Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(124)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/xml/XMLHttpRequest.cpp

Issue 356843006: Add "lax mixed content checking" runtime flag. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Test. Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/core/testing/InternalSettings.idl ('k') | Source/platform/RuntimeEnabledFeatures.in » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved. 2 * Copyright (C) 2004, 2006, 2008 Apple Inc. All rights reserved.
3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org> 3 * Copyright (C) 2005-2007 Alexey Proskuryakov <ap@webkit.org>
4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org> 4 * Copyright (C) 2007, 2008 Julien Chaffraix <jchaffraix@webkit.org>
5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved. 5 * Copyright (C) 2008, 2011 Google Inc. All rights reserved.
6 * Copyright (C) 2012 Intel Corporation 6 * Copyright (C) 2012 Intel Corporation
7 * 7 *
8 * This library is free software; you can redistribute it and/or 8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public 9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either 10 * License as published by the Free Software Foundation; either
(...skipping 843 matching lines...) Expand 10 before | Expand all | Expand 10 after
854 options.preflightPolicy = uploadEvents ? ForcePreflight : ConsiderPreflight; 854 options.preflightPolicy = uploadEvents ? ForcePreflight : ConsiderPreflight;
855 options.crossOriginRequestPolicy = UseAccessControl; 855 options.crossOriginRequestPolicy = UseAccessControl;
856 options.initiator = FetchInitiatorTypeNames::xmlhttprequest; 856 options.initiator = FetchInitiatorTypeNames::xmlhttprequest;
857 options.contentSecurityPolicyEnforcement = ContentSecurityPolicy::shouldBypa ssMainWorld(&executionContext) ? DoNotEnforceContentSecurityPolicy : EnforceConn ectSrcDirective; 857 options.contentSecurityPolicyEnforcement = ContentSecurityPolicy::shouldBypa ssMainWorld(&executionContext) ? DoNotEnforceContentSecurityPolicy : EnforceConn ectSrcDirective;
858 options.timeoutMilliseconds = m_timeoutMilliseconds; 858 options.timeoutMilliseconds = m_timeoutMilliseconds;
859 859
860 ResourceLoaderOptions resourceLoaderOptions; 860 ResourceLoaderOptions resourceLoaderOptions;
861 resourceLoaderOptions.allowCredentials = (m_sameOriginRequest || m_includeCr edentials) ? AllowStoredCredentials : DoNotAllowStoredCredentials; 861 resourceLoaderOptions.allowCredentials = (m_sameOriginRequest || m_includeCr edentials) ? AllowStoredCredentials : DoNotAllowStoredCredentials;
862 resourceLoaderOptions.credentialsRequested = m_includeCredentials ? ClientRe questedCredentials : ClientDidNotRequestCredentials; 862 resourceLoaderOptions.credentialsRequested = m_includeCredentials ? ClientRe questedCredentials : ClientDidNotRequestCredentials;
863 resourceLoaderOptions.securityOrigin = securityOrigin(); 863 resourceLoaderOptions.securityOrigin = securityOrigin();
864 resourceLoaderOptions.mixedContentBlockingTreatment = TreatAsActiveContent; 864 resourceLoaderOptions.mixedContentBlockingTreatment = RuntimeEnabledFeatures ::laxMixedContentCheckingEnabled() ? TreatAsPassiveContent : TreatAsActiveConten t;
865 865
866 // When responseType is set to "blob", we redirect the downloaded data to a 866 // When responseType is set to "blob", we redirect the downloaded data to a
867 // file-handle directly. 867 // file-handle directly.
868 if (responseTypeCode() == ResponseTypeBlob) { 868 if (responseTypeCode() == ResponseTypeBlob) {
869 request.setDownloadToFile(true); 869 request.setDownloadToFile(true);
870 resourceLoaderOptions.dataBufferingPolicy = DoNotBufferData; 870 resourceLoaderOptions.dataBufferingPolicy = DoNotBufferData;
871 } 871 }
872 872
873 m_exceptionCode = 0; 873 m_exceptionCode = 0;
874 m_error = false; 874 m_error = false;
(...skipping 587 matching lines...) Expand 10 before | Expand all | Expand 10 after
1462 { 1462 {
1463 visitor->trace(m_responseBlob); 1463 visitor->trace(m_responseBlob);
1464 visitor->trace(m_responseStream); 1464 visitor->trace(m_responseStream);
1465 visitor->trace(m_responseDocument); 1465 visitor->trace(m_responseDocument);
1466 visitor->trace(m_progressEventThrottle); 1466 visitor->trace(m_progressEventThrottle);
1467 visitor->trace(m_upload); 1467 visitor->trace(m_upload);
1468 XMLHttpRequestEventTarget::trace(visitor); 1468 XMLHttpRequestEventTarget::trace(visitor);
1469 } 1469 }
1470 1470
1471 } // namespace WebCore 1471 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/core/testing/InternalSettings.idl ('k') | Source/platform/RuntimeEnabledFeatures.in » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698