Source/core/css/CSSFontFaceSrcValue.cpp - Issue 230383003: Webfont CORS-enabled fetching with fallback

Side by Side Diff: Source/core/css/CSSFontFaceSrcValue.cpp

Issue 230383003: Webfont CORS-enabled fetching with fallback (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Created 6 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2007, 2010 Apple Inc. All rights reserved.	2 * Copyright (C) 2007, 2010 Apple Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions	5 * modification, are permitted provided that the following conditions

6 * are met:	6 * are met:

7 * 1. Redistributions of source code must retain the above copyright	7 * 1. Redistributions of source code must retain the above copyright

8 * notice, this list of conditions and the following disclaimer.	8 * notice, this list of conditions and the following disclaimer.

9 * 2. Redistributions in binary form must reproduce the above copyright	9 * 2. Redistributions in binary form must reproduce the above copyright

10 * notice, this list of conditions and the following disclaimer in the	10 * notice, this list of conditions and the following disclaimer in the

(...skipping 70 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
81 return result.toString();	81 return result.toString();

82 }	82 }

83	83

84 bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const	84 bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const

85 {	85 {

86 if (!m_fetched)	86 if (!m_fetched)

87 return false;	87 return false;

88 return m_fetched->loadFailedOrCanceled();	88 return m_fetched->loadFailedOrCanceled();

89 }	89 }

90	90

	91 static bool shouldSetCrossOriginAccessControl(const KURL& resource, SecurityOrig in* securityOrigin)

	92 {

	93 if (resource.isLocalFile() \|\| resource.protocolIsData())

	94 return false;

	95 return !securityOrigin->canRequest(resource);
	Kunihiko Sakamoto 2014/04/09 10:24:18 I'm not familiar with this, but doesn't this retur I'm not familiar with this, but doesn't this return false for cross-origin requests? bashi 2014/04/10 03:40:56 In short, canRequest() returns true when \|resource Show quoted text On 2014/04/09 10:24:18, Kunihiko Sakamoto wrote: > I'm not familiar with this, but doesn't this return false for cross-origin > requests? In short, canRequest() returns true when \|resource\| is the same origin as \|securityOrigin\|. I think we want to set "Origin" header when \|resource\| isn't the same origin. Kunihiko Sakamoto 2014/04/10 05:49:24 Oh, I missed the ! operator. So we add Origin head Show quoted text On 2014/04/10 03:40:56, bashik wrote: > On 2014/04/09 10:24:18, Kunihiko Sakamoto wrote: > > I'm not familiar with this, but doesn't this return false for cross-origin > > requests? > > In short, canRequest() returns true when \|resource\| is the same origin as > \|securityOrigin\|. I think we want to set "Origin" header when \|resource\| isn't > the same origin. Oh, I missed the ! operator. So we add Origin header only for cross-origin request. Is that consistent with other CORS-subjected resources? FF seems to add Origin header for same-origin font requests as well. Kunihiko Sakamoto 2014/04/10 06:53:09 Nevermind - FireFox does not add Origin header for Show quoted text On 2014/04/10 05:49:24, Kunihiko Sakamoto wrote: > On 2014/04/10 03:40:56, bashik wrote: > > On 2014/04/09 10:24:18, Kunihiko Sakamoto wrote: > > > I'm not familiar with this, but doesn't this return false for cross-origin > > > requests? > > > > In short, canRequest() returns true when \|resource\| is the same origin as > > \|securityOrigin\|. I think we want to set "Origin" header when \|resource\| isn't > > the same origin. > > Oh, I missed the ! operator. So we add Origin header only for cross-origin > request. Is that consistent with other CORS-subjected resources? FF seems to add > Origin header for same-origin font requests as well. Nevermind - FireFox does not add Origin header for same-origin requests. I was looking at wrong log.
	96 }

	97

91 FontResource* CSSFontFaceSrcValue::fetch(Document* document)	98 FontResource* CSSFontFaceSrcValue::fetch(Document* document)

92 {	99 {

93 if (!m_fetched) {	100 if (!m_fetched) {

94 FetchRequest request(ResourceRequest(document->completeURL(m_resource)), FetchInitiatorTypeNames::css);	101 FetchRequest request(ResourceRequest(document->completeURL(m_resource)), FetchInitiatorTypeNames::css);

	102 SecurityOrigin* securityOrigin = document->securityOrigin();

	103 if (shouldSetCrossOriginAccessControl(request.url(), securityOrigin)) {

	104 request.setCrossOriginAccessControl(securityOrigin, DoNotAllowStored Credentials);

	105 }

95 m_fetched = document->fetcher()->fetchFont(request);	106 m_fetched = document->fetcher()->fetchFont(request);

96 }	107 }

97 return m_fetched.get();	108 return m_fetched.get();

98 }	109 }

99	110

100 bool CSSFontFaceSrcValue::equals(const CSSFontFaceSrcValue& other) const	111 bool CSSFontFaceSrcValue::equals(const CSSFontFaceSrcValue& other) const

101 {	112 {

102 return m_isLocal == other.m_isLocal && m_format == other.m_format && m_resou rce == other.m_resource;	113 return m_isLocal == other.m_isLocal && m_format == other.m_format && m_resou rce == other.m_resource;

103 }	114 }

104	115

105 }	116 }

OLD	NEW

« no previous file with comments | « Source/core/css/CSSFontFaceSrcValue.h ('k') | Source/core/css/RemoteFontFaceSource.h » ('j') | Source/core/css/RemoteFontFaceSource.cpp » ('J')