<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202811] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202811">202811</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-07-04 11:36:30 -0700 (Mon, 04 Jul 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Remove RequestOriginPolicy from ResourceLoaderOptions
https://bugs.webkit.org/show_bug.cgi?id=159406
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-04
Reviewed by Sam Weinig.
Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
cors/UseDefaultOriginRestrictionsForType as per fetch specification.
No change of behavior.
* css/CSSImageSetValue.cpp:
(WebCore::CSSImageSetValue::cachedImageSet):
* css/CSSImageValue.cpp:
(WebCore::CSSImageValue::cachedImage):
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource):
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::requestResource):
* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):
* loader/ResourceLoaderOptions.h:
(WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
(WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
(WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::init):
(WebCore::SubresourceLoader::willSendRequestInternal):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
(WebCore::CachedResourceLoader::canRequest):
(WebCore::CachedResourceLoader::defaultCachedResourceOptions):
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::startLoading):
* platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
(WebCore::WebCoreAVCFResourceLoader::startLoading):
* platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
(WebCore::WebCoreAVFResourceLoader::startLoading):
* style/StylePendingResources.cpp:
(WebCore::Style::loadPendingImage):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorecssCSSImageSetValuecpp">trunk/Source/WebCore/css/CSSImageSetValue.cpp</a></li>
<li><a href="#trunkSourceWebCorecssCSSImageValuecpp">trunk/Source/WebCore/css/CSSImageValue.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentLoadercpp">trunk/Source/WebCore/loader/DocumentLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderMediaResourceLoadercpp">trunk/Source/WebCore/loader/MediaResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderNetscapePlugInStreamLoadercpp">trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderResourceLoaderOptionsh">trunk/Source/WebCore/loader/ResourceLoaderOptions.h</a></li>
<li><a href="#trunkSourceWebCoreloaderSubresourceLoadercpp">trunk/Source/WebCore/loader/SubresourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceLoadercpp">trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceRequestcpp">trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadericonIconLoadercpp">trunk/Source/WebCore/loader/icon/IconLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationcfWebCoreAVCFResourceLoadercpp">trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationobjcWebCoreAVFResourceLoadermm">trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm</a></li>
<li><a href="#trunkSourceWebCorestyleStylePendingResourcescpp">trunk/Source/WebCore/style/StylePendingResources.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/ChangeLog        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -1,5 +1,51 @@
</span><span class="cx"> 2016-07-04 Youenn Fablet <youenn@apple.com>
</span><span class="cx">
</span><ins>+ Remove RequestOriginPolicy from ResourceLoaderOptions
+ https://bugs.webkit.org/show_bug.cgi?id=159406
+
+ Reviewed by Sam Weinig.
+
+ Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
+ The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
+ UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
+ cors/UseDefaultOriginRestrictionsForType as per fetch specification.
+
+ No change of behavior.
+
+ * css/CSSImageSetValue.cpp:
+ (WebCore::CSSImageSetValue::cachedImageSet):
+ * css/CSSImageValue.cpp:
+ (WebCore::CSSImageValue::cachedImage):
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::startLoadingMainResource):
+ * loader/MediaResourceLoader.cpp:
+ (WebCore::MediaResourceLoader::requestResource):
+ * loader/NetscapePlugInStreamLoader.cpp:
+ (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):
+ * loader/ResourceLoaderOptions.h:
+ (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
+ (WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
+ (WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::init):
+ (WebCore::SubresourceLoader::willSendRequestInternal):
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
+ (WebCore::CachedResourceLoader::canRequest):
+ (WebCore::CachedResourceLoader::defaultCachedResourceOptions):
+ * loader/cache/CachedResourceRequest.cpp:
+ (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
+ * loader/icon/IconLoader.cpp:
+ (WebCore::IconLoader::startLoading):
+ * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
+ (WebCore::WebCoreAVCFResourceLoader::startLoading):
+ * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
+ (WebCore::WebCoreAVFResourceLoader::startLoading):
+ * style/StylePendingResources.cpp:
+ (WebCore::Style::loadPendingImage):
+
+2016-07-04 Youenn Fablet <youenn@apple.com>
+
</ins><span class="cx"> Shield WebRTC JS built-ins from user scripts
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=155964
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCorecssCSSImageSetValuecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/css/CSSImageSetValue.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/css/CSSImageSetValue.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/css/CSSImageSetValue.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -118,7 +118,7 @@
</span><span class="cx"> ImageWithScale image = bestImageForScaleFactor();
</span><span class="cx"> CachedResourceRequest request(ResourceRequest(document->completeURL(image.imageURL)), options);
</span><span class="cx"> request.setInitiator(cachedResourceRequestInitiators().css);
</span><del>- if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
</del><ins>+ if (options.mode == FetchOptions::Mode::Cors) {
</ins><span class="cx"> ASSERT(document->securityOrigin());
</span><span class="cx"> updateRequestForAccessControl(request.mutableResourceRequest(), *document->securityOrigin(), options.allowCredentials());
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCorecssCSSImageValuecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/css/CSSImageValue.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/css/CSSImageValue.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/css/CSSImageValue.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -82,7 +82,7 @@
</span><span class="cx"> else
</span><span class="cx"> request.setInitiator(m_initiatorName);
</span><span class="cx">
</span><del>- if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
</del><ins>+ if (options.mode == FetchOptions::Mode::Cors) {
</ins><span class="cx"> ASSERT(loader.document()->securityOrigin());
</span><span class="cx"> updateRequestForAccessControl(request.mutableResourceRequest(), *loader.document()->securityOrigin(), options.allowCredentials());
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -1510,7 +1510,7 @@
</span><span class="cx"> // If this is a reload the cache layer might have made the previous request conditional. DocumentLoader can't handle 304 responses itself.
