<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[37317] trunk</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/37317">37317</a></dd>
<dt>Author</dt> <dd>abarth@webkit.org</dd>
<dt>Date</dt> <dd>2008-10-05 12:12:30 -0700 (Sun, 05 Oct 2008)</dd>
</dl>

<h3>Log Message</h3>
<pre>WebCore:

2008-10-04  Adam Barth  &lt;abarth@webkit.org&gt;

        Reviewed by Darin Alder.

        Attach the Origin header to POST requests to help defend against
        cross-site request forgery.

        https://bugs.webkit.org/show_bug.cgi?id=20792

        Collin Jackson &lt;collinj@webkit.org&gt; also contributed to this patch.

        Tests: http/tests/security/originHeader/origin-header-for-data.html
               http/tests/security/originHeader/origin-header-for-empty.html
               http/tests/security/originHeader/origin-header-for-get.html
               http/tests/security/originHeader/origin-header-for-https.html
               http/tests/security/originHeader/origin-header-for-post.html

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::createWindow):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::createWindow):
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::submitForm):
        (WebCore::FrameLoader::outgoingOrigin):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::loadResourceSynchronously):
        (WebCore::FrameLoader::loadItem):
        * loader/FrameLoader.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::create):
        * loader/loader.cpp:
        (WebCore::Loader::Host::servePendingRequests):
        * platform/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::toHTTPOrigin):
        * platform/SecurityOrigin.h:
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::httpOrigin):
        (WebCore::ResourceRequestBase::setHTTPOrigin):
        (WebCore::ResourceRequestBase::clearHTTPOrigin):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::makeSimpleCrossSiteAccessRequest):
        (WebCore::XMLHttpRequest::makeCrossSiteAccessRequestWithPreflight):
        (WebCore::XMLHttpRequest::handleAsynchronousPreflightResult):
        (WebCore::XMLHttpRequest::didReceiveResponsePreflight):

LayoutTests:

2008-10-04  Adam Barth  &lt;abarth@webkit.org&gt;

        Reviewed by Darin Adler.

        Tests for the new Origin header.

        https://bugs.webkit.org/show_bug.cgi?id=20792

        Collin Jackson &lt;collinj@webkit.org&gt; also contributed to this patch.

