1 files changed, 11 insertions, 2 deletions

diff --git a/Source/WebCore/loader/ImageLoader.cpp b/Source/WebCore/loader/ImageLoader.cpp
index 069b40e..0c1fe99 100644
--- a/Source/WebCore/loader/ImageLoader.cpp
+++ b/Source/WebCore/loader/ImageLoader.cpp
@@ -24,6 +24,7 @@
 
 #include "CachedImage.h"
 #include "CachedResourceLoader.h"
+#include "CrossOriginAccessControl.h"
 #include "Document.h"
 #include "Element.h"
 #include "HTMLNames.h"
@@ -160,16 +161,24 @@ void ImageLoader::updateFromElement()
     // need (<rdar://problem/5994621>).
     CachedImage* newImage = 0;
     if (!(attr.isNull() || (attr.isEmpty() && document->baseURI().isLocalFile()))) {
+        ResourceRequest request = ResourceRequest(document->completeURL(sourceURI(attr)));
+
+        String crossOriginMode = m_element->fastGetAttribute(HTMLNames::crossoriginAttr);
+        if (!crossOriginMode.isNull()) {
+            bool allowCredentials = equalIgnoringCase(crossOriginMode, "use-credentials");
+            updateRequestForAccessControl(request, document->securityOrigin(), allowCredentials);
+        }
+
         if (m_loadManually) {
             bool autoLoadOtherImages = document->cachedResourceLoader()->autoLoadImages();
             document->cachedResourceLoader()->setAutoLoadImages(false);
-            newImage = new CachedImage(sourceURI(attr));
+            newImage = new CachedImage(request);
             newImage->setLoading(true);
             newImage->setOwningCachedResourceLoader(document->cachedResourceLoader());
             document->cachedResourceLoader()->m_documentResources.set(newImage->url(), newImage);
             document->cachedResourceLoader()->setAutoLoadImages(autoLoadOtherImages);
         } else
-            newImage = document->cachedResourceLoader()->requestImage(sourceURI(attr));
+            newImage = document->cachedResourceLoader()->requestImage(request);
 
         // If we do not have an image here, it means that a cross-site
         // violation occurred.