| Index: third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
|
| diff --git a/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp b/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
|
| index 808d273a0ade2397829b51c571b9426add1b304f..57f5d624403456f6e2518b595e38f9a6ed975c5a 100644
|
| --- a/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
|
| +++ b/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
|
| @@ -446,11 +446,7 @@ void FrameFetchContext::printAccessDeniedMessage(const KURL& url) const
|
|
|
| bool FrameFetchContext::canRequest(Resource::Type type, const ResourceRequest& resourceRequest, const KURL& url, const ResourceLoaderOptions& options, bool forPreload, FetchRequest::OriginRestriction originRestriction) const
|
| {
|
| - // As of CSP2, for requests that are the results of redirects, the match
|
| - // algorithm should ignore the path component of the URL.
|
| - ContentSecurityPolicy::RedirectStatus redirectStatus = resourceRequest.followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy::DidNotRedirect;
|
| -
|
| - ResourceRequestBlockedReason reason = canRequestInternal(type, resourceRequest, url, options, forPreload, originRestriction, redirectStatus);
|
| + ResourceRequestBlockedReason reason = canRequestInternal(type, resourceRequest, url, options, forPreload, originRestriction, resourceRequest.redirectStatus());
|
| if (reason != ResourceRequestBlockedReasonNone) {
|
| if (!forPreload)
|
| InspectorInstrumentation::didBlockRequest(frame(), resourceRequest, ensureLoaderForNotifications(), options.initiatorInfo, reason);
|
| @@ -461,7 +457,7 @@ bool FrameFetchContext::canRequest(Resource::Type type, const ResourceRequest& r
|
|
|
| bool FrameFetchContext::allowResponse(Resource::Type type, const ResourceRequest& resourceRequest, const KURL& url, const ResourceLoaderOptions& options) const
|
| {
|
| - ResourceRequestBlockedReason reason = canRequestInternal(type, resourceRequest, url, options, false, FetchRequest::UseDefaultOriginRestrictionForType, ContentSecurityPolicy::DidRedirect);
|
| + ResourceRequestBlockedReason reason = canRequestInternal(type, resourceRequest, url, options, false, FetchRequest::UseDefaultOriginRestrictionForType, RedirectStatus::FollowedRedirect);
|
| if (reason != ResourceRequestBlockedReasonNone) {
|
| InspectorInstrumentation::didBlockRequest(frame(), resourceRequest, ensureLoaderForNotifications(), options.initiatorInfo, reason);
|
| return false;
|
| @@ -469,7 +465,7 @@ bool FrameFetchContext::allowResponse(Resource::Type type, const ResourceRequest
|
| return true;
|
| }
|
|
|
| -ResourceRequestBlockedReason FrameFetchContext::canRequestInternal(Resource::Type type, const ResourceRequest& resourceRequest, const KURL& url, const ResourceLoaderOptions& options, bool forPreload, FetchRequest::OriginRestriction originRestriction, ContentSecurityPolicy::RedirectStatus redirectStatus) const
|
| +ResourceRequestBlockedReason FrameFetchContext::canRequestInternal(Resource::Type type, const ResourceRequest& resourceRequest, const KURL& url, const ResourceLoaderOptions& options, bool forPreload, FetchRequest::OriginRestriction originRestriction, ResourceRequest::RedirectStatus redirectStatus) const
|
| {
|
| if (InspectorInstrumentation::shouldBlockRequest(frame(), resourceRequest))
|
| return ResourceRequestBlockedReasonInspector;
|
| @@ -569,7 +565,7 @@ ResourceRequestBlockedReason FrameFetchContext::canRequestInternal(Resource::Typ
|
| // Measure the number of pages that load resources after a redirect
|
| // when a CSP is active, to see if implementing CSP
|
| // 'unsafe-redirect' is feasible.
|
| - if (csp && csp->isActive() && resourceRequest.frameType() != WebURLRequest::FrameTypeTopLevel && resourceRequest.frameType() != WebURLRequest::FrameTypeAuxiliary && redirectStatus == ContentSecurityPolicy::DidRedirect) {
|
| + if (csp && csp->isActive() && resourceRequest.frameType() != WebURLRequest::FrameTypeTopLevel && resourceRequest.frameType() != WebURLRequest::FrameTypeAuxiliary && redirectStatus == RedirectStatus::FollowedRedirect) {
|
| ASSERT(frame()->document());
|
| UseCounter::count(frame()->document(), UseCounter::ResourceLoadedAfterRedirectWithCSP);
|
| }
|
|
|
Chromium Code Reviews
Issue 2025633002:
Move 'ContentSecurityPolicy::RedirectStatus' into 'ResourceRequest' (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master