Index: content/browser/service_worker/service_worker_request_handler.cc |
diff --git a/content/browser/service_worker/service_worker_request_handler.cc b/content/browser/service_worker/service_worker_request_handler.cc |
index d7172643e5a771dc9b0c76ea0167cb760abc885e..96a1b82bbb8170d458b1de3d706acc205eead3cf 100644 |
--- a/content/browser/service_worker/service_worker_request_handler.cc |
+++ b/content/browser/service_worker/service_worker_request_handler.cc |
@@ -44,6 +44,13 @@ class ServiceWorkerRequestInterceptor |
DISALLOW_COPY_AND_ASSIGN(ServiceWorkerRequestInterceptor); |
}; |
+// This is work around to avoid hijacking CORS preflight. |
+// TODO(horo): Remove this check when we implement "HTTP fetch" correctly. |
+// http://fetch.spec.whatwg.org/#concept-http-fetch |
+bool IsMethodSupportedForServiceWroker(const std::string& method) { |
+ return method != "OPTIONS"; |
+} |
+ |
} // namespace |
void ServiceWorkerRequestHandler::InitializeHandler( |
@@ -55,8 +62,10 @@ void ServiceWorkerRequestHandler::InitializeHandler( |
bool skip_service_worker, |
ResourceType resource_type, |
scoped_refptr<ResourceRequestBody> body) { |
- if (!request->url().SchemeIsHTTPOrHTTPS()) |
+ if (!request->url().SchemeIsHTTPOrHTTPS() || |
+ !IsMethodSupportedForServiceWroker(request->method())) { |
return; |
+ } |
if (!context_wrapper || !context_wrapper->context() || |
provider_id == kInvalidServiceWorkerProviderId) { |