| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 for (const String& header : filteredHeaders) { | 78 for (const String& header : filteredHeaders) { |
| 79 if (!headerBuffer.isEmpty()) | 79 if (!headerBuffer.isEmpty()) |
| 80 headerBuffer.append(","); | 80 headerBuffer.append(","); |
| 81 headerBuffer.append(header); | 81 headerBuffer.append(header); |
| 82 } | 82 } |
| 83 | 83 |
| 84 return AtomicString(headerBuffer.toString()); | 84 return AtomicString(headerBuffer.toString()); |
| 85 } | 85 } |
| 86 | 86 |
| 87 ResourceRequest createAccessControlPreflightRequest( | 87 ResourceRequest createAccessControlPreflightRequest( |
| 88 const ResourceRequest& request, | 88 const ResourceRequest& request) { |
| 89 const SecurityOrigin* securityOrigin) { | |
| 90 const KURL& requestURL = request.url(); | 89 const KURL& requestURL = request.url(); |
| 91 | 90 |
| 92 DCHECK(requestURL.user().isEmpty()); | 91 DCHECK(requestURL.user().isEmpty()); |
| 93 DCHECK(requestURL.pass().isEmpty()); | 92 DCHECK(requestURL.pass().isEmpty()); |
| 94 | 93 |
| 95 ResourceRequest preflightRequest(requestURL); | 94 ResourceRequest preflightRequest(requestURL); |
| 96 preflightRequest.setAllowStoredCredentials(false); | 95 preflightRequest.setAllowStoredCredentials(false); |
| 97 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); | 96 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); |
| 98 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, | 97 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, |
| 99 AtomicString(request.httpMethod())); | 98 AtomicString(request.httpMethod())); |
| (...skipping 430 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 530 // | 529 // |
| 531 // This is equivalent to the step 2 in | 530 // This is equivalent to the step 2 in |
| 532 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch | 531 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch |
| 533 if (options.credentialsRequested == ClientDidNotRequestCredentials) | 532 if (options.credentialsRequested == ClientDidNotRequestCredentials) |
| 534 options.allowCredentials = DoNotAllowStoredCredentials; | 533 options.allowCredentials = DoNotAllowStoredCredentials; |
| 535 } | 534 } |
| 536 return true; | 535 return true; |
| 537 } | 536 } |
| 538 | 537 |
| 539 } // namespace blink | 538 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2635023003:
Fix a bug in origin header generation for CORS preflight in extensions (Closed)
