| Index: Source/core/loader/DocumentThreadableLoader.cpp
|
| diff --git a/Source/core/loader/DocumentThreadableLoader.cpp b/Source/core/loader/DocumentThreadableLoader.cpp
|
| index 95be338695dc62a13911c4bc773a2417c465c130..2f1314a8201119b4384ecdaee6c54e3af5e1113c 100644
|
| --- a/Source/core/loader/DocumentThreadableLoader.cpp
|
| +++ b/Source/core/loader/DocumentThreadableLoader.cpp
|
| @@ -92,7 +92,6 @@
|
| , m_timeoutTimer(this, &DocumentThreadableLoader::didTimeout)
|
| , m_requestStartedSeconds(0.0)
|
| , m_corsRedirectLimit(kMaxCORSRedirects)
|
| - , m_accessControlCheckFailed(false)
|
| {
|
| ASSERT(client);
|
| // Setting an outgoing referer is only supported in the async code path.
|
| @@ -163,7 +162,7 @@
|
| // is no reason to send a request, preflighted or not, that's guaranteed
|
| // to be denied.
|
| if (!SchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(request.url().protocol())) {
|
| - handleAccessControlCheckFailure(request.url().string(), "Cross origin requests are only supported for protocol schemes: " + SchemeRegistry::listOfCORSEnabledURLSchemes() + ".");
|
| + m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkInternal, 0, request.url().string(), "Cross origin requests are only supported for protocol schemes: " + SchemeRegistry::listOfCORSEnabledURLSchemes() + "."));
|
| return;
|
| }
|
|
|
| @@ -336,7 +335,8 @@
|
| return;
|
| }
|
|
|
| - handleAccessControlCheckFailure(redirectResponse.url().string(), accessControlErrorDescription);
|
| + ResourceError error(errorDomainBlinkInternal, 0, redirectResponse.url().string(), accessControlErrorDescription);
|
| + m_client->didFailAccessControlCheck(error);
|
| } else {
|
| m_client->didFailRedirectCheck();
|
| }
|
| @@ -379,12 +379,12 @@
|
| String accessControlErrorDescription;
|
|
|
| if (!passesAccessControlCheck(&m_document, response, effectiveAllowCredentials(), securityOrigin(), accessControlErrorDescription)) {
|
| - handleAccessControlCheckFailure(response.url().string(), accessControlErrorDescription);
|
| + handlePreflightFailure(response.url().string(), accessControlErrorDescription);
|
| return;
|
| }
|
|
|
| if (!passesPreflightStatusCheck(response, accessControlErrorDescription)) {
|
| - handleAccessControlCheckFailure(response.url().string(), accessControlErrorDescription);
|
| + handlePreflightFailure(response.url().string(), accessControlErrorDescription);
|
| return;
|
| }
|
|
|
| @@ -392,7 +392,7 @@
|
| if (!preflightResult->parse(response, accessControlErrorDescription)
|
| || !preflightResult->allowsCrossOriginMethod(m_actualRequest->httpMethod(), accessControlErrorDescription)
|
| || !preflightResult->allowsCrossOriginHeaders(m_actualRequest->httpHeaderFields(), accessControlErrorDescription)) {
|
| - handleAccessControlCheckFailure(response.url().string(), accessControlErrorDescription);
|
| + handlePreflightFailure(response.url().string(), accessControlErrorDescription);
|
| return;
|
| }
|
|
|
| @@ -436,7 +436,7 @@
|
| String accessControlErrorDescription;
|
| if (!passesAccessControlCheck(&m_document, response, effectiveAllowCredentials(), securityOrigin(), accessControlErrorDescription)) {
|
| reportResponseReceived(identifier, response);
|
| - handleAccessControlCheckFailure(response.url().string(), accessControlErrorDescription);
|
| + m_client->didFailAccessControlCheck(ResourceError(errorDomainBlinkInternal, 0, response.url().string(), accessControlErrorDescription));
|
| return;
|
| }
|
| }
|
| @@ -462,8 +462,7 @@
|
|
|
| ASSERT(!m_fallbackRequestForServiceWorker);
|
|
|
| - if (!m_accessControlCheckFailed)
|
| - m_client->didReceiveData(data, dataLength);
|
| + m_client->didReceiveData(data, dataLength);
|
| }
|
|
|
| void DocumentThreadableLoader::notifyFinished(Resource* resource)
|
| @@ -491,8 +490,7 @@
|
| } else {
|
| // FIXME: Should prevent timeout from being overridden after finished loading, without
|
| // resetting m_requestStartedSeconds to 0.0
|
| - if (!m_accessControlCheckFailed)
|
| - m_client->didFinishLoading(identifier, finishTime);
|
| + m_client->didFinishLoading(identifier, finishTime);
|
| }
|
| }
|
|
|
| @@ -529,18 +527,12 @@
|
| loadRequest(*actualRequest, *actualOptions);
|
| }
|
|
|
| -void DocumentThreadableLoader::handleAccessControlCheckFailure(const String& url, const String& errorDescription)
|
| +void DocumentThreadableLoader::handlePreflightFailure(const String& url, const String& errorDescription)
|
| {
|
| ResourceError error(errorDomainBlinkInternal, 0, url, errorDescription);
|
|
|
| // Prevent handleSuccessfulFinish() from bypassing access check.
|
| m_actualRequest = nullptr;
|
| -
|
| - // Prevent m_client->didReceiveData()/didFinishLoading() from being called
|
| - // after m_client->didFailAccessControlCheck() is called here.
|
| - // FIXME: It is cleaner to call clearResource() etc. where we should not
|
| - // proceed any more.
|
| - m_accessControlCheckFailed = true;
|
|
|
| // FIXME: Should prevent timeout from being overridden after preflight failure, without
|
| // resetting m_requestStartedSeconds to 0.0
|
|
|
Chromium Code Reviews
Issue 902453002:
Revert of Prevent calling didReceiveData()/didFinishLoading() after didFailAccessControlCheck() (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master