Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(434)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/core/css/CSSFontFaceSrcValue.cpp

Issue 230383003: Webfont CORS-enabled fetching with fallback (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « Source/core/css/CSSFontFaceSrcValue.h ('k') | Source/core/css/RemoteFontFaceSource.h » ('j') | Source/core/css/RemoteFontFaceSource.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/core/css/CSSFontFaceSrcValue.cpp
diff --git a/Source/core/css/CSSFontFaceSrcValue.cpp b/Source/core/css/CSSFontFaceSrcValue.cpp
index 5ccf7547707efc0f79d2e69841d9ace072da92cb..00321c7d8b7c72ef3245d342103acb60d5ea949a 100644
--- a/Source/core/css/CSSFontFaceSrcValue.cpp
+++ b/Source/core/css/CSSFontFaceSrcValue.cpp
@@ -88,10 +88,21 @@ bool CSSFontFaceSrcValue::hasFailedOrCanceledSubresources() const
return m_fetched->loadFailedOrCanceled();
}
+static bool shouldSetCrossOriginAccessControl(const KURL& resource, SecurityOrigin* securityOrigin)
+{
+ if (resource.isLocalFile() || resource.protocolIsData())
+ return false;
+ return !securityOrigin->canRequest(resource);
Kunihiko Sakamoto 2014/04/09 10:24:18 I'm not familiar with this, but doesn't this retur
bashi 2014/04/10 03:40:56 In short, canRequest() returns true when |resource
Kunihiko Sakamoto 2014/04/10 05:49:24 Oh, I missed the ! operator. So we add Origin head
Kunihiko Sakamoto 2014/04/10 06:53:09 Nevermind - FireFox does not add Origin header for
+}
+
FontResource* CSSFontFaceSrcValue::fetch(Document* document)
{
if (!m_fetched) {
FetchRequest request(ResourceRequest(document->completeURL(m_resource)), FetchInitiatorTypeNames::css);
+ SecurityOrigin* securityOrigin = document->securityOrigin();
+ if (shouldSetCrossOriginAccessControl(request.url(), securityOrigin)) {
+ request.setCrossOriginAccessControl(securityOrigin, DoNotAllowStoredCredentials);
+ }
m_fetched = document->fetcher()->fetchFont(request);
}
return m_fetched.get();
« no previous file with comments | « Source/core/css/CSSFontFaceSrcValue.h ('k') | Source/core/css/RemoteFontFaceSource.h » ('j') | Source/core/css/RemoteFontFaceSource.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698