| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 for (const String& header : filteredHeaders) { | 80 for (const String& header : filteredHeaders) { |
| 81 if (!headerBuffer.isEmpty()) | 81 if (!headerBuffer.isEmpty()) |
| 82 headerBuffer.append(","); | 82 headerBuffer.append(","); |
| 83 headerBuffer.append(header); | 83 headerBuffer.append(header); |
| 84 } | 84 } |
| 85 | 85 |
| 86 return AtomicString(headerBuffer.toString()); | 86 return AtomicString(headerBuffer.toString()); |
| 87 } | 87 } |
| 88 | 88 |
| 89 ResourceRequest createAccessControlPreflightRequest( | 89 ResourceRequest createAccessControlPreflightRequest( |
| 90 const ResourceRequest& request, | 90 const ResourceRequest& request) { |
| 91 const SecurityOrigin* securityOrigin) { | |
| 92 const KURL& requestURL = request.url(); | 91 const KURL& requestURL = request.url(); |
| 93 | 92 |
| 94 DCHECK(requestURL.user().isEmpty()); | 93 DCHECK(requestURL.user().isEmpty()); |
| 95 DCHECK(requestURL.pass().isEmpty()); | 94 DCHECK(requestURL.pass().isEmpty()); |
| 96 | 95 |
| 97 ResourceRequest preflightRequest(requestURL); | 96 ResourceRequest preflightRequest(requestURL); |
| 98 preflightRequest.setAllowStoredCredentials(false); | 97 preflightRequest.setAllowStoredCredentials(false); |
| 99 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); | 98 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); |
| 100 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, | 99 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, |
| 101 AtomicString(request.httpMethod())); | 100 AtomicString(request.httpMethod())); |
| (...skipping 431 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 533 // | 532 // |
| 534 // This is equivalent to the step 2 in | 533 // This is equivalent to the step 2 in |
| 535 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch | 534 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch |
| 536 if (options.credentialsRequested == ClientDidNotRequestCredentials) | 535 if (options.credentialsRequested == ClientDidNotRequestCredentials) |
| 537 options.allowCredentials = DoNotAllowStoredCredentials; | 536 options.allowCredentials = DoNotAllowStoredCredentials; |
| 538 } | 537 } |
| 539 return true; | 538 return true; |
| 540 } | 539 } |
| 541 | 540 |
| 542 } // namespace blink | 541 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2635023003:
Fix a bug in origin header generation for CORS preflight in extensions (Closed)