        * http/tests/security/originHeader: Added.
        * http/tests/security/originHeader/origin-header-for-data-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-data.html: Added.
        * http/tests/security/originHeader/origin-header-for-empty-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-empty.html: Added.
        * http/tests/security/originHeader/origin-header-for-get-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-get.html: Added.
        * http/tests/security/originHeader/origin-header-for-https-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-https.html: Added.
        * http/tests/security/originHeader/origin-header-for-post-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-post.html: Added.
        * http/tests/security/originHeader/origin-header-for-xmlhttprequest-expected.txt: Added.
        * http/tests/security/originHeader/origin-header-for-xmlhttprequest.html: Added.
        * http/tests/security/originHeader/resources: Added.
        * http/tests/security/originHeader/resources/origin-header-post-to-http.html: Added.
        * http/tests/security/originHeader/resources/print-origin.cgi: Added.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkWebCoreChangeLog">trunk/WebCore/ChangeLog</a></li>
<li><a href="#trunkWebCorebindingsjsJSDOMWindowBasecpp">trunk/WebCore/bindings/js/JSDOMWindowBase.cpp</a></li>
<li><a href="#trunkWebCoreloaderFrameLoadercpp">trunk/WebCore/loader/FrameLoader.cpp</a></li>
<li><a href="#trunkWebCoreloaderFrameLoaderh">trunk/WebCore/loader/FrameLoader.h</a></li>
<li><a href="#trunkWebCoreloaderSubresourceLoadercpp">trunk/WebCore/loader/SubresourceLoader.cpp</a></li>
<li><a href="#trunkWebCoreloaderloadercpp">trunk/WebCore/loader/loader.cpp</a></li>
<li><a href="#trunkWebCorepageSecurityOrigincpp">trunk/WebCore/page/SecurityOrigin.cpp</a></li>
<li><a href="#trunkWebCorepageSecurityOriginh">trunk/WebCore/page/SecurityOrigin.h</a></li>
<li><a href="#trunkWebCoreplatformnetworkResourceRequestBaseh">trunk/WebCore/platform/network/ResourceRequestBase.h</a></li>
<li><a href="#trunkWebCorexmlXMLHttpRequestcpp">trunk/WebCore/xml/XMLHttpRequest.cpp</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li>trunk/LayoutTests/http/tests/security/originHeader/</li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderfordataexpectedtxt">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderfordatahtml">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforemptyexpectedtxt">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforemptyhtml">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforgetexpectedtxt">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforgethtml">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforhttpsexpectedtxt">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforhttpshtml">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforpostexpectedtxt">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforposthtml">trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post.html</a></li>
<li>trunk/LayoutTests/http/tests/security/originHeader/resources/</li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderresourcesoriginheaderposttohttphtml">trunk/LayoutTests/http/tests/security/originHeader/resources/origin-header-post-to-http.html</a></li>
<li><a href="#trunkLayoutTestshttptestssecurityoriginHeaderresourcesprintorigincgi">trunk/LayoutTests/http/tests/security/originHeader/resources/print-origin.cgi</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetasynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetsyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetsynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostasynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostsyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostsynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetasynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetsyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetsynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostasyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostasynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async.html</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostsyncexpectedtxt">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync-expected.txt</a></li>
<li><a href="#trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostsynchtml">trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync.html</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/LayoutTests/ChangeLog        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -1,3 +1,30 @@
</span><ins>+2008-10-05  Adam Barth  &lt;abarth@webkit.org&gt;
+
+        Reviewed by Darin Adler.
+
+        Tests for the new Origin header.
+
+        https://bugs.webkit.org/show_bug.cgi?id=20792
+
+        Collin Jackson &lt;collinj@webkit.org&gt; also contributed to this patch.
+
+        * http/tests/security/originHeader: Added.
+        * http/tests/security/originHeader/origin-header-for-data-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-data.html: Added.
+        * http/tests/security/originHeader/origin-header-for-empty-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-empty.html: Added.
+        * http/tests/security/originHeader/origin-header-for-get-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-get.html: Added.
+        * http/tests/security/originHeader/origin-header-for-https-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-https.html: Added.
