[Webkit-unassigned] [Bug 64580] Add support for download='filename' in anchors

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jul 16 23:19:08 PDT 2011


https://bugs.webkit.org/show_bug.cgi?id=64580





--- Comment #27 from Adam Barth <abarth at webkit.org>  2011-07-16 23:19:08 PST ---
(From update of attachment 101111)
View in context: https://bugs.webkit.org/attachment.cgi?id=101111&action=review

>> Source/WebCore/loader/FrameLoader.cpp:1243
>> +    if (!referrer.isEmpty()) {
>> +        request.setHTTPReferrer(referrer);
>> +        RefPtr<SecurityOrigin> referrerOrigin = SecurityOrigin::createFromString(referrer);
>> +        addHTTPOriginIfNeeded(request, referrerOrigin->toString());
>> +    } else
> 
> Why are we adding an Origin header to GET requests?  Normally we don't do that unless we're using CORS.  This request doesn't seem to be a CORS request, however, because it's not using the CORS functions for preparing the request (which do things like remove authentication information).

The more I think about this code, the more I realize that it's not correct.  For example, if the document is sandboxed (e.g., with the HTML5 sandbox attribute), this code will give use a non-"null" Origin header, which is wrong because the document is in a unique origin.  Instead, assuming we want to add an Origin header, we should generate the header from the document's SecurityOrigin object instead of creating a fake one from the Referer.  That will do the right thing in all cases, and is what the updateRequestForAccessControl function does.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list