Changeset 34504 in webkit
- Timestamp:
- Jun 11, 2008 10:15:27 PM (16 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r34502 r34504 1 2008-06-11 Adam Barth <abarth@webkit.org> 2 3 Reviewed and tweaked by Sam Weinig. 4 5 Test for https://bugs.webkit.org/show_bug.cgi?id=19242 6 Data URLs should set an Access-Control-Origin of "null" 7 8 Test that we correctly generate "null" as the value for the 9 Access-Control-Origin header when making requests from a data URL. 10 11 * http/tests/xmlhttprequest/access-control-basic-allow-access-control-origin-header-data-url-expected.txt: Added. 12 * http/tests/xmlhttprequest/access-control-basic-allow-access-control-origin-header-data-url.html: Added. 13 * http/tests/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi: 14 1 15 2008-06-11 Sam Weinig <sam@webkit.org> 2 16 -
trunk/LayoutTests/http/tests/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi
r34002 r34504 3 3 4 4 print "Content-Type: text/plain\n"; 5 print "Access-Control: allow < http://127.0.0.1:8000>\n\n";5 print "Access-Control: allow <*>\n\n"; 6 6 7 7 print "PASS: Cross-domain access allowed.\n"; -
trunk/WebCore/ChangeLog
r34498 r34504 1 2008-06-11 Adam Barth <abarth@webkit.org> 2 3 Reviewed and tweaked by Sam Weinig. 4 5 Fix for https://bugs.webkit.org/show_bug.cgi?id=19242 6 Data URLs should set an Access-Control-Origin of "null" 7 8 Correctly generate "null" as the value of the Access-Control-Origin 9 header for cross-site XMLHttpRequests for data URLs. 10 11 Test: http/tests/xmlhttprequest/access-control-basic-allow-access-control-origin-header-data-url.html 12 13 * platform/SecurityOrigin.cpp: 14 (WebCore::SecurityOrigin::toString): 15 * xml/XMLHttpRequest.cpp: 16 (WebCore::XMLHttpRequest::accessControlOrigin): 17 (WebCore::XMLHttpRequest::crossSiteAccessRequest): 18 (WebCore::XMLHttpRequest::handleAsynchronousMethodCheckResult): 19 * xml/XMLHttpRequest.h: 20 1 21 2008-06-11 Sam Weinig <sam@webkit.org> 2 22 -
trunk/WebCore/platform/SecurityOrigin.cpp
r34137 r34504 192 192 return String(); 193 193 194 if (m_noAccess) 195 return String(); 196 194 197 if (m_protocol == "file") 195 198 return String("file://"); -
trunk/WebCore/xml/XMLHttpRequest.cpp
r34432 r34504 462 462 } 463 463 464 String XMLHttpRequest::accessControlOrigin() const 465 { 466 String accessControlOrigin = m_doc->securityOrigin()->toString(); 467 if (accessControlOrigin.isEmpty()) 468 return "null"; 469 return accessControlOrigin; 470 } 471 464 472 void XMLHttpRequest::crossSiteAccessRequest(const String& body, ResourceRequest& request, ExceptionCode& ec) 465 473 { … … 468 476 url.setPass(String()); 469 477 470 String accessControlOrigin = m_doc->securityOrigin()->toString();478 String origin = accessControlOrigin(); 471 479 472 480 request.setURL(url); 473 481 request.setHTTPMethod(m_method); 474 request.setHTTPHeaderField("Access-Control-Origin", accessControlOrigin);482 request.setHTTPHeaderField("Access-Control-Origin", origin); 475 483 476 484 if (m_method == "GET") … … 481 489 preflightRequest.setURL(url); 482 490 preflightRequest.setHTTPMethod("OPTIONS"); 483 preflightRequest.setHTTPHeaderField("Access-Control-Origin", accessControlOrigin);491 preflightRequest.setHTTPHeaderField("Access-Control-Origin", origin); 484 492 485 493 if (m_async) { … … 503 511 url.setPass(String()); 504 512 505 String accessControlOrigin = m_doc->securityOrigin()->toString();513 String origin = accessControlOrigin(); 506 514 507 515 ResourceRequest request; 508 516 request.setURL(url); 509 517 request.setHTTPMethod(m_method); 510 request.setHTTPHeaderField("Access-Control-Origin", accessControlOrigin);518 request.setHTTPHeaderField("Access-Control-Origin", origin); 511 519 512 520 loadRequestAsynchronously(request); -
trunk/WebCore/xml/XMLHttpRequest.h
r34432 r34504 131 131 void handleAsynchronousMethodCheckResult(); 132 132 133 String accessControlOrigin() const; 134 133 135 void genericError(); 134 136 void networkError();
Note: See TracChangeset
for help on using the changeset viewer.