Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(430)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/core/css/CSSImageValue.cpp

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Remove RequestOriginPolicy + suggested improvements Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « Source/core/css/CSSImageValue.h ('k') | Source/core/css/resolver/StyleResourceLoader.cpp » ('j') | Source/core/fetch/ResourceFetcher.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/core/css/CSSImageValue.cpp
diff --git a/Source/core/css/CSSImageValue.cpp b/Source/core/css/CSSImageValue.cpp
index 39a1b6ec84128e1b52682d2ea9cdfdd848cde2ca..77a24f93a07ab47bae27690148f8d1915de217d6 100644
--- a/Source/core/css/CSSImageValue.cpp
+++ b/Source/core/css/CSSImageValue.cpp
@@ -60,19 +60,19 @@ StyleImage* CSSImageValue::cachedOrPendingImage()
return m_image.get();
}
-StyleFetchedImage* CSSImageValue::cachedImage(ResourceFetcher* loader, const ResourceLoaderOptions& options)
+StyleFetchedImage* CSSImageValue::cachedImage(ResourceFetcher* fetcher, const ResourceLoaderOptions& options, OriginRestriction originRestriction)
{
- ASSERT(loader);
+ ASSERT(fetcher);
if (!m_accessedImage) {
m_accessedImage = true;
- FetchRequest request(ResourceRequest(loader->document()->completeURL(m_url)), m_initiatorName.isEmpty() ? FetchInitiatorTypeNames::css : m_initiatorName, options);
+ FetchRequest request(ResourceRequest(fetcher->document()->completeURL(m_url)), m_initiatorName.isEmpty() ? FetchInitiatorTypeNames::css : m_initiatorName, options);
- if (options.requestOriginPolicy == PotentiallyCrossOriginEnabled)
- updateRequestForAccessControl(request.mutableResourceRequest(), loader->document()->securityOrigin(), options.allowCredentials);
+ if (originRestriction != RestrictToSameOrigin)
+ updateRequestForAccessControl(request.mutableResourceRequest(), fetcher->document()->securityOrigin(), options.allowCredentials);
- if (ResourcePtr<ImageResource> cachedImage = loader->fetchImage(request))
+ if (ResourcePtr<ImageResource> cachedImage = fetcher->fetchImage(request, originRestriction))
m_image = StyleFetchedImage::create(cachedImage.get());
}
« no previous file with comments | « Source/core/css/CSSImageValue.h ('k') | Source/core/css/resolver/StyleResourceLoader.cpp » ('j') | Source/core/fetch/ResourceFetcher.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698