<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202815] trunk/Source/WebCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202815">202815</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-07-05 00:59:20 -0700 (Tue, 05 Jul 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Remove CredentialRequest ResourceLoaderOptions
https://bugs.webkit.org/show_bug.cgi?id=159404
Patch by Youenn Fablet <youenn@apple.com> on 2016-07-05
Reviewed by Sam Weinig.
No observable change of behavior.
Removing CredentialRequest from ResourceLoaderOptions and replacing it by FetchOptions::Credentials.
As per https://fetch.spec.whatwg.org/#http-fetch, credentials flag is set according FetchOptions::Credentials.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource): Set credentials mode to Include.
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::redirectReceived): Disable credentials if credentials mode is SameOrigin
(request being cross origin).
* loader/MediaResourceLoader.cpp: Refqctoring to use CachedResourceReauest::setAsPotentiallyCrossOrigin.
Removed unnecessary ResourceRequest copy by using the mutable request of CachedResourceRequest.
(WebCore::MediaResourceLoader::requestResource):
* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Set credential mode to Include
* loader/ResourceLoaderOptions.h: Removing CredentialRequest option.
(WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
(WebCore::ResourceLoaderOptions::credentialRequest): Deleted.
(WebCore::ResourceLoaderOptions::setCredentialRequest): Deleted.
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Set credential mode to Include.
(WebCore::CachedResourceLoader::defaultCachedResourceOptions): Ditto.
* loader/cache/CachedResourceRequest.cpp:
(WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin): Set credential mode according crossorigin
atribute value.
* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::startLoading): Set credential mode to Omit.
* page/EventSource.cpp:
(WebCore::EventSource::connect): Set credential mode according crossorigin atribute value.
* platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
(WebCore::WebCoreAVCFResourceLoader::startLoading): Set credential mode to Omit.
* platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
(WebCore::WebCoreAVFResourceLoader::startLoading): Ditto.
* platform/network/ResourceHandleTypes.h: Removed definition of CredentialRequest.
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest): Set credential mode according crossorigin atribute value.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentLoadercpp">trunk/Source/WebCore/loader/DocumentLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderDocumentThreadableLoadercpp">trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderMediaResourceLoadercpp">trunk/Source/WebCore/loader/MediaResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderNetscapePlugInStreamLoadercpp">trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderResourceLoaderOptionsh">trunk/Source/WebCore/loader/ResourceLoaderOptions.h</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceLoadercpp">trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadercacheCachedResourceRequestcpp">trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreloadericonIconLoadercpp">trunk/Source/WebCore/loader/icon/IconLoader.cpp</a></li>
<li><a href="#trunkSourceWebCorepageEventSourcecpp">trunk/Source/WebCore/page/EventSource.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationcfWebCoreAVCFResourceLoadercpp">trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsavfoundationobjcWebCoreAVFResourceLoadermm">trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm</a></li>
<li><a href="#trunkSourceWebCoreplatformnetworkResourceHandleTypesh">trunk/Source/WebCore/platform/network/ResourceHandleTypes.h</a></li>
<li><a href="#trunkSourceWebCorexmlXMLHttpRequestcpp">trunk/Source/WebCore/xml/XMLHttpRequest.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/ChangeLog 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -1,3 +1,46 @@
</span><ins>+2016-07-05 Youenn Fablet <youenn@apple.com>
+
+ Remove CredentialRequest ResourceLoaderOptions
+ https://bugs.webkit.org/show_bug.cgi?id=159404
+
+ Reviewed by Sam Weinig.
+
+ No observable change of behavior.
+ Removing CredentialRequest from ResourceLoaderOptions and replacing it by FetchOptions::Credentials.
+ As per https://fetch.spec.whatwg.org/#http-fetch, credentials flag is set according FetchOptions::Credentials.
+
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::startLoadingMainResource): Set credentials mode to Include.
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::redirectReceived): Disable credentials if credentials mode is SameOrigin
+ (request being cross origin).
+ * loader/MediaResourceLoader.cpp: Refqctoring to use CachedResourceReauest::setAsPotentiallyCrossOrigin.
+ Removed unnecessary ResourceRequest copy by using the mutable request of CachedResourceRequest.
+ (WebCore::MediaResourceLoader::requestResource):
+ * loader/NetscapePlugInStreamLoader.cpp:
+ (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Set credential mode to Include
+ * loader/ResourceLoaderOptions.h: Removing CredentialRequest option.
+ (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
+ (WebCore::ResourceLoaderOptions::credentialRequest): Deleted.