</span><span class="cx"> request.makeUnconditional();
</span><span class="cx">
</span><del>- static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</del><ins>+ static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</ins><span class="cx"> CachedResourceRequest cachedResourceRequest(request, mainResourceLoadOptions);
</span><span class="cx"> cachedResourceRequest.setInitiator(*this);
</span><span class="cx"> m_mainResource = m_cachedResourceLoader->requestMainResource(cachedResourceRequest);
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderMediaResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/MediaResourceLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/MediaResourceLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/MediaResourceLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -63,7 +63,7 @@
</span><span class="cx"> return nullptr;
</span><span class="cx">
</span><span class="cx"> DataBufferingPolicy bufferingPolicy = options & LoadOption::BufferData ? WebCore::BufferData : WebCore::DoNotBufferData;
</span><del>- RequestOriginPolicy corsPolicy = !m_crossOriginMode.isNull() ? PotentiallyCrossOriginEnabled : UseDefaultOriginRestrictionsForType;
</del><ins>+ FetchOptions::Mode corsPolicy = !m_crossOriginMode.isNull() ? FetchOptions::Mode::Cors : FetchOptions::Mode::NoCors;
</ins><span class="cx"> auto cachingPolicy = options & LoadOption::DisallowCaching ? CachingPolicy::DisallowCaching : CachingPolicy::AllowCaching;
</span><span class="cx"> StoredCredentials allowCredentials = m_crossOriginMode.isNull() || equalLettersIgnoringASCIICase(m_crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
</span><span class="cx">
</span><span class="lines">@@ -72,7 +72,7 @@
</span><span class="cx"> #if HAVE(AVFOUNDATION_LOADER_DELEGATE) && PLATFORM(MAC)
</span><span class="cx"> // FIXME: Workaround for <rdar://problem/26071607>. We are not able to do CORS checking on 304 responses because they
</span><span class="cx"> // are usually missing the headers we need.
</span><del>- if (corsPolicy == PotentiallyCrossOriginEnabled)
</del><ins>+ if (corsPolicy == FetchOptions::Mode::Cors)
</ins><span class="cx"> updatedRequest.makeUnconditional();
</span><span class="cx"> #endif
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderNetscapePlugInStreamLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -43,7 +43,7 @@
</span><span class="cx"> // FIXME: Skip Content Security Policy check when associated plugin element is in a user agent shadow tree.
</span><span class="cx"> // See <https://bugs.webkit.org/show_bug.cgi?id=146663>.
</span><span class="cx"> NetscapePlugInStreamLoader::NetscapePlugInStreamLoader(Frame& frame, NetscapePlugInStreamLoaderClient& client)
</span><del>- : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
</del><ins>+ : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
</ins><span class="cx"> , m_client(&client)
</span><span class="cx"> {
</span><span class="cx"> #if ENABLE(CONTENT_EXTENSIONS)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderResourceLoaderOptionsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ResourceLoaderOptions.h (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ResourceLoaderOptions.h        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/ResourceLoaderOptions.h        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -55,12 +55,6 @@
</span><span class="cx"> DoSecurityCheck
</span><span class="cx"> };
</span><span class="cx">
</span><del>-enum RequestOriginPolicy {
- UseDefaultOriginRestrictionsForType,
- RestrictToSameOrigin,
- PotentiallyCrossOriginEnabled // Indicates "potentially CORS-enabled fetch" in HTML standard.