+        * http/tests/security/originHeader/origin-header-for-post-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-post.html: Added.
+        * http/tests/security/originHeader/origin-header-for-xmlhttprequest-expected.txt: Added.
+        * http/tests/security/originHeader/origin-header-for-xmlhttprequest.html: Added.
+        * http/tests/security/originHeader/resources: Added.
+        * http/tests/security/originHeader/resources/origin-header-post-to-http.html: Added.
+        * http/tests/security/originHeader/resources/print-origin.cgi: Added.
+
</ins><span class="cx"> 2008-10-05  Oliver Hunt  &lt;oliver@apple.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Reviewed by Reviewed by Tim Hatcher.
</span></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderfordataexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1 @@
</span><ins>+HTTP_ORIGIN: null
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderfordatahtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,17 @@
</span><ins>+&lt;html&gt;
+&lt;head&gt;
+&lt;script&gt;
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+window.location = 'data:text/html,\
+&lt;form action=&quot;http://127.0.0.1:8000/security/originHeader/resources/print-origin.cgi&quot;\
+      method=&quot;POST&quot;&gt;\
+&lt;/form&gt;\
+&lt;script&gt;document.forms[0].submit();&lt;/scr' + 'ipt&gt;';
+&lt;/script&gt;
+&lt;/head&gt;
+&lt;body&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforemptyexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1 @@
</span><ins>+HTTP_ORIGIN: http://127.0.0.1:8000
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforemptyhtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-empty.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+&lt;html&gt;
+&lt;head&gt;
+&lt;script&gt;
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+    layoutTestController.setCanOpenWindows();
+    layoutTestController.setCloseRemainingWindowsWhenComplete(true);
+}
+window.name = 'opener';
+w = window.open(&quot;&quot;);
+w.document.open();
+w.document.write('\
+&lt;form action=&quot;http://127.0.0.1:8000/security/originHeader/resources/print-origin.cgi&quot;\
+      target=&quot;opener&quot;\
+      method=&quot;POST&quot;&gt;\
+&lt;/form&gt;\
+&lt;script&gt;document.forms[0].submit();&lt;/scr' + 'ipt&gt;');
+w.document.close();
+&lt;/script&gt;
+&lt;/head&gt;
+&lt;body&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforgetexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1 @@
</span><ins>+HTTP_ORIGIN:
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforgethtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-get.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,16 @@
</span><ins>+&lt;html&gt;
+&lt;head&gt;
+&lt;script&gt;
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+&lt;/script&gt;
+&lt;/head&gt;
+&lt;body&gt;
+&lt;form action=&quot;resources/print-origin.cgi&quot;
+      method=&quot;GET&quot;&gt;
+&lt;/form&gt;
+&lt;script&gt;document.forms[0].submit()&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforhttpsexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1 @@
</span><ins>+HTTP_ORIGIN: https://127.0.0.1:8443
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforhttpshtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-https.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,13 @@
</span><ins>+&lt;html&gt;
+&lt;head&gt;
+&lt;script&gt;
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+window.location = &quot;https://127.0.0.1:8443/security/originHeader/resources/origin-header-post-to-http.html&quot;;
+&lt;/script&gt;
+&lt;/head&gt;
+&lt;body&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforpostexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1 @@
</span><ins>+HTTP_ORIGIN: http://127.0.0.1:8000
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderoriginheaderforposthtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/origin-header-for-post.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,16 @@
</span><ins>+&lt;html&gt;
+&lt;head&gt;
+&lt;script&gt;
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+&lt;/script&gt;
+&lt;/head&gt;
+&lt;body&gt;
+&lt;form action=&quot;resources/print-origin.cgi&quot;
+      method=&quot;POST&quot;&gt;
+&lt;/form&gt;
+&lt;script&gt;document.forms[0].submit()&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderresourcesoriginheaderposttohttphtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/resources/origin-header-post-to-http.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/resources/origin-header-post-to-http.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/resources/origin-header-post-to-http.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+&lt;form action=&quot;http://127.0.0.1:8000/security/originHeader/resources/print-origin.cgi&quot;
+      method=&quot;POST&quot;&gt;
+&lt;/form&gt;
+&lt;script&gt;document.forms[0].submit();&lt;/script&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestssecurityoriginHeaderresourcesprintorigincgi"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/security/originHeader/resources/print-origin.cgi (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/security/originHeader/resources/print-origin.cgi                                (rev 0)
+++ trunk/LayoutTests/http/tests/security/originHeader/resources/print-origin.cgi        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,14 @@
</span><ins>+#!/usr/bin/perl -wT
+use strict;
+
+print &quot;Content-Type: text/html\n&quot;;
