Include the Origin header for XHR and Fetch API even if the request is same-origin

third_party/WebKit/Source/core/loader/ThreadableLoader.h

Index: third_party/WebKit/Source/core/loader/ThreadableLoader.h
diff --git a/third_party/WebKit/Source/core/loader/ThreadableLoader.h b/third_party/WebKit/Source/core/loader/ThreadableLoader.h
index 9a1be36d7503c56dd7a24311a12182e1f51cd994..332e40693436c129c15b5e663fcf57205aa31d50 100644
--- a/third_party/WebKit/Source/core/loader/ThreadableLoader.h
+++ b/third_party/WebKit/Source/core/loader/ThreadableLoader.h
@@ -62,13 +62,21 @@ enum ContentSecurityPolicyEnforcement {
     DoNotEnforceContentSecurityPolicy,
 };
 
+// Instructs whether or not to include the Origin header in same-origin
+// requests.
+enum SameOriginHeaderPolicy {
+    IncludeSameOriginHeader,
+    OmitSameOriginHeader,
+};
+
 struct ThreadableLoaderOptions {
     DISALLOW_NEW();
     ThreadableLoaderOptions()
         : preflightPolicy(ConsiderPreflight)
         , crossOriginRequestPolicy(DenyCrossOriginRequests)
         , contentSecurityPolicyEnforcement(EnforceContentSecurityPolicy)
-        , timeoutMilliseconds(0) { }
+        , timeoutMilliseconds(0)
+        , sameOriginHeaderPolicy(OmitSameOriginHeader) { }
 
     // When adding members, CrossThreadThreadableLoaderOptionsData should
     // be updated.
@@ -77,6 +85,7 @@ struct ThreadableLoaderOptions {
     AtomicString initiator;
     ContentSecurityPolicyEnforcement contentSecurityPolicyEnforcement;
     unsigned long timeoutMilliseconds;
+    SameOriginHeaderPolicy sameOriginHeaderPolicy;
 };
 
 // Encode AtomicString as String to cross threads.