[webkit-reviews] review requested: [Bug 28134] Move Access Control out of XMLHttpRequest : [Attachment 34803] One more time patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 13 20:10:41 PDT 2009
Aaron Boodman <aa at chromium.org> has asked for review:
Bug 28134: Move Access Control out of XMLHttpRequest
https://bugs.webkit.org/show_bug.cgi?id=28134
Attachment 34803: One more time patch
https://bugs.webkit.org/attachment.cgi?id=34803&action=review
------- Additional Comments from Aaron Boodman <aa at chromium.org>
Argh. I was accidentally not running all the tests and missed one failure. It
turned out to be rather important, WorkerScriptLoader delegates to
DocumentThreadableLoader, and he wants all cross-origin requests to succeed,
without any access control being needed.
So I introduced a new enum, CrossOriginRequestPolicy, to go with
CrossOriginRedirectPolicy, which callers to DocumentThreadableLoader can use to
indicate how they want cross-origin requests to be handled: deny, allow, or use
access control.
More information about the webkit-reviews
mailing list