-};
-
</del><span class="cx"> enum CertificateInfoPolicy {
</span><span class="cx"> IncludeCertificateInfo,
</span><span class="cx"> DoNotIncludeCertificateInfo
</span><span class="lines">@@ -90,12 +84,11 @@
</span><span class="cx"> , m_clientCredentialPolicy(DoNotAskClientForAnyCredentials)
</span><span class="cx"> , m_credentialRequest(ClientDidNotRequestCredentials)
</span><span class="cx"> , m_securityCheck(DoSecurityCheck)
</span><del>- , m_requestOriginPolicy(UseDefaultOriginRestrictionsForType)
</del><span class="cx"> , m_certificateInfoPolicy(DoNotIncludeCertificateInfo)
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, RequestOriginPolicy requestOriginPolicy, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
</del><ins>+ ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, FetchOptions::Mode mode, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
</ins><span class="cx"> : m_sendLoadCallbacks(sendLoadCallbacks)
</span><span class="cx"> , m_sniffContent(sniffContent)
</span><span class="cx"> , m_dataBufferingPolicy(dataBufferingPolicy)
</span><span class="lines">@@ -103,12 +96,12 @@
</span><span class="cx"> , m_clientCredentialPolicy(credentialPolicy)
</span><span class="cx"> , m_credentialRequest(credentialRequest)
</span><span class="cx"> , m_securityCheck(securityCheck)
</span><del>- , m_requestOriginPolicy(requestOriginPolicy)
</del><span class="cx"> , m_certificateInfoPolicy(certificateInfoPolicy)
</span><span class="cx"> , m_contentSecurityPolicyImposition(contentSecurityPolicyImposition)
</span><span class="cx"> , m_defersLoadingPolicy(defersLoadingPolicy)
</span><span class="cx"> , m_cachingPolicy(cachingPolicy)
</span><span class="cx"> {
</span><ins>+ this->mode = mode;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> SendCallbackPolicy sendLoadCallbacks() const { return static_cast<SendCallbackPolicy>(m_sendLoadCallbacks); }
</span><span class="lines">@@ -125,8 +118,6 @@
</span><span class="cx"> void setCredentialRequest(CredentialRequest credentialRequest) { m_credentialRequest = credentialRequest; }
</span><span class="cx"> SecurityCheckPolicy securityCheck() const { return static_cast<SecurityCheckPolicy>(m_securityCheck); }
</span><span class="cx"> void setSecurityCheck(SecurityCheckPolicy check) { m_securityCheck = check; }
</span><del>- RequestOriginPolicy requestOriginPolicy() const { return static_cast<RequestOriginPolicy>(m_requestOriginPolicy); }
- void setRequestOriginPolicy(RequestOriginPolicy policy) { m_requestOriginPolicy = policy; }
</del><span class="cx"> CertificateInfoPolicy certificateInfoPolicy() const { return static_cast<CertificateInfoPolicy>(m_certificateInfoPolicy); }
</span><span class="cx"> void setCertificateInfoPolicy(CertificateInfoPolicy policy) { m_certificateInfoPolicy = policy; }
</span><span class="cx"> ContentSecurityPolicyImposition contentSecurityPolicyImposition() const { return m_contentSecurityPolicyImposition; }
</span><span class="lines">@@ -143,7 +134,6 @@
</span><span class="cx"> unsigned m_clientCredentialPolicy : 2; // When we should ask the client for credentials (if we allow credentials at all).
</span><span class="cx"> unsigned m_credentialRequest: 1; // Whether the client (e.g. XHR) wanted credentials in the first place.
</span><span class="cx"> unsigned m_securityCheck : 1;
</span><del>- unsigned m_requestOriginPolicy : 2;
</del><span class="cx"> unsigned m_certificateInfoPolicy : 1; // Whether the response should include certificate info.
</span><span class="cx"> ContentSecurityPolicyImposition m_contentSecurityPolicyImposition { ContentSecurityPolicyImposition::DoPolicyCheck };
</span><span class="cx"> DefersLoadingPolicy m_defersLoadingPolicy { DefersLoadingPolicy::AllowDefersLoading };
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderSubresourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/SubresourceLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/SubresourceLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/SubresourceLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -150,8 +150,8 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: https://bugs.webkit.org/show_bug.cgi?id=155633.
