Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(141)

Unified Diff: third_party/WebKit/Source/core/fetch/FetchRequest.cpp

Issue 2420603003: Make DocumentThreadableLoader's cross origin logic clearer in terms of layering (Closed)
Patch Set: Rebase Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/core/fetch/FetchRequest.cpp
diff --git a/third_party/WebKit/Source/core/fetch/FetchRequest.cpp b/third_party/WebKit/Source/core/fetch/FetchRequest.cpp
index 55982ed65f2def4f266e6b7525cc6e149cbf1b02..6fd3174a814e996ebad61533031d3ef37e6f2d5e 100644
--- a/third_party/WebKit/Source/core/fetch/FetchRequest.cpp
+++ b/third_party/WebKit/Source/core/fetch/FetchRequest.cpp
@@ -105,17 +105,24 @@ void FetchRequest::setCrossOriginAccessControl(
useCredentials ? WebURLRequest::FetchCredentialsModeInclude
: WebURLRequest::FetchCredentialsModeSameOrigin);
- m_options.allowCredentials = (isSameOriginRequest || useCredentials)
- ? AllowStoredCredentials
- : DoNotAllowStoredCredentials;
+ if (isSameOriginRequest || useCredentials) {
+ m_options.allowCredentials = AllowStoredCredentials;
+ m_resourceRequest.setAllowStoredCredentials(true);
+ } else {
+ m_options.allowCredentials = DoNotAllowStoredCredentials;
+ m_resourceRequest.setAllowStoredCredentials(false);
+ }
m_options.corsEnabled = IsCORSEnabled;
m_options.securityOrigin = origin;
m_options.credentialsRequested = useCredentials
? ClientRequestedCredentials
: ClientDidNotRequestCredentials;
- updateRequestForAccessControl(m_resourceRequest, origin,
- m_options.allowCredentials);
+ // TODO: Credentials should be removed only when the request is cross origin.
+ m_resourceRequest.removeCredentials();
+
+ if (origin)
+ m_resourceRequest.setHTTPOrigin(origin);
}
void FetchRequest::setResourceWidth(ResourceWidth resourceWidth) {

Powered by Google App Engine
This is Rietveld 408576698