Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(131)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/fetch/FetchRequest.cpp

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebased Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/fetch/FetchRequest.h ('k') | Source/core/fetch/ResourceFetcher.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2012 Google, Inc. All rights reserved. 2 * Copyright (C) 2012 Google, Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 22 matching lines...) Expand all
33 33
34 namespace WebCore { 34 namespace WebCore {
35 35
36 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const AtomicS tring& initiator, const String& charset, ResourceLoadPriority priority) 36 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const AtomicS tring& initiator, const String& charset, ResourceLoadPriority priority)
37 : m_resourceRequest(resourceRequest) 37 : m_resourceRequest(resourceRequest)
38 , m_charset(charset) 38 , m_charset(charset)
39 , m_options(ResourceFetcher::defaultResourceOptions()) 39 , m_options(ResourceFetcher::defaultResourceOptions())
40 , m_priority(priority) 40 , m_priority(priority)
41 , m_forPreload(false) 41 , m_forPreload(false)
42 , m_defer(NoDefer) 42 , m_defer(NoDefer)
43 , m_originRestriction(UseDefaultOriginRestrictionForType)
43 { 44 {
44 m_options.initiatorInfo.name = initiator; 45 m_options.initiatorInfo.name = initiator;
45 } 46 }
46 47
47 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const AtomicS tring& initiator, const ResourceLoaderOptions& options) 48 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const AtomicS tring& initiator, const ResourceLoaderOptions& options)
48 : m_resourceRequest(resourceRequest) 49 : m_resourceRequest(resourceRequest)
49 , m_options(options) 50 , m_options(options)
50 , m_priority(ResourceLoadPriorityUnresolved) 51 , m_priority(ResourceLoadPriorityUnresolved)
51 , m_forPreload(false) 52 , m_forPreload(false)
52 , m_defer(NoDefer) 53 , m_defer(NoDefer)
54 , m_originRestriction(UseDefaultOriginRestrictionForType)
53 { 55 {
54 m_options.initiatorInfo.name = initiator; 56 m_options.initiatorInfo.name = initiator;
55 } 57 }
56 58
57 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const FetchIn itiatorInfo& initiator) 59 FetchRequest::FetchRequest(const ResourceRequest& resourceRequest, const FetchIn itiatorInfo& initiator)
58 : m_resourceRequest(resourceRequest) 60 : m_resourceRequest(resourceRequest)
59 , m_options(ResourceFetcher::defaultResourceOptions()) 61 , m_options(ResourceFetcher::defaultResourceOptions())
60 , m_priority(ResourceLoadPriorityUnresolved) 62 , m_priority(ResourceLoadPriorityUnresolved)
61 , m_forPreload(false) 63 , m_forPreload(false)
62 , m_defer(NoDefer) 64 , m_defer(NoDefer)
65 , m_originRestriction(UseDefaultOriginRestrictionForType)
63 { 66 {
64 m_options.initiatorInfo = initiator; 67 m_options.initiatorInfo = initiator;
65 } 68 }
66 69
67 FetchRequest::~FetchRequest() 70 FetchRequest::~FetchRequest()
68 { 71 {
69 } 72 }
70 73
71 void FetchRequest::setPotentiallyCrossOriginEnabled(SecurityOrigin* origin, Stor edCredentials allowCredentials) 74 void FetchRequest::setCrossOriginAccessControl(SecurityOrigin* origin, StoredCre dentials allowCredentials)
72 { 75 {
73 updateRequestForAccessControl(m_resourceRequest, origin, allowCredentials); 76 updateRequestForAccessControl(m_resourceRequest, origin, allowCredentials);
74 ASSERT(m_options.requestOriginPolicy == UseDefaultOriginRestrictionsForType) ; // Allows only tightening from the default value.
75 m_options.requestOriginPolicy = PotentiallyCrossOriginEnabled;
76 } 77 }
77 78
78 } // namespace WebCore 79 } // namespace WebCore
OLDNEW
« no previous file with comments | « Source/core/fetch/FetchRequest.h ('k') | Source/core/fetch/ResourceFetcher.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698