+print &quot;Access-Control-Origin: *\n&quot;;
+print &quot;Cache-Control: no-store\n\n&quot;;
+
+print &quot;HTTP_ORIGIN: &quot; . $ENV{&quot;HTTP_ORIGIN&quot;} . &quot;\n&quot;;
+print &lt;&lt;DONE
+&lt;script&gt;
+    if (window.layoutTestController)
+        window.layoutTestController.notifyDone();
+&lt;/script&gt;
+DONE
</ins><span class="cx">Property changes on: trunk/LayoutTests/http/tests/security/originHeader/resources/print-origin.cgi
</span><span class="cx">___________________________________________________________________
</span></span></pre></div>
<a id="svnexecutable"></a>
<div class="addfile"><h4>Added: svn:executable</h4></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetasyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetasynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-async.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+var xhr = new XMLHttpRequest();
+xhr.open('GET', 'http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi', true);
+xhr.onload = function () {
+    log(xhr.responseText);
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}
+xhr.send(null);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetsyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossorigingetsynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-get-sync.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+var xhr = new XMLHttpRequest();
+xhr.open('GET', 'http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi', false);
+xhr.send(null);
+log(xhr.responseText);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostasyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostasynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-async.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+var xhr = new XMLHttpRequest();
+xhr.open('POST', 'http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi', true);
+xhr.onload = function () {
+    log(xhr.responseText);
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}
+xhr.send(null);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostsyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadercrossoriginpostsynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-cross-origin-post-sync.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+var xhr = new XMLHttpRequest();
+xhr.open('POST', 'http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-access-control-origin-header.cgi', false);
+xhr.send(null);
+log(xhr.responseText);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetasyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: 
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetasynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-async.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+var xhr = new XMLHttpRequest();
+xhr.open('GET', 'resources/access-control-basic-allow-access-control-origin-header.cgi', true);
+xhr.onload = function () {
+    log(xhr.responseText);
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}
+xhr.send(null);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetsyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: 
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameorigingetsynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-get-sync.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+var xhr = new XMLHttpRequest();
+xhr.open('GET', 'resources/access-control-basic-allow-access-control-origin-header.cgi', false);
+xhr.send(null);
+log(xhr.responseText);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostasyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostasynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-async.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,24 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+var xhr = new XMLHttpRequest();
+xhr.open('POST', 'resources/access-control-basic-allow-access-control-origin-header.cgi', true);
+xhr.onload = function () {
+    log(xhr.responseText);
+    if (window.layoutTestController)
+        layoutTestController.notifyDone();
+}
+xhr.send(null);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostsyncexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync-expected.txt (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync-expected.txt                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync-expected.txt        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+PASS: Cross-domain access allowed.
+HTTP_ORIGIN: http://127.0.0.1:8000
+
+
</ins></span></pre></div>
<a id="trunkLayoutTestshttptestsxmlhttprequestoriginheadersameoriginpostsynchtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync.html (0 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync.html                                (rev 0)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/origin-header-same-origin-post-sync.html        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+&lt;html&gt;
+&lt;body&gt;
+&lt;pre id=&quot;console&quot;&gt;&lt;/pre&gt;
+&lt;script&gt;
+function log(message) {
+    document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
+}
+
+if (window.layoutTestController)
+    layoutTestController.dumpAsText();
+
+var xhr = new XMLHttpRequest();
+xhr.open('POST', 'resources/access-control-basic-allow-access-control-origin-header.cgi', false);
+xhr.send(null);
+log(xhr.responseText);
+&lt;/script&gt;
+&lt;/body&gt;
+&lt;/html&gt;
</ins></span></pre></div>
