| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. | 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 for (const String& header : filteredHeaders) { | 78 for (const String& header : filteredHeaders) { |
| 79 if (!headerBuffer.isEmpty()) | 79 if (!headerBuffer.isEmpty()) |
| 80 headerBuffer.append(", "); | 80 headerBuffer.append(", "); |
| 81 headerBuffer.append(header); | 81 headerBuffer.append(header); |
| 82 } | 82 } |
| 83 | 83 |
| 84 return AtomicString(headerBuffer.toString()); | 84 return AtomicString(headerBuffer.toString()); |
| 85 } | 85 } |
| 86 | 86 |
| 87 ResourceRequest createAccessControlPreflightRequest( | 87 ResourceRequest createAccessControlPreflightRequest( |
| 88 const ResourceRequest& request, | 88 const ResourceRequest& request) { |
| 89 const SecurityOrigin* securityOrigin) { | |
| 90 const KURL& requestURL = request.url(); | 89 const KURL& requestURL = request.url(); |
| 91 | 90 |
| 92 DCHECK(requestURL.user().isEmpty()); | 91 DCHECK(requestURL.user().isEmpty()); |
| 93 DCHECK(requestURL.pass().isEmpty()); | 92 DCHECK(requestURL.pass().isEmpty()); |
| 94 | 93 |
| 95 ResourceRequest preflightRequest(requestURL); | 94 ResourceRequest preflightRequest(requestURL); |
| 96 preflightRequest.setAllowStoredCredentials(false); | 95 preflightRequest.setAllowStoredCredentials(false); |
| 97 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); | 96 preflightRequest.setHTTPMethod(HTTPNames::OPTIONS); |
| 98 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, | 97 preflightRequest.setHTTPHeaderField(HTTPNames::Access_Control_Request_Method, |
| 99 AtomicString(request.httpMethod())); | 98 AtomicString(request.httpMethod())); |
| (...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 427 // | 426 // |
| 428 // This is equivalent to the step 2 in | 427 // This is equivalent to the step 2 in |
| 429 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch | 428 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch |
| 430 if (options.credentialsRequested == ClientDidNotRequestCredentials) | 429 if (options.credentialsRequested == ClientDidNotRequestCredentials) |
| 431 options.allowCredentials = DoNotAllowStoredCredentials; | 430 options.allowCredentials = DoNotAllowStoredCredentials; |
| 432 } | 431 } |
| 433 return true; | 432 return true; |
| 434 } | 433 } |
| 435 | 434 |
| 436 } // namespace blink | 435 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2642043004:
Fix a bug in origin header generation for CORS preflight in extensions (Closed)
