| Index: third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
|
| diff --git a/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp b/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
|
| index 8502e4b3e5ee2aa623430bb3177ee2daf4678638..866d726c02f3e37e1e046793b6fb5d78d7ac32c6 100644
|
| --- a/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
|
| +++ b/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
|
| @@ -186,50 +186,51 @@ void DocumentThreadableLoader::start(const ResourceRequest& request)
|
| page->chromeClient().didObserveNonGetFetchFromScript();
|
| }
|
|
|
| + ResourceRequest newRequest(request);
|
| + if (m_requestContext != WebURLRequest::RequestContextFetch) {
|
| + // When the request context is not "fetch",
|
| + // |crossOriginRequestPolicy| represents the fetch request mode,
|
| + // and |credentialsRequested| represents the fetch credentials mode.
|
| + // So we set those flags here so that we can see the correct request
|
| + // mode and credentials mode in the service worker's fetch event
|
| + // handler.
|
| + switch (m_options.crossOriginRequestPolicy) {
|
| + case DenyCrossOriginRequests:
|
| + newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeSameOrigin);
|
| + break;
|
| + case UseAccessControl:
|
| + if (m_options.preflightPolicy == ForcePreflight)
|
| + newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeCORSWithForcedPreflight);
|
| + else
|
| + newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeCORS);
|
| + break;
|
| + case AllowCrossOriginRequests:
|
| + // No-CORS is allowed for all these contexts, and plugin contexts
|
| + // with private permission when we set skipServiceWorker flag in
|
| + // PepperURLLoaderHost.
|
| + SECURITY_CHECK(m_requestContext == WebURLRequest::RequestContextAudio || m_requestContext == WebURLRequest::RequestContextVideo || m_requestContext == WebURLRequest::RequestContextObject || m_requestContext == WebURLRequest::RequestContextFavicon || m_requestContext == WebURLRequest::RequestContextImage || m_requestContext == WebURLRequest::RequestContextScript || (request.skipServiceWorker() && m_requestContext == WebURLRequest::RequestContextPlugin));
|
| + newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeNoCORS);
|
| + break;
|
| + }
|
| + if (m_resourceLoaderOptions.allowCredentials == AllowStoredCredentials)
|
| + newRequest.setFetchCredentialsMode(WebURLRequest::FetchCredentialsModeInclude);
|
| + else
|
| + newRequest.setFetchCredentialsMode(WebURLRequest::FetchCredentialsModeSameOrigin);
|
| + }
|
| +
|
| // We assume that ServiceWorker is skipped for sync requests and unsupported
|
| // protocol requests by content/ code.
|
| if (m_async && !request.skipServiceWorker() && SchemeRegistry::shouldTreatURLSchemeAsAllowingServiceWorkers(request.url().protocol()) && m_document->fetcher()->isControlledByServiceWorker()) {
|
| - ResourceRequest newRequest(request);
|
| - const WebURLRequest::RequestContext requestContext(request.requestContext());
|
| - if (requestContext != WebURLRequest::RequestContextFetch) {
|
| - // When the request context is not "fetch",
|
| - // |crossOriginRequestPolicy| represents the fetch request mode,
|
| - // and |credentialsRequested| represents the fetch credentials mode.
|
| - // So we set those flags here so that we can see the correct request
|
| - // mode and credentials mode in the service worker's fetch event
|
| - // handler.
|
| - switch (m_options.crossOriginRequestPolicy) {
|
| - case DenyCrossOriginRequests:
|
| - newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeSameOrigin);
|
| - break;
|
| - case UseAccessControl:
|
| - if (m_options.preflightPolicy == ForcePreflight)
|
| - newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeCORSWithForcedPreflight);
|
| - else
|
| - newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeCORS);
|
| - break;
|
| - case AllowCrossOriginRequests:
|
| - // No-CORS requests are allowed only for those contexts.
|
| - SECURITY_CHECK(requestContext == WebURLRequest::RequestContextAudio || requestContext == WebURLRequest::RequestContextVideo || requestContext == WebURLRequest::RequestContextObject || requestContext == WebURLRequest::RequestContextFavicon || requestContext == WebURLRequest::RequestContextImage || requestContext == WebURLRequest::RequestContextScript);
|
| - newRequest.setFetchRequestMode(WebURLRequest::FetchRequestModeNoCORS);
|
| - break;
|
| - }
|
| - if (m_resourceLoaderOptions.allowCredentials == AllowStoredCredentials)
|
| - newRequest.setFetchCredentialsMode(WebURLRequest::FetchCredentialsModeInclude);
|
| - else
|
| - newRequest.setFetchCredentialsMode(WebURLRequest::FetchCredentialsModeSameOrigin);
|
| - }
|
| if (newRequest.fetchRequestMode() == WebURLRequest::FetchRequestModeCORS || newRequest.fetchRequestMode() == WebURLRequest::FetchRequestModeCORSWithForcedPreflight) {
|
| m_fallbackRequestForServiceWorker = ResourceRequest(request);
|
| m_fallbackRequestForServiceWorker.setSkipServiceWorker(true);
|
| }
|
| -
|
| loadRequest(newRequest, m_resourceLoaderOptions);
|
| // |this| may be dead here.
|
| return;
|
| }
|
|
|
| - dispatchInitialRequest(request);
|
| + dispatchInitialRequest(newRequest);
|
| // |this| may be dead here in async mode.
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 1976513002:
Set the request mode and the credentials mode even if the request will not go to ServiceWorker. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master