeaderFields(); |
116 | 118 |
117 if (requestHeaderFields.size() > 0) { | 119 if (requestHeaderFields.size() > 0) { |
118 StringBuilder headerBuffer; | 120 StringBuilder headerBuffer; |
119 HTTPHeaderMap::const_iterator it = requestHeaderFields.begin(); | 121 HTTPHeaderMap::const_iterator it = requestHeaderFields.begin(); |
120 headerBuffer.append(it->key); | 122 headerBuffer.append(it->key); |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
174 Vector<String> headers; | 176 Vector<String> headers; |
175 headerValue.split(',', false, headers); | 177 headerValue.split(',', false, headers); |
176 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++)
{ | 178 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++)
{ |
177 String strippedHeader = headers[headerCount].stripWhiteSpace(); | 179 String strippedHeader = headers[headerCount].stripWhiteSpace(); |
178 if (!strippedHeader.isEmpty()) | 180 if (!strippedHeader.isEmpty()) |
179 headerSet.add(strippedHeader); | 181 headerSet.add(strippedHeader); |
180 } | 182 } |
181 } | 183 } |
182 | 184 |
183 } // namespace WebCore | 185 } // namespace WebCore |
OLD | NEW |