Changeset 258488 in webkit
- Timestamp:
- Mar 16, 2020 1:11:26 AM (4 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r258487 r258488 1 2020-03-16 Rob Buis <rbuis@igalia.com> 2 3 Remove addHTTPOriginIfNeeded calls 4 https://bugs.webkit.org/show_bug.cgi?id=209127 5 6 Reviewed by Darin Adler. 7 8 Remove addHTTPOriginIfNeeded calls since they are get requests and navigations and the spec [1] 9 indicates that the Origin header should not be written out, making these calls no-ops. 10 11 [1] https://fetch.spec.whatwg.org/#append-a-request-origin-header 12 13 * loader/FrameLoader.cpp: 14 (WebCore::FrameLoader::changeLocation): 15 (WebCore::FrameLoader::loadURL): 16 1 17 2020-03-16 Rob Buis <rbuis@igalia.com> 2 18 -
trunk/Source/WebCore/loader/FrameLoader.cpp
r258487 r258488 427 427 { 428 428 FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "changeLocation: frame load started"); 429 ASSERT(frameRequest.resourceRequest().httpMethod() == "GET"); 429 430 430 431 Ref<Frame> protect(m_frame); … … 438 439 frameRequest.setFrameName(m_frame.document()->baseTarget()); 439 440 440 addHTTPOriginIfNeeded(frameRequest.resourceRequest(), outgoingOrigin());441 441 m_frame.document()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(frameRequest.resourceRequest(), ContentSecurityPolicy::InsecureRequestType::Navigation); 442 442 … … 1338 1338 { 1339 1339 FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "loadURL: frame load started"); 1340 ASSERT(frameLoadRequest.resourceRequest().httpMethod() == "GET"); 1340 1341 1341 1342 CompletionHandlerCallingScope completionHandlerCaller(WTFMove(completionHandler)); … … 1357 1358 request.setHTTPReferrer(referrer); 1358 1359 auto referrerOrigin = SecurityOrigin::createFromString(referrer); 1359 addHTTPOriginIfNeeded(request, referrerOrigin->toString());1360 1360 } 1361 1361 if (&m_frame.tree().top() != &m_frame) … … 4101 4101 { 4102 4102 ASSERT(!features.dialog || request.frameName().isEmpty()); 4103 ASSERT(request.resourceRequest().httpMethod() == "GET"); 4103 4104 4104 4105 created = false; … … 4129 4130 if (!referrer.isEmpty()) 4130 4131 request.resourceRequest().setHTTPReferrer(referrer); 4131 FrameLoader::addHTTPOriginIfNeeded(request.resourceRequest(), openerFrame.loader().outgoingOrigin());4132 4132 FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded(request.resourceRequest()); 4133 4133 FrameLoader::addSameSiteInfoToRequestIfNeeded(request.resourceRequest(), openerFrame.document());
Note: See TracChangeset
for help on using the changeset viewer.