OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
7 * met: | 7 * met: |
8 * | 8 * |
9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
(...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
279 if (m_actualRequest) { | 279 if (m_actualRequest) { |
280 DocumentLoader* loader = m_document->frame()->loader()->documentLoader()
; | 280 DocumentLoader* loader = m_document->frame()->loader()->documentLoader()
; |
281 InspectorInstrumentationCookie cookie = InspectorInstrumentation::willRe
ceiveResourceResponse(m_document->frame(), identifier, response); | 281 InspectorInstrumentationCookie cookie = InspectorInstrumentation::willRe
ceiveResourceResponse(m_document->frame(), identifier, response); |
282 InspectorInstrumentation::didReceiveResourceResponse(cookie, identifier,
loader, response, 0); | 282 InspectorInstrumentation::didReceiveResourceResponse(cookie, identifier,
loader, response, 0); |
283 | 283 |
284 if (!passesAccessControlCheck(response, m_options.allowCredentials, secu
rityOrigin(), accessControlErrorDescription)) { | 284 if (!passesAccessControlCheck(response, m_options.allowCredentials, secu
rityOrigin(), accessControlErrorDescription)) { |
285 preflightFailure(identifier, response.url().string(), accessControlE
rrorDescription); | 285 preflightFailure(identifier, response.url().string(), accessControlE
rrorDescription); |
286 return; | 286 return; |
287 } | 287 } |
288 | 288 |
| 289 if (!passesPreflightStatusCheck(response, accessControlErrorDescription)
) { |
| 290 preflightFailure(identifier, response.url().string(), accessControlE
rrorDescription); |
| 291 return; |
| 292 } |
| 293 |
289 OwnPtr<CrossOriginPreflightResultCacheItem> preflightResult = adoptPtr(n
ew CrossOriginPreflightResultCacheItem(m_options.allowCredentials)); | 294 OwnPtr<CrossOriginPreflightResultCacheItem> preflightResult = adoptPtr(n
ew CrossOriginPreflightResultCacheItem(m_options.allowCredentials)); |
290 if (!preflightResult->parse(response, accessControlErrorDescription) | 295 if (!preflightResult->parse(response, accessControlErrorDescription) |
291 || !preflightResult->allowsCrossOriginMethod(m_actualRequest->httpMe
thod(), accessControlErrorDescription) | 296 || !preflightResult->allowsCrossOriginMethod(m_actualRequest->httpMe
thod(), accessControlErrorDescription) |
292 || !preflightResult->allowsCrossOriginHeaders(m_actualRequest->httpH
eaderFields(), accessControlErrorDescription)) { | 297 || !preflightResult->allowsCrossOriginHeaders(m_actualRequest->httpH
eaderFields(), accessControlErrorDescription)) { |
293 preflightFailure(identifier, response.url().string(), accessControlE
rrorDescription); | 298 preflightFailure(identifier, response.url().string(), accessControlE
rrorDescription); |
294 return; | 299 return; |
295 } | 300 } |
296 | 301 |
297 CrossOriginPreflightResultCache::shared().appendEntry(securityOrigin()->
toString(), m_actualRequest->url(), preflightResult.release()); | 302 CrossOriginPreflightResultCache::shared().appendEntry(securityOrigin()->
toString(), m_actualRequest->url(), preflightResult.release()); |
298 } else { | 303 } else { |
(...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
481 return true; | 486 return true; |
482 return m_document->contentSecurityPolicy()->allowConnectToSource(url); | 487 return m_document->contentSecurityPolicy()->allowConnectToSource(url); |
483 } | 488 } |
484 | 489 |
485 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const | 490 SecurityOrigin* DocumentThreadableLoader::securityOrigin() const |
486 { | 491 { |
487 return m_options.securityOrigin ? m_options.securityOrigin.get() : m_documen
t->securityOrigin(); | 492 return m_options.securityOrigin ? m_options.securityOrigin.get() : m_documen
t->securityOrigin(); |
488 } | 493 } |
489 | 494 |
490 } // namespace WebCore | 495 } // namespace WebCore |
OLD | NEW |