<a id="trunkWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/ChangeLog (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/ChangeLog        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/ChangeLog        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -1,3 +1,50 @@
</span><ins>+2008-10-05  Adam Barth  &lt;abarth@webkit.org&gt;
+
+        Reviewed by Darin Alder.
+
+        Attach the Origin header to POST requests to help defend against
+        cross-site request forgery.
+
+        https://bugs.webkit.org/show_bug.cgi?id=20792
+
+        Collin Jackson &lt;collinj@webkit.org&gt; also contributed to this patch.
+
+        Tests: http/tests/security/originHeader/origin-header-for-data.html
+               http/tests/security/originHeader/origin-header-for-empty.html
+               http/tests/security/originHeader/origin-header-for-get.html
+               http/tests/security/originHeader/origin-header-for-https.html
+               http/tests/security/originHeader/origin-header-for-post.html
+
+        * bindings/js/JSDOMWindowBase.cpp:
+        (WebCore::createWindow):
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::createWindow):
+        (WebCore::FrameLoader::urlSelected):
+        (WebCore::FrameLoader::submitForm):
+        (WebCore::FrameLoader::outgoingOrigin):
+        (WebCore::FrameLoader::loadURL):
+        (WebCore::FrameLoader::addExtraFieldsToRequest):
+        (WebCore::FrameLoader::loadPostRequest):
+        (WebCore::FrameLoader::loadResourceSynchronously):
+        (WebCore::FrameLoader::loadItem):
+        * loader/FrameLoader.h:
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::create):
+        * loader/loader.cpp:
+        (WebCore::Loader::Host::servePendingRequests):
+        * platform/SecurityOrigin.cpp:
+        (WebCore::SecurityOrigin::toHTTPOrigin):
+        * platform/SecurityOrigin.h:
+        * platform/network/ResourceRequestBase.h:
+        (WebCore::ResourceRequestBase::httpOrigin):
+        (WebCore::ResourceRequestBase::setHTTPOrigin):
+        (WebCore::ResourceRequestBase::clearHTTPOrigin):
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::XMLHttpRequest::makeSimpleCrossSiteAccessRequest):
+        (WebCore::XMLHttpRequest::makeCrossSiteAccessRequestWithPreflight):
+        (WebCore::XMLHttpRequest::handleAsynchronousPreflightResult):
+        (WebCore::XMLHttpRequest::didReceiveResponsePreflight):
+
</ins><span class="cx"> 2008-10-04  Oliver Hunt  &lt;oliver@apple.com&gt;
</span><span class="cx"> 
</span><span class="cx">         Reviewed by Tim Hatcher.
</span></span></pre></div>
<a id="trunkWebCorebindingsjsJSDOMWindowBasecpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/bindings/js/JSDOMWindowBase.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/bindings/js/JSDOMWindowBase.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/bindings/js/JSDOMWindowBase.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -272,6 +272,7 @@
</span><span class="cx">     ResourceRequest request;
</span><span class="cx"> 
</span><span class="cx">     request.setHTTPReferrer(activeFrame-&gt;loader()-&gt;outgoingReferrer());
</span><ins>+    FrameLoader::addHTTPOriginIfNeeded(request, activeFrame-&gt;loader()-&gt;outgoingOrigin());
</ins><span class="cx">     FrameLoadRequest frameRequest(request, frameName);
</span><span class="cx"> 
</span><span class="cx">     // FIXME: It's much better for client API if a new window starts with a URL, here where we
</span></span></pre></div>
<a id="trunkWebCoreloaderFrameLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/loader/FrameLoader.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/loader/FrameLoader.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/loader/FrameLoader.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -330,6 +330,7 @@
</span><span class="cx">     // FIXME: Setting the referrer should be the caller's responsibility.
</span><span class="cx">     FrameLoadRequest requestWithReferrer = request;
</span><span class="cx">     requestWithReferrer.resourceRequest().setHTTPReferrer(m_outgoingReferrer);
</span><ins>+    addHTTPOriginIfNeeded(requestWithReferrer.resourceRequest(), outgoingOrigin());
</ins><span class="cx"> 
</span><span class="cx">     Page* oldPage = m_frame-&gt;page();
</span><span class="cx">     if (!oldPage)
</span><span class="lines">@@ -399,6 +400,7 @@
</span><span class="cx">     FrameLoadRequest copy = request;
</span><span class="cx">     if (copy.resourceRequest().httpReferrer().isEmpty())
</span><span class="cx">         copy.resourceRequest().setHTTPReferrer(m_outgoingReferrer);
</span><ins>+    addHTTPOriginIfNeeded(copy.resourceRequest(), outgoingOrigin());
</ins><span class="cx"> 
</span><span class="cx">     loadFrameRequestWithFormAndValues(copy, lockHistory, event, 0, HashMap&lt;String, String&gt;());
</span><span class="cx"> }
</span><span class="lines">@@ -574,6 +576,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     frameRequest.resourceRequest().setURL(u);
</span><ins>+    addHTTPOriginIfNeeded(frameRequest.resourceRequest(), outgoingOrigin());
</ins><span class="cx"> 
</span><span class="cx">     submitForm(frameRequest, event);
</span><span class="cx"> }
</span><span class="lines">@@ -1784,6 +1787,14 @@
</span><span class="cx">     return m_outgoingReferrer;
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+String FrameLoader::outgoingOrigin() const
+{
+    if (m_frame-&gt;document())
+        return m_frame-&gt;document()-&gt;securityOrigin()-&gt;toHTTPOrigin();
+
+    return SecurityOrigin::createEmpty()-&gt;toHTTPOrigin();
+}
+
