diff options
Diffstat (limited to 'WebCore/loader/DocumentThreadableLoader.cpp')
| -rw-r--r-- | WebCore/loader/DocumentThreadableLoader.cpp | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/WebCore/loader/DocumentThreadableLoader.cpp b/WebCore/loader/DocumentThreadableLoader.cpp index 0de62ce..dd5ca76 100644 --- a/WebCore/loader/DocumentThreadableLoader.cpp +++ b/WebCore/loader/DocumentThreadableLoader.cpp @@ -77,26 +77,26 @@ void DocumentThreadableLoader::loadResourceSynchronously(Document* document, con client.didFinishLoading(identifier); } -PassRefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document* document, ThreadableLoaderClient* client, const ResourceRequest& request, LoadCallbacks callbacksSetting, ContentSniff contentSniff, StoredCredentials storedCredentials, RedirectOriginCheck redirectOriginCheck) +PassRefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document* document, ThreadableLoaderClient* client, const ResourceRequest& request, LoadCallbacks callbacksSetting, ContentSniff contentSniff, StoredCredentials storedCredentials, CrossOriginRedirectPolicy crossOriginRedirectPolicy) { ASSERT(document); - RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoader(document, client, request, callbacksSetting, contentSniff, storedCredentials, redirectOriginCheck)); + RefPtr<DocumentThreadableLoader> loader = adoptRef(new DocumentThreadableLoader(document, client, request, callbacksSetting, contentSniff, storedCredentials, crossOriginRedirectPolicy)); if (!loader->m_loader) loader = 0; return loader.release(); } -DocumentThreadableLoader::DocumentThreadableLoader(Document* document, ThreadableLoaderClient* client, const ResourceRequest& request, LoadCallbacks callbacksSetting, ContentSniff contentSniff, StoredCredentials storedCredentials, RedirectOriginCheck redirectOriginCheck) +DocumentThreadableLoader::DocumentThreadableLoader(Document* document, ThreadableLoaderClient* client, const ResourceRequest& request, LoadCallbacks callbacksSetting, ContentSniff contentSniff, StoredCredentials storedCredentials, CrossOriginRedirectPolicy crossOriginRedirectPolicy) : m_client(client) , m_document(document) , m_allowStoredCredentials(storedCredentials == AllowStoredCredentials) , m_sameOriginRequest(document->securityOrigin()->canRequest(request.url())) - , m_checkRedirectOrigin(redirectOriginCheck == RequireSameRedirectOrigin) + , m_denyCrossOriginRedirect(crossOriginRedirectPolicy == DenyCrossOriginRedirect) { ASSERT(document); ASSERT(client); ASSERT(storedCredentials == AllowStoredCredentials || storedCredentials == DoNotAllowStoredCredentials); - ASSERT(redirectOriginCheck == RequireSameRedirectOrigin || redirectOriginCheck == AllowDifferentRedirectOrigin); + ASSERT(crossOriginRedirectPolicy == DenyCrossOriginRedirect || crossOriginRedirectPolicy == AllowCrossOriginRedirect); m_loader = SubresourceLoader::create(document->frame(), this, request, false, callbacksSetting == SendLoadCallbacks, contentSniff == SniffContent); } @@ -123,7 +123,7 @@ void DocumentThreadableLoader::willSendRequest(SubresourceLoader* loader, Resour ASSERT_UNUSED(loader, loader == m_loader); // FIXME: This needs to be fixed to follow the redirect correctly even for cross-domain requests. - if (m_checkRedirectOrigin && !m_document->securityOrigin()->canRequest(request.url())) { + if (m_denyCrossOriginRedirect && !m_document->securityOrigin()->canRequest(request.url())) { RefPtr<DocumentThreadableLoader> protect(this); m_client->didFailRedirectCheck(); request = ResourceRequest(); @@ -164,7 +164,8 @@ void DocumentThreadableLoader::didFinishLoading(SubresourceLoader* loader) void DocumentThreadableLoader::didFail(SubresourceLoader* loader, const ResourceError& error) { ASSERT(m_client); - ASSERT_UNUSED(loader, loader == m_loader); + // m_loader may be null if we arrive here via SubresourceLoader::create in the ctor + ASSERT_UNUSED(loader, loader == m_loader || !m_loader); m_client->didFail(error); } |