Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(527)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp

Issue 2582833002: Fix foreign fetch intercepting CORS preflighted requests if preflight was in cache. (Closed)
Patch Set: Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/LayoutTests/http/tests/serviceworker/foreign-fetch-basics.html ('K') | « third_party/WebKit/LayoutTests/http/tests/serviceworker/foreign-fetch-basics.html ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
diff --git a/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp b/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
index e6aa7c47fd9a818012271e5280e0167f6aa41045..691e47279cea6bf98ba90229126e1bce3ae8868f 100644
--- a/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
@@ -369,6 +369,16 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequest(
prepareCrossOriginRequest(crossOriginRequest);
loadRequest(crossOriginRequest, crossOriginOptions);
} else {
+ // Explicitly set the SkipServiceWorker flag here. Even if the page is not
+ // controlled by a SW at this point, a new SW may be controlling the page
falken 2016/12/20 05:27:42 so we only get to this point when the page is not
Marijn Kruisselbrink 2016/12/20 17:28:28 Yes, ::start() only ends up calling dispatchInitia
+ // when this request gets send later. We should not send the actual request
falken 2016/12/20 05:27:42 sent later
Marijn Kruisselbrink 2016/12/20 17:28:28 Done
+ // to the SW. https://crbug.com/604583
+ // Similarly we don't want any requests that could involve a CORS preflight
+ // to get intercepted by a foreign fetch service worker, even if we have the
+ // result of the preflight cached already. https://crbug.com/674370
falken 2016/12/20 05:27:42 Not sure I understand the bug.. the cache was surv
Marijn Kruisselbrink 2016/12/20 17:28:28 Yes, that seems to be what was happening. Not sure
+ crossOriginRequest.setSkipServiceWorker(
+ WebURLRequest::SkipServiceWorker::All);
+
bool shouldForcePreflight =
request.isExternalRequest() ||
InspectorInstrumentation::shouldForceCORSPreflight(m_document);
@@ -916,12 +926,6 @@ void DocumentThreadableLoader::loadActualRequest() {
clearResource();
- // Explicitly set the SkipServiceWorker flag here. Even if the page was not
- // controlled by a SW when the preflight request was sent, a new SW may be
- // controlling the page now by calling clients.claim(). We should not send
- // the actual request to the SW. https://crbug.com/604583
- actualRequest.setSkipServiceWorker(WebURLRequest::SkipServiceWorker::All);
-
prepareCrossOriginRequest(actualRequest);
loadRequest(actualRequest, actualOptions);
}
« third_party/WebKit/LayoutTests/http/tests/serviceworker/foreign-fetch-basics.html ('K') | « third_party/WebKit/LayoutTests/http/tests/serviceworker/foreign-fetch-basics.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698