[webkit-reviews] review granted: [Bug 208800] Implement wildcard behavior for Cross-Origin-Expose-Headers : [Attachment 393345] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 12 03:04:00 PDT 2020
youenn fablet <youennf at gmail.com> has granted Rob Buis <rbuis at igalia.com>'s
request for review:
Bug 208800: Implement wildcard behavior for Cross-Origin-Expose-Headers
https://bugs.webkit.org/show_bug.cgi?id=208800
Attachment 393345: Patch
https://bugs.webkit.org/attachment.cgi?id=393345&action=review
--- Comment #13 from youenn fablet <youennf at gmail.com> ---
Comment on attachment 393345
--> https://bugs.webkit.org/attachment.cgi?id=393345
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=393345&action=review
> Source/WebCore/Modules/fetch/FetchResponse.cpp:59
> + fetchResponse->m_filteredResponse =
ResourceResponseBase::filter(fetchResponse->m_internalResponse,
ResourceResponse::PerformExposeAllHeadersCheck::Yes);
We might want some tests for this one as well.
This might be testable using DOMCache or response clone.
> Source/WebCore/Modules/fetch/FetchResponse.cpp:250
> if (!response->m_bodyLoader->start(context, request))
Let's have body loader computes this in start, this will remove
performExposeAllHeadersCheck().
I would have body loader store the credentials mode and compute whether doing
the check based on that in didReceiveResponse.
> Source/WebCore/loader/DocumentThreadableLoader.cpp:396
> + m_client->didReceiveResponse(identifier,
ResourceResponseBase::filter(response, m_options.credentials ==
FetchOptions::Credentials::Include ?
ResourceResponse::PerformExposeAllHeadersCheck::No :
ResourceResponse::PerformExposeAllHeadersCheck::Yes));
s/ResourceResponseBase/ResourceResponse/
> Source/WebCore/loader/DocumentThreadableLoader.cpp:469
> + m_client->didReceiveResponse(identifier,
ResourceResponseBase::filter(response, m_options.credentials ==
FetchOptions::Credentials::Include ?
ResourceResponse::PerformExposeAllHeadersCheck::No :
ResourceResponse::PerformExposeAllHeadersCheck::Yes));
s/ResourceResponseBase/ResourceResponse/
More information about the webkit-reviews
mailing list