+ (WebCore::ResourceLoaderOptions::setCredentialRequest): Deleted.
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Set credential mode to Include.
+ (WebCore::CachedResourceLoader::defaultCachedResourceOptions): Ditto.
+ * loader/cache/CachedResourceRequest.cpp:
+ (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin): Set credential mode according crossorigin
+ atribute value.
+ * loader/icon/IconLoader.cpp:
+ (WebCore::IconLoader::startLoading): Set credential mode to Omit.
+ * page/EventSource.cpp:
+ (WebCore::EventSource::connect): Set credential mode according crossorigin atribute value.
+ * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
+ (WebCore::WebCoreAVCFResourceLoader::startLoading): Set credential mode to Omit.
+ * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
+ (WebCore::WebCoreAVFResourceLoader::startLoading): Ditto.
+ * platform/network/ResourceHandleTypes.h: Removed definition of CredentialRequest.
+ * xml/XMLHttpRequest.cpp:
+ (WebCore::XMLHttpRequest::createRequest): Set credential mode according crossorigin atribute value.
+
</ins><span class="cx"> 2016-07-04 Fujii Hironori <Hironori.Fujii@sony.com>
</span><span class="cx">
</span><span class="cx"> [GTK] Null Node dereference in FrameSelection::notifyAccessibilityForSelectionChange of FrameSelectionAtk.cpp
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -1510,7 +1510,7 @@
</span><span class="cx"> // If this is a reload the cache layer might have made the previous request conditional. DocumentLoader can't handle 304 responses itself.
</span><span class="cx"> request.makeUnconditional();
</span><span class="cx">
</span><del>- static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</del><ins>+ static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, FetchOptions::Credentials::Include, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</ins><span class="cx"> CachedResourceRequest cachedResourceRequest(request, mainResourceLoadOptions);
</span><span class="cx"> cachedResourceRequest.setInitiator(*this);
</span><span class="cx"> m_mainResource = m_cachedResourceLoader->requestMainResource(cachedResourceRequest);
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderDocumentThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -244,9 +244,7 @@
</span><span class="cx"> // Force any subsequent request to use these checks.
</span><span class="cx"> m_sameOriginRequest = false;
</span><span class="cx">
</span><del>- // Since the request is no longer same-origin, if the user didn't request credentials in
- // the first place, update our state so we neither request them nor expect they must be allowed.
- if (m_options.credentialRequest() == ClientDidNotRequestCredentials)
</del><ins>+ if (m_options.credentials == FetchOptions::Credentials::SameOrigin)
</ins><span class="cx"> m_options.setAllowCredentials(DoNotAllowStoredCredentials);
</span><span class="cx">
</span><span class="cx"> cleanRedirectedRequestForAccessControl(request);
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderMediaResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/MediaResourceLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/MediaResourceLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/MediaResourceLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -63,27 +63,21 @@
</span><span class="cx"> return nullptr;
</span><span class="cx">
</span><span class="cx"> DataBufferingPolicy bufferingPolicy = options & LoadOption::BufferData ? WebCore::BufferData : WebCore::DoNotBufferData;
</span><del>- FetchOptions::Mode corsPolicy = !m_crossOriginMode.isNull() ? FetchOptions::Mode::Cors : FetchOptions::Mode::NoCors;
</del><span class="cx"> auto cachingPolicy = options & LoadOption::DisallowCaching ? CachingPolicy::DisallowCaching : CachingPolicy::AllowCaching;
</span><del>- StoredCredentials allowCredentials = m_crossOriginMode.isNull() || equalLettersIgnoringASCIICase(m_crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
</del><span class="cx">
</span><del>- auto updatedRequest = request;
- updatedRequest.setRequester(ResourceRequest::Requester::Media);
</del><ins>+ // FIXME: Skip Content Security Policy check if the element that inititated this request is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
+ CachedResourceRequest cacheRequest(request, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, bufferingPolicy, AllowStoredCredentials, AskClientForAllCredentials, FetchOptions::Credentials::Include, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, cachingPolicy));
+
+ cacheRequest.setAsPotentiallyCrossOrigin(m_crossOriginMode, *m_document);
+
+ cacheRequest.mutableResourceRequest().setRequester(ResourceRequest::Requester::Media);
</ins><span class="cx"> #if HAVE(AVFOUNDATION_LOADER_DELEGATE) && PLATFORM(MAC)
</span><span class="cx"> // FIXME: Workaround for <rdar://problem/26071607>. We are not able to do CORS checking on 304 responses because they
</span><span class="cx"> // are usually missing the headers we need.
