summaryrefslogtreecommitdiffstats
path: root/WebCore/loader/DocumentThreadableLoader.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'WebCore/loader/DocumentThreadableLoader.cpp')
-rw-r--r--WebCore/loader/DocumentThreadableLoader.cpp17
1 files changed, 7 insertions, 10 deletions
diff --git a/WebCore/loader/DocumentThreadableLoader.cpp b/WebCore/loader/DocumentThreadableLoader.cpp
index 8a223fd..de0a0b0 100644
--- a/WebCore/loader/DocumentThreadableLoader.cpp
+++ b/WebCore/loader/DocumentThreadableLoader.cpp
@@ -70,8 +70,7 @@ DocumentThreadableLoader::DocumentThreadableLoader(Document* document, Threadabl
ASSERT(client);
if (m_sameOriginRequest || m_options.crossOriginRequestPolicy == AllowCrossOriginRequests) {
- bool skipCanLoadCheck = false;
- loadRequest(request, skipCanLoadCheck);
+ loadRequest(request, DoSecurityCheck);
return;
}
@@ -111,8 +110,7 @@ void DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest(const Resource
crossOriginRequest.setAllowCookies(m_options.allowCredentials);
crossOriginRequest.setHTTPOrigin(m_document->securityOrigin()->toString());
- bool skipCanLoadCheck = false;
- loadRequest(crossOriginRequest, skipCanLoadCheck);
+ loadRequest(crossOriginRequest, DoSecurityCheck);
}
void DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight(const ResourceRequest& request)
@@ -142,8 +140,7 @@ void DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight(const R
preflightRequest.setHTTPHeaderField("Access-Control-Request-Headers", String::adopt(headerBuffer));
}
- bool skipCanLoadCheck = false;
- loadRequest(preflightRequest, skipCanLoadCheck);
+ loadRequest(preflightRequest, DoSecurityCheck);
}
DocumentThreadableLoader::~DocumentThreadableLoader()
@@ -284,8 +281,8 @@ void DocumentThreadableLoader::preflightSuccess()
OwnPtr<ResourceRequest> actualRequest;
actualRequest.swap(m_actualRequest);
- bool skipCanLoadCheck = true; // ok to skip load check since we already asked about the preflight request
- loadRequest(*actualRequest, skipCanLoadCheck);
+ // It should be ok to skip the security check since we already asked about the preflight request.
+ loadRequest(*actualRequest, SkipSecurityCheck);
}
void DocumentThreadableLoader::preflightFailure()
@@ -293,7 +290,7 @@ void DocumentThreadableLoader::preflightFailure()
m_client->didFail(ResourceError());
}
-void DocumentThreadableLoader::loadRequest(const ResourceRequest& request, bool skipCanLoadCheck)
+void DocumentThreadableLoader::loadRequest(const ResourceRequest& request, SecurityCheckPolicy securityCheck)
{
if (m_async) {
// Don't sniff content or send load callbacks for the preflight request.
@@ -302,7 +299,7 @@ void DocumentThreadableLoader::loadRequest(const ResourceRequest& request, bool
// Clear the loader so that any callbacks from SubresourceLoader::create will not have the old loader.
m_loader = 0;
- m_loader = SubresourceLoader::create(m_document->frame(), this, request, skipCanLoadCheck, sendLoadCallbacks, sniffContent);
+ m_loader = SubresourceLoader::create(m_document->frame(), this, request, securityCheck, sendLoadCallbacks, sniffContent);
return;
}
generated by cgit v1.1 at 2024-06-08 08:56:00 +0000