</ins><span class="cx"> Frame* FrameLoader::opener()
</span><span class="cx"> {
</span><span class="cx">     return m_opener;
</span><span class="lines">@@ -2124,8 +2135,11 @@
</span><span class="cx">     bool isFormSubmission = formState;
</span><span class="cx">     
</span><span class="cx">     ResourceRequest request(newURL);
</span><del>-    if (!referrer.isEmpty())
</del><ins>+    if (!referrer.isEmpty()) {
</ins><span class="cx">         request.setHTTPReferrer(referrer);
</span><ins>+        RefPtr&lt;SecurityOrigin&gt; referrerOrigin = SecurityOrigin::createFromString(referrer);
+        addHTTPOriginIfNeeded(request, referrerOrigin-&gt;toHTTPOrigin());
+    }
</ins><span class="cx">     addExtraFieldsToRequest(request, true, event || isFormSubmission);
</span><span class="cx">     if (newLoadType == FrameLoadTypeReload)
</span><span class="cx">         request.setCachePolicy(ReloadIgnoringCacheData);
</span><span class="lines">@@ -3405,8 +3419,37 @@
</span><span class="cx">     
</span><span class="cx">     if (mainResource)
</span><span class="cx">         request.setHTTPAccept(&quot;application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5&quot;);
</span><ins>+
+    // Make sure we send the Origin header.
+    addHTTPOriginIfNeeded(request, String());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><ins>+void FrameLoader::addHTTPOriginIfNeeded(ResourceRequest&amp; request, String origin)
+{
+    if (!request.httpOrigin().isEmpty())
+        return;  // Request already has an Origin header.
+
+    // Don't send an Origin header for GET or HEAD to avoid privacy issues.
+    // For example, if an intranet page has a hyperlink to an external web
+    // site, we don't want to include the Origin of the request because it
+    // will leak the internal host name. Similar privacy concerns have lead
+    // to the widespread suppression of the Referer header at the network
+    // layer.
+    if (request.httpMethod() == &quot;GET&quot; || request.httpMethod() == &quot;HEAD&quot;)
+        return;
+
+    // For non-GET and non-HEAD methods, always send an Origin header so the
+    // server knows we support this feature.
+
+    if (origin.isEmpty()) {
+        // If we don't know what origin header to attach, we attach the value
+        // for an empty origin.
+        origin = SecurityOrigin::createEmpty()-&gt;toHTTPOrigin();
+    }
+
+    request.setHTTPOrigin(origin);
+}
+
</ins><span class="cx"> void FrameLoader::committedLoad(DocumentLoader* loader, const char* data, int length)
</span><span class="cx"> {
</span><span class="cx">     if (ArchiveFactory::isArchiveMimeType(loader-&gt;response().mimeType()))
</span><span class="lines">@@ -3432,15 +3475,17 @@
</span><span class="cx">     const KURL&amp; url = inRequest.url();
</span><span class="cx">     RefPtr&lt;FormData&gt; formData = inRequest.httpBody();
</span><span class="cx">     const String&amp; contentType = inRequest.httpContentType();
</span><ins>+    String origin = inRequest.httpOrigin();
</ins><span class="cx"> 
</span><span class="cx">     ResourceRequest workingResourceRequest(url);    
</span><del>-    addExtraFieldsToRequest(workingResourceRequest, true, true);
</del><span class="cx"> 
</span><span class="cx">     if (!referrer.isEmpty())
</span><span class="cx">         workingResourceRequest.setHTTPReferrer(referrer);
</span><ins>+    workingResourceRequest.setHTTPOrigin(origin);
</ins><span class="cx">     workingResourceRequest.setHTTPMethod(&quot;POST&quot;);
</span><span class="cx">     workingResourceRequest.setHTTPBody(formData);
</span><span class="cx">     workingResourceRequest.setHTTPContentType(contentType);
</span><ins>+    addExtraFieldsToRequest(workingResourceRequest, true, true);
</ins><span class="cx"> 
</span><span class="cx">     NavigationAction action(url, FrameLoadTypeStandard, true, event);
</span><span class="cx"> 
</span><span class="lines">@@ -3482,6 +3527,7 @@
</span><span class="cx">     
</span><span class="cx">     if (!referrer.isEmpty())
</span><span class="cx">         initialRequest.setHTTPReferrer(referrer);
</span><ins>+    addHTTPOriginIfNeeded(initialRequest, outgoingOrigin());
</ins><span class="cx"> 
</span><span class="cx">     if (Page* page = m_frame-&gt;page())
</span><span class="cx">         initialRequest.setMainDocumentURL(page-&gt;mainFrame()-&gt;loader()-&gt;documentLoader()-&gt;request().url());
</span><span class="lines">@@ -4293,8 +4339,6 @@
</span><span class="cx">         if (!inPageCache) {
</span><span class="cx">             ResourceRequest request(itemURL);
</span><span class="cx"> 
</span><del>-            addExtraFieldsToRequest(request, true, formData);
-
</del><span class="cx">             // If this was a repost that failed the page cache, we might try to repost the form.
</span><span class="cx">             NavigationAction action;
</span><span class="cx">             if (formData) {
</span><span class="lines">@@ -4305,6 +4349,8 @@
</span><span class="cx">                 request.setHTTPReferrer(item-&gt;formReferrer());
</span><span class="cx">                 request.setHTTPBody(formData);
</span><span class="cx">                 request.setHTTPContentType(item-&gt;formContentType());
</span><ins>+                RefPtr&lt;SecurityOrigin&gt; securityOrigin = SecurityOrigin::createFromString(item-&gt;formReferrer());
+                addHTTPOriginIfNeeded(request, securityOrigin-&gt;toHTTPOrigin());
</ins><span class="cx">         
