| Index: media/base/android/java/src/org/chromium/media/MediaPlayerBridge.java
|
| diff --git a/media/base/android/java/src/org/chromium/media/MediaPlayerBridge.java b/media/base/android/java/src/org/chromium/media/MediaPlayerBridge.java
|
| index 308a08999810630d0a2d4900022f6c93f8af1052..3c2de12ac8fc0bed881e899b2c1e1e54d36b558d 100644
|
| --- a/media/base/android/java/src/org/chromium/media/MediaPlayerBridge.java
|
| +++ b/media/base/android/java/src/org/chromium/media/MediaPlayerBridge.java
|
| @@ -8,6 +8,7 @@ import android.content.Context;
|
| import android.media.MediaPlayer;
|
| import android.net.Uri;
|
| import android.os.AsyncTask;
|
| +import android.os.Build;
|
| import android.os.ParcelFileDescriptor;
|
| import android.text.TextUtils;
|
| import android.util.Base64;
|
| @@ -144,6 +145,12 @@ public class MediaPlayerBridge {
|
| if (hideUrlLog) headersMap.put("x-hide-urls-from-log", "true");
|
| if (!TextUtils.isEmpty(cookies)) headersMap.put("Cookie", cookies);
|
| if (!TextUtils.isEmpty(userAgent)) headersMap.put("User-Agent", userAgent);
|
| + // The security origin check is enforced for devices above K. For devices below K,
|
| + // only anonymous media HTTP request (no cookies) may be considered same-origin.
|
| + // Note that if the server rejects the request we must not consider it same-origin.
|
| + if (Build.VERSION.SDK_INT > Build.VERSION_CODES.KITKAT) {
|
| + headersMap.put("allow-cross-domain-redirect", "false");
|
| + }
|
| try {
|
| getLocalPlayer().setDataSource(context, uri, headersMap);
|
| return true;
|
|
|
Chromium Code Reviews
Issue 408873004:
Fix for cross-origin video check for webgl on android (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src