| Index: Source/web/AssociatedURLLoader.cpp
|
| diff --git a/Source/web/AssociatedURLLoader.cpp b/Source/web/AssociatedURLLoader.cpp
|
| index 34c5bcfa04cdc34566ab821c62d29a768a3c0f11..0b80f51a1d7aaf81704c567481b3ff65b89deacd 100644
|
| --- a/Source/web/AssociatedURLLoader.cpp
|
| +++ b/Source/web/AssociatedURLLoader.cpp
|
| @@ -71,7 +71,7 @@ private:
|
|
|
| void HTTPRequestHeaderValidator::visitHeader(const WebString& name, const WebString& value)
|
| {
|
| - m_isSafe = m_isSafe && isValidHTTPToken(name) && XMLHttpRequest::isAllowedHTTPHeader(name) && isValidHTTPHeaderValue(value);
|
| + m_isSafe = m_isSafe && isValidHTTPToken(name) && !CrossOriginAccessControl::isForbiddenHeaderName(name) && isValidHTTPHeaderValue(value);
|
| }
|
|
|
| // FIXME: Remove this and use WebCore code that does the same thing.
|
| @@ -326,7 +326,7 @@ void AssociatedURLLoader::loadAsynchronously(const WebURLRequest& request, WebUR
|
| WebURLRequest newRequest(request);
|
| if (m_options.untrustedHTTP) {
|
| WebString method = newRequest.httpMethod();
|
| - allowLoad = isValidHTTPToken(method) && XMLHttpRequest::isAllowedHTTPMethod(method);
|
| + allowLoad = isValidHTTPToken(method) && CrossOriginAccessControl::isUsefulMethod(method);
|
| if (allowLoad) {
|
| newRequest.setHTTPMethod(XMLHttpRequest::uppercaseKnownHTTPMethod(method));
|
| HTTPRequestHeaderValidator validator;
|
|
|
Chromium Code Reviews
Issue 379113002:
Move fetch-related predicates to core/fetch. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master