</span><span class="cx">                 // FIXME: Slight hack to test if the NSURL cache contains the page we're going to.
</span><span class="cx">                 // We want to know this before talking to the policy delegate, since it affects whether 
</span><span class="lines">@@ -4345,6 +4391,7 @@
</span><span class="cx">                 action = NavigationAction(itemOriginalURL, loadType, false);
</span><span class="cx">             }
</span><span class="cx"> 
</span><ins>+            addExtraFieldsToRequest(request, true, formData);
</ins><span class="cx">             loadWithNavigationAction(request, action, loadType, 0);
</span><span class="cx">         }
</span><span class="cx">     }
</span></span></pre></div>
<a id="trunkWebCoreloaderFrameLoaderh"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/loader/FrameLoader.h (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/loader/FrameLoader.h        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/loader/FrameLoader.h        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -193,6 +193,7 @@
</span><span class="cx">         bool isReloading() const;
</span><span class="cx">         String referrer() const;
</span><span class="cx">         String outgoingReferrer() const;
</span><ins>+        String outgoingOrigin() const;
</ins><span class="cx">         void loadEmptyDocumentSynchronously();
</span><span class="cx"> 
</span><span class="cx">         DocumentLoader* activeDocumentLoader() const;
</span><span class="lines">@@ -277,6 +278,7 @@
</span><span class="cx">         void detachChildren();
</span><span class="cx"> 
</span><span class="cx">         void addExtraFieldsToRequest(ResourceRequest&amp;, bool isMainResource, bool alwaysFromRequest);
</span><ins>+        static void addHTTPOriginIfNeeded(ResourceRequest&amp;, String origin);
</ins><span class="cx"> 
</span><span class="cx">         FrameLoaderClient* client() const;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkWebCoreloaderSubresourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/loader/SubresourceLoader.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/loader/SubresourceLoader.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/loader/SubresourceLoader.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -93,6 +93,7 @@
</span><span class="cx">         newRequest.clearHTTPReferrer();
</span><span class="cx">     else if (!request.httpReferrer())
</span><span class="cx">         newRequest.setHTTPReferrer(fl-&gt;outgoingReferrer());
</span><ins>+    FrameLoader::addHTTPOriginIfNeeded(newRequest, fl-&gt;outgoingOrigin());
</ins><span class="cx"> 
</span><span class="cx">     // Use the original request's cache policy for two reasons:
</span><span class="cx">     // 1. For POST requests, we mutate the cache policy for the main resource,
</span></span></pre></div>
<a id="trunkWebCoreloaderloadercpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/loader/loader.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/loader/loader.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/loader/loader.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -36,6 +36,7 @@
</span><span class="cx"> #include &quot;ResourceHandle.h&quot;
</span><span class="cx"> #include &quot;ResourceRequest.h&quot;
</span><span class="cx"> #include &quot;ResourceResponse.h&quot;
</span><ins>+#include &quot;SecurityOrigin.h&quot;
</ins><span class="cx"> #include &quot;SubresourceLoader.h&quot;
</span><span class="cx"> #include &lt;wtf/Assertions.h&gt;
</span><span class="cx"> #include &lt;wtf/Vector.h&gt;
</span><span class="lines">@@ -239,6 +240,7 @@
</span><span class="cx">         if ((referrer.protocolIs(&quot;http&quot;) || referrer.protocolIs(&quot;https&quot;)) &amp;&amp; referrer.path().isEmpty())
</span><span class="cx">             referrer.setPath(&quot;/&quot;);
</span><span class="cx">         resourceRequest.setHTTPReferrer(referrer.string());
</span><ins>+        FrameLoader::addHTTPOriginIfNeeded(resourceRequest, docLoader-&gt;doc()-&gt;securityOrigin()-&gt;toHTTPOrigin());
</ins><span class="cx">         
</span><span class="cx">         if (resourceIsCacheValidator) {
</span><span class="cx">             CachedResource* resourceToRevalidate = request-&gt;cachedResource()-&gt;resourceToRevalidate();
</span></span></pre></div>
<a id="trunkWebCorepageSecurityOrigincpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/page/SecurityOrigin.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/page/SecurityOrigin.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/page/SecurityOrigin.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -220,6 +220,15 @@
</span><span class="cx">     return String::adopt(result);
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+String SecurityOrigin::toHTTPOrigin() const
+{
+    String origin = toString();
+    if (origin.isEmpty())
+        return &quot;null&quot;;
+
+    return origin;
+}
+
</ins><span class="cx"> PassRefPtr&lt;SecurityOrigin&gt; SecurityOrigin::createFromString(const String&amp; originString)
</span><span class="cx"> {
</span><span class="cx">     return SecurityOrigin::create(KURL(originString));
</span></span></pre></div>
<a id="trunkWebCorepageSecurityOriginh"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/page/SecurityOrigin.h (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/page/SecurityOrigin.h        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/page/SecurityOrigin.h        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -106,6 +106,11 @@