</span><span class="cx"> // SubresourceLoader could use the document origin as a default and set PotentiallyCrossOriginEnabled requests accordingly.
</span><del>- // This would simplify resource loader users as they would only need to set the policy to PotentiallyCrossOriginEnabled.
- if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled)
</del><ins>+ // This would simplify resource loader users as they would only need to set fetch mode to Cors.
+ if (options().mode == FetchOptions::Mode::Cors)
</ins><span class="cx"> m_origin = SecurityOrigin::createFromString(request.httpOrigin());
</span><span class="cx">
</span><span class="cx"> return true;
</span><span class="lines">@@ -202,7 +202,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
</del><ins>+ if (options().mode == FetchOptions::Mode::Cors && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
</ins><span class="cx"> cancel();
</span><span class="cx"> return;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -241,7 +241,7 @@
</span><span class="cx"> memoryCache.add(*userSheet);
</span><span class="cx"> // FIXME: loadResource calls setOwningCachedResourceLoader() if the resource couldn't be added to cache. Does this function need to call it, too?
</span><span class="cx">
</span><del>- userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</del><ins>+ userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</ins><span class="cx">
</span><span class="cx"> return userSheet;
</span><span class="cx"> }
</span><span class="lines">@@ -411,7 +411,7 @@
</span><span class="cx"> #if ENABLE(VIDEO_TRACK)
</span><span class="cx"> case CachedResource::TextTrackResource:
</span><span class="cx"> #endif
</span><del>- if (options.requestOriginPolicy() == RestrictToSameOrigin && !m_document->securityOrigin()->canRequest(url)) {
</del><ins>+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url)) {
</ins><span class="cx"> printAccessDeniedMessage(url);
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="lines">@@ -1190,7 +1190,7 @@
</span><span class="cx">
</span><span class="cx"> const ResourceLoaderOptions& CachedResourceLoader::defaultCachedResourceOptions()
</span><span class="cx"> {
</span><del>- static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</del><ins>+ static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</ins><span class="cx"> return options;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -95,9 +95,10 @@
</span><span class="cx">
</span><span class="cx"> void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Document& document)
</span><span class="cx"> {
</span><ins>+ ASSERT(m_options.mode == FetchOptions::Mode::NoCors);
</ins><span class="cx"> if (mode.isNull())
</span><span class="cx"> return;
</span><del>- m_options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
</del><ins>+ m_options.mode = FetchOptions::Mode::Cors;
</ins><span class="cx"> m_options.setAllowCredentials(equalLettersIgnoringASCIICase(mode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials);
</span><span class="cx">
</span><span class="cx"> ASSERT(document.securityOrigin());
</span></span></pre></div>
<a id="trunkSourceWebCoreloadericonIconLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/icon/IconLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/icon/IconLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/icon/IconLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -59,7 +59,7 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
</span><del>- CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</del><ins>+ CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</ins><span class="cx">
</span><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> request.setInitiator(cachedResourceRequestInitiators().icon);
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationcfWebCoreAVCFResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -71,7 +71,7 @@
</span><span class="cx"> RetainPtr<CFURLRequestRef> urlRequest = AVCFAssetResourceLoadingRequestGetURLRequest(m_avRequest.get());
</span><span class="cx">
</span><span class="cx"> // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
</span><del>- CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</del><ins>+ CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</ins><span class="cx">
</span><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> CachedResourceLoader* loader = m_parent->player()->cachedResourceLoader();
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationobjcWebCoreAVFResourceLoadermm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -69,7 +69,7 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: Skip Content Security Policy check if the element that inititated this request
</span><span class="cx"> // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
</span><del>- CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</del><ins>+ CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</ins><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> if (auto* loader = m_parent->player()->cachedResourceLoader())
</span><span class="cx"> m_resource = loader->requestMedia(request);
</span></span></pre></div>
<a id="trunkSourceWebCorestyleStylePendingResourcescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/style/StylePendingResources.cpp (202810 => 202811)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/style/StylePendingResources.cpp        2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/style/StylePendingResources.cpp        2016-07-04 18:36:30 UTC (rev 202811)
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: Why does shape-outside have different policy than other properties?
</span><span class="cx"> if (loadPolicy == LoadPolicy::ShapeOutside) {
</span><del>- options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
</del><ins>+ options.mode = FetchOptions::Mode::Cors;
</ins><span class="cx"> options.setAllowCredentials(DoNotAllowStoredCredentials);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>