</span><del>- if (corsPolicy == FetchOptions::Mode::Cors)
- updatedRequest.makeUnconditional();
</del><ins>+ if (cacheRequest.options().mode == FetchOptions::Mode::Cors)
+ cacheRequest.mutableResourceRequest().makeUnconditional();
</ins><span class="cx"> #endif
</span><span class="cx">
</span><del>- // FIXME: Skip Content Security Policy check if the element that inititated this request
- // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
- CachedResourceRequest cacheRequest(updatedRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, bufferingPolicy, allowCredentials, AskClientForAllCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, corsPolicy, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, cachingPolicy));
-
- if (!m_crossOriginMode.isNull()) {
- ASSERT(m_document->securityOrigin());
- updateRequestForAccessControl(cacheRequest.mutableResourceRequest(), *m_document->securityOrigin(), allowCredentials);
- }
</del><span class="cx"> CachedResourceHandle<CachedRawResource> resource = m_document->cachedResourceLoader().requestMedia(cacheRequest);
</span><span class="cx"> if (!resource)
</span><span class="cx"> return nullptr;
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderNetscapePlugInStreamLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -43,7 +43,7 @@
</span><span class="cx"> // FIXME: Skip Content Security Policy check when associated plugin element is in a user agent shadow tree.
</span><span class="cx"> // See <https://bugs.webkit.org/show_bug.cgi?id=146663>.
</span><span class="cx"> NetscapePlugInStreamLoader::NetscapePlugInStreamLoader(Frame& frame, NetscapePlugInStreamLoaderClient& client)
</span><del>- : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
</del><ins>+ : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, FetchOptions::Credentials::Include, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
</ins><span class="cx"> , m_client(&client)
</span><span class="cx"> {
</span><span class="cx"> #if ENABLE(CONTENT_EXTENSIONS)
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderResourceLoaderOptionsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/ResourceLoaderOptions.h (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/ResourceLoaderOptions.h 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/ResourceLoaderOptions.h 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -82,19 +82,17 @@
</span><span class="cx"> , m_dataBufferingPolicy(BufferData)
</span><span class="cx"> , m_allowCredentials(DoNotAllowStoredCredentials)
</span><span class="cx"> , m_clientCredentialPolicy(DoNotAskClientForAnyCredentials)
</span><del>- , m_credentialRequest(ClientDidNotRequestCredentials)
</del><span class="cx"> , m_securityCheck(DoSecurityCheck)
</span><span class="cx"> , m_certificateInfoPolicy(DoNotIncludeCertificateInfo)
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, FetchOptions::Mode mode, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
</del><ins>+ ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, FetchOptions::Credentials credentials, SecurityCheckPolicy securityCheck, FetchOptions::Mode mode, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
</ins><span class="cx"> : m_sendLoadCallbacks(sendLoadCallbacks)
</span><span class="cx"> , m_sniffContent(sniffContent)
</span><span class="cx"> , m_dataBufferingPolicy(dataBufferingPolicy)
</span><span class="cx"> , m_allowCredentials(allowCredentials)
</span><span class="cx"> , m_clientCredentialPolicy(credentialPolicy)
</span><del>- , m_credentialRequest(credentialRequest)
</del><span class="cx"> , m_securityCheck(securityCheck)
</span><span class="cx"> , m_certificateInfoPolicy(certificateInfoPolicy)
</span><span class="cx"> , m_contentSecurityPolicyImposition(contentSecurityPolicyImposition)
</span><span class="lines">@@ -101,6 +99,7 @@
</span><span class="cx"> , m_defersLoadingPolicy(defersLoadingPolicy)
</span><span class="cx"> , m_cachingPolicy(cachingPolicy)
</span><span class="cx"> {
</span><ins>+ this->credentials = credentials;
</ins><span class="cx"> this->mode = mode;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -114,8 +113,6 @@
</span><span class="cx"> void setAllowCredentials(StoredCredentials allow) { m_allowCredentials = allow; }
</span><span class="cx"> ClientCredentialPolicy clientCredentialPolicy() const { return static_cast<ClientCredentialPolicy>(m_clientCredentialPolicy); }
</span><span class="cx"> void setClientCredentialPolicy(ClientCredentialPolicy policy) { m_clientCredentialPolicy = policy; }
</span><del>- CredentialRequest credentialRequest() { return static_cast<CredentialRequest>(m_credentialRequest); }
- void setCredentialRequest(CredentialRequest credentialRequest) { m_credentialRequest = credentialRequest; }
</del><span class="cx"> SecurityCheckPolicy securityCheck() const { return static_cast<SecurityCheckPolicy>(m_securityCheck); }
</span><span class="cx"> void setSecurityCheck(SecurityCheckPolicy check) { m_securityCheck = check; }
</span><span class="cx"> CertificateInfoPolicy certificateInfoPolicy() const { return static_cast<CertificateInfoPolicy>(m_certificateInfoPolicy); }
</span><span class="lines">@@ -132,7 +129,6 @@
</span><span class="cx"> unsigned m_dataBufferingPolicy : 1;
</span><span class="cx"> unsigned m_allowCredentials : 1; // Whether HTTP credentials and cookies are sent with the request.
