[webkit-reviews] review requested: [Bug 28134] Move Access Control out of XMLHttpRequest : [Attachment 34803] One more time patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Aug 13 20:10:41 PDT 2009

Aaron Boodman <aa at chromium.org> has asked  for review:
Bug 28134: Move Access Control out of XMLHttpRequest

Attachment 34803: One more time patch

------- Additional Comments from Aaron Boodman <aa at chromium.org>
Argh. I was accidentally not running all the tests and missed one failure. It
turned out to be rather important, WorkerScriptLoader delegates to
DocumentThreadableLoader, and he wants all cross-origin requests to succeed,
without any access control being needed.

So I introduced a new enum, CrossOriginRequestPolicy, to go with
CrossOriginRedirectPolicy, which callers to DocumentThreadableLoader can use to
indicate how they want cross-origin requests to be handled: deny, allow, or use
access control.

More information about the webkit-reviews mailing list