Changeset 258488 in webkit


Ignore:
Timestamp:
Mar 16, 2020 1:11:26 AM (4 years ago)
Author:
commit-queue@webkit.org
Message:

Remove addHTTPOriginIfNeeded calls
https://bugs.webkit.org/show_bug.cgi?id=209127

Patch by Rob Buis <rbuis@igalia.com> on 2020-03-16
Reviewed by Darin Adler.

Remove addHTTPOriginIfNeeded calls since they are get requests and navigations and the spec [1]
indicates that the Origin header should not be written out, making these calls no-ops.

[1] https://fetch.spec.whatwg.org/#append-a-request-origin-header

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::changeLocation):
(WebCore::FrameLoader::loadURL):

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebCore/ChangeLog

    r258487 r258488  
     12020-03-16  Rob Buis  <rbuis@igalia.com>
     2
     3        Remove addHTTPOriginIfNeeded calls
     4        https://bugs.webkit.org/show_bug.cgi?id=209127
     5
     6        Reviewed by Darin Adler.
     7
     8        Remove addHTTPOriginIfNeeded calls since they are get requests and navigations and the spec [1]
     9        indicates that the Origin header should not be written out, making these calls no-ops.
     10
     11       [1] https://fetch.spec.whatwg.org/#append-a-request-origin-header
     12
     13        * loader/FrameLoader.cpp:
     14        (WebCore::FrameLoader::changeLocation):
     15        (WebCore::FrameLoader::loadURL):
     16
    1172020-03-16  Rob Buis  <rbuis@igalia.com>
    218

  • trunk/Source/WebCore/loader/FrameLoader.cpp

    r258487 r258488  
    427427{
    428428    FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "changeLocation: frame load started");
     429    ASSERT(frameRequest.resourceRequest().httpMethod() == "GET");
    429430
    430431    Ref<Frame> protect(m_frame);
     
    438439        frameRequest.setFrameName(m_frame.document()->baseTarget());
    439440
    440     addHTTPOriginIfNeeded(frameRequest.resourceRequest(), outgoingOrigin());
    441441    m_frame.document()->contentSecurityPolicy()->upgradeInsecureRequestIfNeeded(frameRequest.resourceRequest(), ContentSecurityPolicy::InsecureRequestType::Navigation);
    442442
     
    13381338{
    13391339    FRAMELOADER_RELEASE_LOG_IF_ALLOWED(ResourceLoading, "loadURL: frame load started");
     1340    ASSERT(frameLoadRequest.resourceRequest().httpMethod() == "GET");
    13401341
    13411342    CompletionHandlerCallingScope completionHandlerCaller(WTFMove(completionHandler));
     
    13571358        request.setHTTPReferrer(referrer);
    13581359        auto referrerOrigin = SecurityOrigin::createFromString(referrer);
    1359         addHTTPOriginIfNeeded(request, referrerOrigin->toString());
    13601360    }
    13611361    if (&m_frame.tree().top() != &m_frame)
     
    41014101{
    41024102    ASSERT(!features.dialog || request.frameName().isEmpty());
     4103    ASSERT(request.resourceRequest().httpMethod() == "GET");
    41034104
    41044105    created = false;
     
    41294130    if (!referrer.isEmpty())
    41304131        request.resourceRequest().setHTTPReferrer(referrer);
    4131     FrameLoader::addHTTPOriginIfNeeded(request.resourceRequest(), openerFrame.loader().outgoingOrigin());
    41324132    FrameLoader::addHTTPUpgradeInsecureRequestsIfNeeded(request.resourceRequest());
    41334133    FrameLoader::addSameSiteInfoToRequestIfNeeded(request.resourceRequest(), openerFrame.document());
Note: See TracChangeset for help on using the changeset viewer.