Chromium Code Reviews Chromium Code Reviews
Issue 21532002:
CORS: Handle error HTTP status code 4XX/5XX in preflight requests. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 159 const String& accessControlCredentialsString = response.httpHeaderField( accessControlAllowCredentials); | 159 const String& accessControlCredentialsString = response.httpHeaderField( accessControlAllowCredentials); |
| 160 if (accessControlCredentialsString != "true") { | 160 if (accessControlCredentialsString != "true") { |
| 161 errorDescription = "Credentials flag is true, but Access-Control-All ow-Credentials is not \"true\"."; | 161 errorDescription = "Credentials flag is true, but Access-Control-All ow-Credentials is not \"true\"."; |
| 162 return false; | 162 return false; |
| 163 } | 163 } |
| 164 } | 164 } |
| 165 | 165 |
| 166 return true; | 166 return true; |
| 167 } | 167 } |
| 168 | 168 |
| 169 bool passesPreflightStatusCheck(const ResourceResponse& response, String& errorD escription) | |
| 170 { | |
| 171 if (response.httpStatusCode() < 200 || response.httpStatusCode() >= 400) { | |
| 172 errorDescription = "Invalid HTTP status code " + String::number(respons e.httpStatusCode()); | |
|
bbudge-google
2013/08/01 16:48:08
nit extra space
ancilgeorge
2013/08/02 04:35:06
Done.
| |
| 173 return false; | |
| 174 } | |
| 175 | |
| 176 return true; | |
| 177 } | |
| 178 | |
| 169 void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHea derSet& headerSet) | 179 void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHea derSet& headerSet) |
| 170 { | 180 { |
| 171 Vector<String> headers; | 181 Vector<String> headers; |
| 172 headerValue.split(',', false, headers); | 182 headerValue.split(',', false, headers); |
| 173 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++) { | 183 for (unsigned headerCount = 0; headerCount < headers.size(); headerCount++) { |
| 174 String strippedHeader = headers[headerCount].stripWhiteSpace(); | 184 String strippedHeader = headers[headerCount].stripWhiteSpace(); |
| 175 if (!strippedHeader.isEmpty()) | 185 if (!strippedHeader.isEmpty()) |
| 176 headerSet.add(strippedHeader); | 186 headerSet.add(strippedHeader); |
| 177 } | 187 } |
| 178 } | 188 } |
| 179 | 189 |
| 180 } // namespace WebCore | 190 } // namespace WebCore |
| OLD | NEW |
