[Webkit-unassigned] [Bug 110880] Cross-origin XSLT requests with CORS should be allowed
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 4 15:38:19 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=110880
--- Comment #9 from Raphael Kubo da Costa (rakuco, Intel) <rakuco at webkit.org> 2013-03-04 15:40:43 PST ---
(In reply to comment #8)
> Doing anonymous requests is probably better so that folks can use Access-Control-Allow-Origin: *
I'm currently having some trouble with redirects; namely, the ResourceRequest used when requesting a CachedXSLResource is not the one used when the network backend reports a redirect to the loader. This means that even if I, say, write some code in SubresourceLoader::willSendRequest to call updateRequestForAccessControl() the ResourceRequest that I eventually use in ProcessingInstruction::setXSLStyleSheet() has not been changed, and calling something like passesAccessControlCheck() may fail.
Is this really intentional and I'm missing something obvious? Is one really supposed to change both CachedResourceLoader and something like SubresourceLoader to treat both original requests and redirects (I had thought both went through a similar code path)?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list