Changeset 205134 in webkit

Timestamp:

Aug 29, 2016 12:07:59 PM (8 years ago)

Author:

commit-queue@webkit.org

Message:

Image Loader should use FetchOptions::mode according its crossOrigin attribute
​https://bugs.webkit.org/show_bug.cgi?id=161309

Patch by Youenn Fablet <​youenn@apple.com> on 2016-08-29
Reviewed by Darin Adler.

Source/WebCore:

Test: http/tests/security/load-image-after-redirection.html

• loader/ImageLoader.cpp:

(WebCore::ImageLoader::updateFromElement): Using CachedResourceRequest::setAsPotentiallyCrossOrigin to set fetch mode.

LayoutTests:

• http/tests/security/load-image-after-redirection-expected.txt: Added.
• http/tests/security/load-image-after-redirection.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/security/load-image-after-redirection-expected.txt (added)
• LayoutTests/http/tests/security/load-image-after-redirection.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/ImageLoader.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2016-08-29  Youenn Fablet  <youenn@apple.com>
+
+        Image Loader should use FetchOptions::mode according its crossOrigin attribute
+        https://bugs.webkit.org/show_bug.cgi?id=161309
+
+        Reviewed by Darin Adler.
+
+        * http/tests/security/load-image-after-redirection-expected.txt: Added.
+        * http/tests/security/load-image-after-redirection.html: Added.
+
 2016-08-29  Jiewen Tan  <jiewen_tan@apple.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2016-08-29  Youenn Fablet  <youenn@apple.com>
+
+        Image Loader should use FetchOptions::mode according its crossOrigin attribute
+        https://bugs.webkit.org/show_bug.cgi?id=161309
+
+        Reviewed by Darin Adler.
+
+        Test: http/tests/security/load-image-after-redirection.html
+
+        * loader/ImageLoader.cpp:
+        (WebCore::ImageLoader::updateFromElement): Using CachedResourceRequest::setAsPotentiallyCrossOrigin to set fetch mode.
+
 2016-08-29  Frederic Wang  <fwang@igalia.com>
 

trunk/Source/WebCore/loader/ImageLoader.cpp

@@ -180 +180 @@
         request.setInitiator(&element());
 
-        String crossOriginMode = element().attributeWithoutSynchronization(HTMLNames::crossoriginAttr);
-        if (!crossOriginMode.isNull()) {
-            StoredCredentials allowCredentials = equalLettersIgnoringASCIICase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
-            ASSERT(document.securityOrigin());
-            updateRequestForAccessControl(request.mutableResourceRequest(), *document.securityOrigin(), allowCredentials);
-        }
+        request.setAsPotentiallyCrossOrigin(element().attributeWithoutSynchronization(HTMLNames::crossoriginAttr), document);
 
         if (m_loadManually) {