Give the RequestFetcher access to cross-origin URLs when allowed

Source/core/fetch/ResourceFetcher.cpp

Index: Source/core/fetch/ResourceFetcher.cpp
diff --git a/Source/core/fetch/ResourceFetcher.cpp b/Source/core/fetch/ResourceFetcher.cpp
index e6807836c47276cb189dea637fbdf9d496f58e0d..d50a2d5791a6ab03ce5671721d9844375e2c10c5 100644
--- a/Source/core/fetch/ResourceFetcher.cpp
+++ b/Source/core/fetch/ResourceFetcher.cpp
@@ -486,7 +486,7 @@ bool ResourceFetcher::canRequest(Resource::Type type, const KURL& url, const Res
     if (!securityOrigin && document())
         securityOrigin = document()->securityOrigin();
 
-    if (securityOrigin && !securityOrigin->canDisplay(url)) {
+    if (originRestriction != FetchRequest::NoOriginRestriction && securityOrigin && !securityOrigin->canDisplay(url)) {
         if (!forPreload)
             context().reportLocalLoadFailed(url);
         WTF_LOG(ResourceLoading, "ResourceFetcher::requestResource URL was not allowed by SecurityOrigin::canDisplay");