Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(774)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/loader/fetch/CrossOriginAccessControl.cpp

Issue 2807073002: Removed local RefPtr objects created from PassRefPtr arguments. (Closed)
Patch Set: addressed review Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/platform/loader/fetch/CrossOriginAccessControl.h ('k') | third_party/WebKit/Source/platform/network/NetworkStateNotifier.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2008 Apple Inc. All Rights Reserved. 2 * Copyright (C) 2008 Apple Inc. All Rights Reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after
465 "' contains a username and password, which is disallowed for" 465 "' contains a username and password, which is disallowed for"
466 " cross-origin requests."); 466 " cross-origin requests.");
467 return; 467 return;
468 } 468 }
469 default: 469 default:
470 NOTREACHED(); 470 NOTREACHED();
471 } 471 }
472 } 472 }
473 473
474 bool CrossOriginAccessControl::HandleRedirect( 474 bool CrossOriginAccessControl::HandleRedirect(
475 PassRefPtr<SecurityOrigin> security_origin, 475 RefPtr<SecurityOrigin> current_security_origin,
476 ResourceRequest& new_request, 476 ResourceRequest& new_request,
477 const ResourceResponse& redirect_response, 477 const ResourceResponse& redirect_response,
478 StoredCredentials with_credentials, 478 StoredCredentials with_credentials,
479 ResourceLoaderOptions& options, 479 ResourceLoaderOptions& options,
480 String& error_message) { 480 String& error_message) {
481 // http://www.w3.org/TR/cors/#redirect-steps terminology: 481 // http://www.w3.org/TR/cors/#redirect-steps terminology:
482 const KURL& last_url = redirect_response.Url(); 482 const KURL& last_url = redirect_response.Url();
483 const KURL& new_url = new_request.Url(); 483 const KURL& new_url = new_request.Url();
484 484
485 RefPtr<SecurityOrigin> current_security_origin = security_origin;
486
487 RefPtr<SecurityOrigin> new_security_origin = current_security_origin; 485 RefPtr<SecurityOrigin> new_security_origin = current_security_origin;
488 486
489 // TODO(tyoshino): This should be fixed to check not only the last one but 487 // TODO(tyoshino): This should be fixed to check not only the last one but
490 // all redirect responses. 488 // all redirect responses.
491 if (!current_security_origin->CanRequest(last_url)) { 489 if (!current_security_origin->CanRequest(last_url)) {
492 // Follow http://www.w3.org/TR/cors/#redirect-steps 490 // Follow http://www.w3.org/TR/cors/#redirect-steps
493 CrossOriginAccessControl::RedirectStatus redirect_status = 491 CrossOriginAccessControl::RedirectStatus redirect_status =
494 CrossOriginAccessControl::CheckRedirectLocation(new_url); 492 CrossOriginAccessControl::CheckRedirectLocation(new_url);
495 if (redirect_status != kRedirectSuccess) { 493 if (redirect_status != kRedirectSuccess) {
496 StringBuilder builder; 494 StringBuilder builder;
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
537 // 535 //
538 // This is equivalent to the step 2 in 536 // This is equivalent to the step 2 in
539 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch 537 // https://fetch.spec.whatwg.org/#http-network-or-cache-fetch
540 if (options.credentials_requested == kClientDidNotRequestCredentials) 538 if (options.credentials_requested == kClientDidNotRequestCredentials)
541 options.allow_credentials = kDoNotAllowStoredCredentials; 539 options.allow_credentials = kDoNotAllowStoredCredentials;
542 } 540 }
543 return true; 541 return true;
544 } 542 }
545 543
546 } // namespace blink 544 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/platform/loader/fetch/CrossOriginAccessControl.h ('k') | third_party/WebKit/Source/platform/network/NetworkStateNotifier.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698