Changeset 254821 in webkit
- Timestamp:
- Jan 20, 2020 6:43:44 AM (4 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/imported/w3c/ChangeLog
r254816 r254821 1 2020-01-20 Rob Buis <rbuis@igalia.com> 2 3 Implement "create a potential-CORS request" 4 https://bugs.webkit.org/show_bug.cgi?id=205326 5 6 Reviewed by Youenn Fablet. 7 8 Update improved test result. 9 10 * web-platform-tests/html/semantics/scripting-1/the-script-element/script-crossorigin-network-expected.txt: 11 1 12 2020-01-20 Rossana Monteriso <rmonteriso@igalia.com> 2 13 -
trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/script-crossorigin-network-expected.txt
r206999 r254821 1 1 2 2 PASS HTMLScriptElement: crossorigin attribute network test1 3 FAIL HTMLScriptElement: crossorigin attribute network test2 assert_true: invalid values should default to include credentials due to response tainting expected true got false 3 PASS HTMLScriptElement: crossorigin attribute network test2 4 4 PASS HTMLScriptElement: crossorigin attribute network test3 5 5 -
trunk/Source/WebCore/ChangeLog
r254818 r254821 1 2020-01-20 Rob Buis <rbuis@igalia.com> 2 3 Implement "create a potential-CORS request" 4 https://bugs.webkit.org/show_bug.cgi?id=205326 5 6 Reviewed by Youenn Fablet. 7 8 The storedCredentialsPolicy should be calculated using a same origin 9 check when credentials are computed as same-origin. 10 11 Test: imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html 12 13 * loader/CrossOriginAccessControl.cpp: 14 (WebCore::createPotentialAccessControlRequest): 15 1 16 2020-01-20 Rob Buis <rbuis@igalia.com> 2 17 -
trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp
r254000 r254821 138 138 ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin; 139 139 options.credentials = credentials; 140 options.storedCredentialsPolicy = credentials == FetchOptions::Credentials::Include ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse; 140 switch (credentials) { 141 case FetchOptions::Credentials::Include: 142 options.storedCredentialsPolicy = StoredCredentialsPolicy::Use; 143 break; 144 case FetchOptions::Credentials::SameOrigin: 145 options.storedCredentialsPolicy = document.securityOrigin().canRequest(request.url()) ? StoredCredentialsPolicy::Use : StoredCredentialsPolicy::DoNotUse; 146 break; 147 case FetchOptions::Credentials::Omit: 148 options.storedCredentialsPolicy = StoredCredentialsPolicy::DoNotUse; 149 } 141 150 142 151 CachedResourceRequest cachedRequest { WTFMove(request), WTFMove(options) };
Note: See TracChangeset
for help on using the changeset viewer.