[webkit-reviews] review requested: [Bug 209066] Take into account referrer-policy in append Origin header algorithm : [Attachment 394476] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 25 03:12:22 PDT 2020
Rob Buis <rbuis at igalia.com> has asked for review:
Bug 209066: Take into account referrer-policy in append Origin header algorithm
https://bugs.webkit.org/show_bug.cgi?id=209066
Attachment 394476: Patch
https://bugs.webkit.org/attachment.cgi?id=394476&action=review
--- Comment #12 from Rob Buis <rbuis at igalia.com> ---
Comment on attachment 394476
--> https://bugs.webkit.org/attachment.cgi?id=394476
Patch
After the discussion yesterday, I had a new idea, to add a canSetHTTPOrigin
method in ResourceRequest.
This will allow the computing of the SecurityOrigin to be done only if needed.
I inlined addHTTPOriginIfNeeded in place, if that is too much we can keep
addHTTPOriginIfNeeded and make the call sites a bit smaller.
addHTTPOriginIfNeeded would assert canSetHTTPOrigin is true and then compute
SecurityOrigin and call setHTTPOrigin.
Note that the ultimate goal is too minimize the number of places where we set
the origin, ideally it will just be in updateReferrerOriginAndUserAgentHeaders
and loadResourceSynchronously.
More information about the webkit-reviews
mailing list