| Index: Source/core/fetch/ResourceFetcher.cpp
|
| diff --git a/Source/core/fetch/ResourceFetcher.cpp b/Source/core/fetch/ResourceFetcher.cpp
|
| index 57b3e5e23554ebf2d55853ef445c1e73d2e86c98..dbb5b13878cb8bcad01e57183e89664436b0b989 100644
|
| --- a/Source/core/fetch/ResourceFetcher.cpp
|
| +++ b/Source/core/fetch/ResourceFetcher.cpp
|
| @@ -575,7 +575,7 @@ bool ResourceFetcher::canRequest(Resource::Type type, const ResourceRequest& res
|
| return !MixedContentChecker::shouldBlockFetch(effectiveFrame, resourceRequest, url, mixedContentReporting);
|
| }
|
|
|
| -bool ResourceFetcher::canAccessResource(Resource* resource, SecurityOrigin* sourceOrigin, const KURL& url) const
|
| +bool ResourceFetcher::canAccessResource(Resource* resource, SecurityOrigin* sourceOrigin, const KURL& url, AccessControlLoggingDecision logErrorsDecision) const
|
| {
|
| // Redirects can change the response URL different from one of request.
|
| bool forPreload = resource->isUnusedPreload();
|
| @@ -592,7 +592,7 @@ bool ResourceFetcher::canAccessResource(Resource* resource, SecurityOrigin* sour
|
| if (!resource->passesAccessControlCheck(document(), sourceOrigin, errorDescription)) {
|
| if (resource->type() == Resource::Font)
|
| toFontResource(resource)->setCORSFailed();
|
| - if (!forPreload && frame() && frame()->document()) {
|
| + if (!forPreload && (logErrorsDecision == ShouldLogAccessControlErrors) && frame() && frame()->document()) {
|
| String resourceType = Resource::resourceTypeToString(resource->type(), resource->options().initiatorInfo);
|
| frame()->document()->addConsoleMessage(ConsoleMessage::create(JSMessageSource, ErrorMessageLevel, resourceType + " from origin '" + SecurityOrigin::create(url)->toString() + "' has been blocked from loading by Cross-Origin Resource Sharing policy: " + errorDescription));
|
| }
|
|
|
Chromium Code Reviews
Issue 954233003:
Enable SRI only for same origin and CORS content. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master