</span><span class="cx"> unsigned m_clientCredentialPolicy : 2; // When we should ask the client for credentials (if we allow credentials at all).
</span><del>- unsigned m_credentialRequest: 1; // Whether the client (e.g. XHR) wanted credentials in the first place.
</del><span class="cx"> unsigned m_securityCheck : 1;
</span><span class="cx"> unsigned m_certificateInfoPolicy : 1; // Whether the response should include certificate info.
</span><span class="cx"> ContentSecurityPolicyImposition m_contentSecurityPolicyImposition { ContentSecurityPolicyImposition::DoPolicyCheck };
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -241,7 +241,7 @@
</span><span class="cx"> memoryCache.add(*userSheet);
</span><span class="cx"> // FIXME: loadResource calls setOwningCachedResourceLoader() if the resource couldn't be added to cache. Does this function need to call it, too?
</span><span class="cx">
</span><del>- userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</del><ins>+ userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, FetchOptions::Credentials::Include, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</ins><span class="cx">
</span><span class="cx"> return userSheet;
</span><span class="cx"> }
</span><span class="lines">@@ -1157,7 +1157,7 @@
</span><span class="cx"> printf("HIT COMPLETE PRELOAD %s\n", resource->url().latin1().data());
</span><span class="cx"> else if (resource->preloadResult() == CachedResource::PreloadReferencedWhileLoading)
</span><span class="cx"> printf("HIT LOADING PRELOAD %s\n", resource->url().latin1().data());
</span><del>-
</del><ins>+
</ins><span class="cx"> if (resource->type() == CachedResource::Script) {
</span><span class="cx"> scripts++;
</span><span class="cx"> if (resource->preloadResult() < CachedResource::PreloadReferencedWhileLoading)
</span><span class="lines">@@ -1171,14 +1171,14 @@
</span><span class="cx"> if (resource->preloadResult() < CachedResource::PreloadReferencedWhileLoading)
</span><span class="cx"> imageMisses++;
</span><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> if (resource->errorOccurred() && resource->preloadResult() == CachedResource::PreloadNotReferenced)
</span><span class="cx"> MemoryCache::singleton().remove(resource);
</span><del>-
</del><ins>+
</ins><span class="cx"> resource->decreasePreloadCount();
</span><span class="cx"> }
</span><span class="cx"> m_preloads = nullptr;
</span><del>-
</del><ins>+
</ins><span class="cx"> if (scripts)
</span><span class="cx"> printf("SCRIPTS: %d (%d hits, hit rate %d%%)\n", scripts, scripts - scriptMisses, (scripts - scriptMisses) * 100 / scripts);
</span><span class="cx"> if (stylesheets)
</span><span class="lines">@@ -1190,7 +1190,7 @@
</span><span class="cx">
</span><span class="cx"> const ResourceLoaderOptions& CachedResourceLoader::defaultCachedResourceOptions()
</span><span class="cx"> {
</span><del>- static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</del><ins>+ static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, FetchOptions::Credentials::Include, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
</ins><span class="cx"> return options;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebCoreloadercacheCachedResourceRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -99,6 +99,7 @@
</span><span class="cx"> if (mode.isNull())
</span><span class="cx"> return;
</span><span class="cx"> m_options.mode = FetchOptions::Mode::Cors;
</span><ins>+ m_options.credentials = equalLettersIgnoringASCIICase(mode, "use-credentials") ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
</ins><span class="cx"> m_options.setAllowCredentials(equalLettersIgnoringASCIICase(mode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials);
</span><span class="cx">
</span><span class="cx"> ASSERT(document.securityOrigin());
</span></span></pre></div>
<a id="trunkSourceWebCoreloadericonIconLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/icon/IconLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/icon/IconLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/loader/icon/IconLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -59,7 +59,7 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
</span><del>- CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</del><ins>+ CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, FetchOptions::Credentials::Omit, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
</ins><span class="cx">
</span><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> request.setInitiator(cachedResourceRequestInitiators().icon);
</span></span></pre></div>
<a id="trunkSourceWebCorepageEventSourcecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/EventSource.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/EventSource.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/page/EventSource.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -109,7 +109,7 @@
