| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2011, 2012 Google Inc. All rights reserved. |
| 3 * Copyright (C) 2013, Intel Corporation | 3 * Copyright (C) 2013, Intel Corporation |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions are | 6 * modification, are permitted provided that the following conditions are |
| 7 * met: | 7 * met: |
| 8 * | 8 * |
| 9 * * Redistributions of source code must retain the above copyright | 9 * * Redistributions of source code must retain the above copyright |
| 10 * notice, this list of conditions and the following disclaimer. | 10 * notice, this list of conditions and the following disclaimer. |
| (...skipping 352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 363 updateRequestForAccessControl(crossOriginRequest, getSecurityOrigin(), | 363 updateRequestForAccessControl(crossOriginRequest, getSecurityOrigin(), |
| 364 effectiveAllowCredentials()); | 364 effectiveAllowCredentials()); |
| 365 // We update the credentials mode according to effectiveAllowCredentials() | 365 // We update the credentials mode according to effectiveAllowCredentials() |
| 366 // here for backward compatibility. But this is not correct. | 366 // here for backward compatibility. But this is not correct. |
| 367 // FIXME: We should set it in the caller of DocumentThreadableLoader. | 367 // FIXME: We should set it in the caller of DocumentThreadableLoader. |
| 368 crossOriginRequest.setFetchCredentialsMode( | 368 crossOriginRequest.setFetchCredentialsMode( |
| 369 effectiveAllowCredentials() == AllowStoredCredentials | 369 effectiveAllowCredentials() == AllowStoredCredentials |
| 370 ? WebURLRequest::FetchCredentialsModeInclude | 370 ? WebURLRequest::FetchCredentialsModeInclude |
| 371 : WebURLRequest::FetchCredentialsModeOmit); | 371 : WebURLRequest::FetchCredentialsModeOmit); |
| 372 if (m_didRedirect) { | 372 if (m_didRedirect) { |
| 373 crossOriginRequest.setHTTPReferrer(SecurityPolicy::generateReferrer( | 373 crossOriginRequest.setHTTPReferrer(m_referrerAfterRedirect); |
| 374 m_referrerAfterRedirect.referrerPolicy, crossOriginRequest.url(), | |
| 375 m_referrerAfterRedirect.referrer)); | |
| 376 } | 374 } |
| 377 loadRequest(crossOriginRequest, crossOriginOptions); | 375 loadRequest(crossOriginRequest, crossOriginOptions); |
| 378 } else { | 376 } else { |
| 379 m_crossOriginNonSimpleRequest = true; | 377 m_crossOriginNonSimpleRequest = true; |
| 380 // Do not set the Origin header for preflight requests. | 378 // Do not set the Origin header for preflight requests. |
| 381 updateRequestForAccessControl(crossOriginRequest, 0, | 379 updateRequestForAccessControl(crossOriginRequest, 0, |
| 382 effectiveAllowCredentials()); | 380 effectiveAllowCredentials()); |
| 383 // We update the credentials mode according to effectiveAllowCredentials() | 381 // We update the credentials mode according to effectiveAllowCredentials() |
| 384 // here for backward compatibility. But this is not correct. | 382 // here for backward compatibility. But this is not correct. |
| 385 // FIXME: We should set it in the caller of DocumentThreadableLoader. | 383 // FIXME: We should set it in the caller of DocumentThreadableLoader. |
| 386 crossOriginRequest.setFetchCredentialsMode( | 384 crossOriginRequest.setFetchCredentialsMode( |
| 387 effectiveAllowCredentials() == AllowStoredCredentials | 385 effectiveAllowCredentials() == AllowStoredCredentials |
| 388 ? WebURLRequest::FetchCredentialsModeInclude | 386 ? WebURLRequest::FetchCredentialsModeInclude |
| 389 : WebURLRequest::FetchCredentialsModeOmit); | 387 : WebURLRequest::FetchCredentialsModeOmit); |
| 390 m_actualRequest = crossOriginRequest; | 388 m_actualRequest = crossOriginRequest; |
| 391 m_actualOptions = crossOriginOptions; | 389 m_actualOptions = crossOriginOptions; |
| 392 | 390 |
| 393 if (m_didRedirect) { | 391 if (m_didRedirect) { |
| 394 m_actualRequest.setHTTPReferrer(SecurityPolicy::generateReferrer( | 392 m_actualRequest.setHTTPReferrer(m_referrerAfterRedirect); |
| 395 m_referrerAfterRedirect.referrerPolicy, m_actualRequest.url(), | |
| 396 m_referrerAfterRedirect.referrer)); | |
| 397 } | 393 } |
| 398 | 394 |
| 399 bool shouldForcePreflight = | 395 bool shouldForcePreflight = |
| 400 request.isExternalRequest() || | 396 request.isExternalRequest() || |
| 401 InspectorInstrumentation::shouldForceCORSPreflight(m_document); | 397 InspectorInstrumentation::shouldForceCORSPreflight(m_document); |
| 402 bool canSkipPreflight = | 398 bool canSkipPreflight = |
| 403 CrossOriginPreflightResultCache::shared().canSkipPreflight( | 399 CrossOriginPreflightResultCache::shared().canSkipPreflight( |
| 404 getSecurityOrigin()->toString(), m_actualRequest.url(), | 400 getSecurityOrigin()->toString(), m_actualRequest.url(), |
| 405 effectiveAllowCredentials(), m_actualRequest.httpMethod(), | 401 effectiveAllowCredentials(), m_actualRequest.httpMethod(), |
| 406 m_actualRequest.httpHeaderFields()); | 402 m_actualRequest.httpHeaderFields()); |
| (...skipping 723 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1130 } | 1126 } |
| 1131 | 1127 |
| 1132 DEFINE_TRACE(DocumentThreadableLoader) { | 1128 DEFINE_TRACE(DocumentThreadableLoader) { |
| 1133 visitor->trace(m_resource); | 1129 visitor->trace(m_resource); |
| 1134 visitor->trace(m_document); | 1130 visitor->trace(m_document); |
| 1135 ThreadableLoader::trace(visitor); | 1131 ThreadableLoader::trace(visitor); |
| 1136 RawResourceClient::trace(visitor); | 1132 RawResourceClient::trace(visitor); |
| 1137 } | 1133 } |
| 1138 | 1134 |
| 1139 } // namespace blink | 1135 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2393633006:
Send net's ReferrerPolicy back to Blink while following redirects (Closed)