</span><span class="cx">         // SecurityOrigin is represented with the null string.
</span><span class="cx">         String toString() const;
</span><span class="cx"> 
</span><ins>+        // Convert this SecurityOrigin into a string for use in the HTTP Origin
+        // header. This is similar to toString(), except that the empty
+        // SecurityOrigin is represented as the string &quot;null&quot;.
+        String toHTTPOrigin() const;
+
</ins><span class="cx">         // Serialize the security origin for storage in the database. This format is
</span><span class="cx">         // deprecated and should be used only for compatibility with old databases;
</span><span class="cx">         // use toString() and createFromString() instead.
</span></span></pre></div>
<a id="trunkWebCoreplatformnetworkResourceRequestBaseh"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/platform/network/ResourceRequestBase.h (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/platform/network/ResourceRequestBase.h        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/platform/network/ResourceRequestBase.h        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -78,6 +78,10 @@
</span><span class="cx">         void setHTTPReferrer(const String&amp; httpReferrer) { setHTTPHeaderField(&quot;Referer&quot;, httpReferrer); }
</span><span class="cx">         void clearHTTPReferrer() { m_httpHeaderFields.remove(&quot;Referer&quot;); }
</span><span class="cx">         
</span><ins>+        String httpOrigin() const { return httpHeaderField(&quot;Origin&quot;); }
+        void setHTTPOrigin(const String&amp; httpOrigin) { setHTTPHeaderField(&quot;Origin&quot;, httpOrigin); }
+        void clearHTTPOrigin() { m_httpHeaderFields.remove(&quot;Origin&quot;); }
+
</ins><span class="cx">         String httpUserAgent() const { return httpHeaderField(&quot;User-Agent&quot;); }
</span><span class="cx">         void setHTTPUserAgent(const String&amp; httpUserAgent) { setHTTPHeaderField(&quot;User-Agent&quot;, httpUserAgent); }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkWebCorexmlXMLHttpRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/WebCore/xml/XMLHttpRequest.cpp (37316 => 37317)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebCore/xml/XMLHttpRequest.cpp        2008-10-05 17:38:32 UTC (rev 37316)
+++ trunk/WebCore/xml/XMLHttpRequest.cpp        2008-10-05 19:12:30 UTC (rev 37317)
</span><span class="lines">@@ -537,14 +537,6 @@
</span><span class="cx">         makeCrossSiteAccessRequestWithPreflight(ec);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-String XMLHttpRequest::accessControlOrigin() const
-{
-    String accessControlOrigin = m_doc-&gt;securityOrigin()-&gt;toString();
-    if (accessControlOrigin.isEmpty())
-        return &quot;null&quot;;
-    return accessControlOrigin;
-}
-
</del><span class="cx"> void XMLHttpRequest::makeSimpleCrossSiteAccessRequest(ExceptionCode&amp; ec)
</span><span class="cx"> {
</span><span class="cx">     ASSERT(isSimpleCrossSiteAccessRequest());
</span><span class="lines">@@ -556,7 +548,7 @@
</span><span class="cx">     ResourceRequest request(url);
</span><span class="cx">     request.setHTTPMethod(m_method);
</span><span class="cx">     request.setAllowHTTPCookies(m_includeCredentials);
</span><del>-    request.setHTTPHeaderField(&quot;Origin&quot;, accessControlOrigin());
</del><ins>+    request.setHTTPOrigin(m_doc-&gt;securityOrigin()-&gt;toHTTPOrigin());
</ins><span class="cx"> 
</span><span class="cx">     if (m_requestHeaders.size() &gt; 0)
</span><span class="cx">         request.addHTTPHeaderFields(m_requestHeaders);
</span><span class="lines">@@ -587,7 +579,7 @@
</span><span class="cx"> 
</span><span class="cx"> void XMLHttpRequest::makeCrossSiteAccessRequestWithPreflight(ExceptionCode&amp; ec)
</span><span class="cx"> {
</span><del>-    String origin = accessControlOrigin();
</del><ins>+    String origin = m_doc-&gt;securityOrigin()-&gt;toHTTPOrigin();
</ins><span class="cx">     KURL url = m_url;
</span><span class="cx">     url.setUser(String());
</span><span class="cx">     url.setPass(String());
</span><span class="lines">@@ -675,7 +667,7 @@
</span><span class="cx">     ResourceRequest request(url);
</span><span class="cx">     request.setHTTPMethod(m_method);
</span><span class="cx">     request.setAllowHTTPCookies(m_includeCredentials);
</span><del>-    request.setHTTPHeaderField(&quot;Origin&quot;, accessControlOrigin());
</del><ins>+    request.setHTTPOrigin(m_doc-&gt;securityOrigin()-&gt;toHTTPOrigin());
</ins><span class="cx"> 
</span><span class="cx">     if (m_requestHeaders.size() &gt; 0)
</span><span class="cx">         request.addHTTPHeaderFields(m_requestHeaders);
</span><span class="lines">@@ -1200,7 +1192,7 @@
</span><span class="cx">     if (!parseAccessControlMaxAge(response.httpHeaderField(&quot;Access-Control-Max-Age&quot;), expiryDelta))
</span><span class="cx">         expiryDelta = 5;
</span><span class="cx"> 
</span><del>-    appendPreflightResultCacheEntry(accessControlOrigin(), m_url, expiryDelta, m_includeCredentials, methods.release(), headers.release());
</del><ins>+    appendPreflightResultCacheEntry(m_doc-&gt;securityOrigin()-&gt;toHTTPOrigin(), m_url, expiryDelta, m_includeCredentials, methods.release(), headers.release());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void XMLHttpRequest::receivedCancellation(SubresourceLoader*, const AuthenticationChallenge&amp; challenge)
</span></span></pre>
</div>
</div>

</body>
</html>