</span><span class="cx"> options.setSendLoadCallbacks(SendCallbacks);
</span><span class="cx"> options.setSniffContent(DoNotSniffContent);
</span><span class="cx"> options.setAllowCredentials((origin.canRequest(m_url) || m_withCredentials) ? AllowStoredCredentials : DoNotAllowStoredCredentials);
</span><del>- options.setCredentialRequest(m_withCredentials ? ClientRequestedCredentials : ClientDidNotRequestCredentials);
</del><ins>+ options.credentials = m_withCredentials ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
</ins><span class="cx"> options.preflightPolicy = PreventPreflight;
</span><span class="cx"> options.crossOriginRequestPolicy = UseAccessControl;
</span><span class="cx"> options.setDataBufferingPolicy(DoNotBufferData);
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationcfWebCoreAVCFResourceLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -71,7 +71,7 @@
</span><span class="cx"> RetainPtr<CFURLRequestRef> urlRequest = AVCFAssetResourceLoadingRequestGetURLRequest(m_avRequest.get());
</span><span class="cx">
</span><span class="cx"> // ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
</span><del>- CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</del><ins>+ CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, FetchOptions::Credentials::Omit, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</ins><span class="cx">
</span><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> CachedResourceLoader* loader = m_parent->player()->cachedResourceLoader();
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsavfoundationobjcWebCoreAVFResourceLoadermm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -69,7 +69,7 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: Skip Content Security Policy check if the element that inititated this request
</span><span class="cx"> // is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
</span><del>- CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</del><ins>+ CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, FetchOptions::Credentials::Omit, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
</ins><span class="cx"> request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
</span><span class="cx"> if (auto* loader = m_parent->player()->cachedResourceLoader())
</span><span class="cx"> m_resource = loader->requestMedia(request);
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformnetworkResourceHandleTypesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/network/ResourceHandleTypes.h (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/network/ResourceHandleTypes.h 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/platform/network/ResourceHandleTypes.h 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -39,15 +39,6 @@
</span><span class="cx"> DoNotAskClientForAnyCredentials
</span><span class="cx"> };
</span><span class="cx">
</span><del>-// APIs like XMLHttpRequest and EventSource let the user decide
-// whether to send credentials, but they're always sent for
-// same-origin requests. Additional information is needed to handle
-// cross-origin redirects correctly.
-enum CredentialRequest {
- ClientRequestedCredentials,
- ClientDidNotRequestCredentials
-};
-
</del><span class="cx"> } // namespace WebCore
</span><span class="cx">
</span><span class="cx"> #endif // ResourceHandleTypes_h
</span></span></pre></div>
<a id="trunkSourceWebCorexmlXMLHttpRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (202814 => 202815)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp 2016-07-05 06:43:42 UTC (rev 202814)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp 2016-07-05 07:59:20 UTC (rev 202815)
</span><span class="lines">@@ -713,7 +713,7 @@
</span><span class="cx"> options.setSniffContent(DoNotSniffContent);
</span><span class="cx"> options.preflightPolicy = uploadEvents ? ForcePreflight : ConsiderPreflight;
</span><span class="cx"> options.setAllowCredentials((m_sameOriginRequest || m_includeCredentials) ? AllowStoredCredentials : DoNotAllowStoredCredentials);
</span><del>- options.setCredentialRequest(m_includeCredentials ? ClientRequestedCredentials : ClientDidNotRequestCredentials);
</del><ins>+ options.credentials = m_includeCredentials ? FetchOptions::Credentials::Include : FetchOptions::Credentials::SameOrigin;
</ins><span class="cx"> options.crossOriginRequestPolicy = UseAccessControl;
</span><span class="cx"> options.contentSecurityPolicyEnforcement = scriptExecutionContext()->shouldBypassMainWorldContentSecurityPolicy() ? ContentSecurityPolicyEnforcement::DoNotEnforce : ContentSecurityPolicyEnforcement::EnforceConnectSrcDirective;
</span><span class="cx"> options.initiator = cachedResourceRequestInitiators().xmlhttprequest;
</span></span></pre>
</div>
</div>
</body>
</html>