Diff
Modified: trunk/Source/WebCore/ChangeLog (202810 => 202811)
--- trunk/Source/WebCore/ChangeLog 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/ChangeLog 2016-07-04 18:36:30 UTC (rev 202811)
@@ -1,5 +1,51 @@
2016-07-04 Youenn Fablet <[email protected]>
+ Remove RequestOriginPolicy from ResourceLoaderOptions
+ https://bugs.webkit.org/show_bug.cgi?id=159406
+
+ Reviewed by Sam Weinig.
+
+ Using FetchOptions::mode in lieu of ResourceLoaderOptions::RequestOriginPolicy.
+ The cors, no-cors and same-origin values match PotentiallyCrossOriginEnabled,
+ UseDefaultOriginRestrictionsForType and RestrictToSameOrigin, default being
+ cors/UseDefaultOriginRestrictionsForType as per fetch specification.
+
+ No change of behavior.
+
+ * css/CSSImageSetValue.cpp:
+ (WebCore::CSSImageSetValue::cachedImageSet):
+ * css/CSSImageValue.cpp:
+ (WebCore::CSSImageValue::cachedImage):
+ * loader/DocumentLoader.cpp:
+ (WebCore::DocumentLoader::startLoadingMainResource):
+ * loader/MediaResourceLoader.cpp:
+ (WebCore::MediaResourceLoader::requestResource):
+ * loader/NetscapePlugInStreamLoader.cpp:
+ (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):
+ * loader/ResourceLoaderOptions.h:
+ (WebCore::ResourceLoaderOptions::ResourceLoaderOptions):
+ (WebCore::ResourceLoaderOptions::requestOriginPolicy): Deleted.
+ (WebCore::ResourceLoaderOptions::setRequestOriginPolicy): Deleted.
+ * loader/SubresourceLoader.cpp:
+ (WebCore::SubresourceLoader::init):
+ (WebCore::SubresourceLoader::willSendRequestInternal):
+ * loader/cache/CachedResourceLoader.cpp:
+ (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
+ (WebCore::CachedResourceLoader::canRequest):
+ (WebCore::CachedResourceLoader::defaultCachedResourceOptions):
+ * loader/cache/CachedResourceRequest.cpp:
+ (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
+ * loader/icon/IconLoader.cpp:
+ (WebCore::IconLoader::startLoading):
+ * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
+ (WebCore::WebCoreAVCFResourceLoader::startLoading):
+ * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
+ (WebCore::WebCoreAVFResourceLoader::startLoading):
+ * style/StylePendingResources.cpp:
+ (WebCore::Style::loadPendingImage):
+
+2016-07-04 Youenn Fablet <[email protected]>
+
Shield WebRTC JS built-ins from user scripts
https://bugs.webkit.org/show_bug.cgi?id=155964
Modified: trunk/Source/WebCore/css/CSSImageSetValue.cpp (202810 => 202811)
--- trunk/Source/WebCore/css/CSSImageSetValue.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/css/CSSImageSetValue.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -118,7 +118,7 @@
ImageWithScale image = bestImageForScaleFactor();
CachedResourceRequest request(ResourceRequest(document->completeURL(image.imageURL)), options);
request.setInitiator(cachedResourceRequestInitiators().css);
- if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
+ if (options.mode == FetchOptions::Mode::Cors) {
ASSERT(document->securityOrigin());
updateRequestForAccessControl(request.mutableResourceRequest(), *document->securityOrigin(), options.allowCredentials());
}
Modified: trunk/Source/WebCore/css/CSSImageValue.cpp (202810 => 202811)
--- trunk/Source/WebCore/css/CSSImageValue.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/css/CSSImageValue.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -82,7 +82,7 @@
else
request.setInitiator(m_initiatorName);
- if (options.requestOriginPolicy() == PotentiallyCrossOriginEnabled) {
+ if (options.mode == FetchOptions::Mode::Cors) {
ASSERT(loader.document()->securityOrigin());
updateRequestForAccessControl(request.mutableResourceRequest(), *loader.document()->securityOrigin(), options.allowCredentials());
}
Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/DocumentLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -1510,7 +1510,7 @@
// If this is a reload the cache layer might have made the previous request conditional. DocumentLoader can't handle 304 responses itself.
request.makeUnconditional();
- static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
+ static NeverDestroyed<ResourceLoaderOptions> mainResourceLoadOptions(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, IncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
CachedResourceRequest cachedResourceRequest(request, mainResourceLoadOptions);
cachedResourceRequest.setInitiator(*this);
m_mainResource = m_cachedResourceLoader->requestMainResource(cachedResourceRequest);
Modified: trunk/Source/WebCore/loader/MediaResourceLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/MediaResourceLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/MediaResourceLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -63,7 +63,7 @@
return nullptr;
DataBufferingPolicy bufferingPolicy = options & LoadOption::BufferData ? WebCore::BufferData : WebCore::DoNotBufferData;
- RequestOriginPolicy corsPolicy = !m_crossOriginMode.isNull() ? PotentiallyCrossOriginEnabled : UseDefaultOriginRestrictionsForType;
+ FetchOptions::Mode corsPolicy = !m_crossOriginMode.isNull() ? FetchOptions::Mode::Cors : FetchOptions::Mode::NoCors;
auto cachingPolicy = options & LoadOption::DisallowCaching ? CachingPolicy::DisallowCaching : CachingPolicy::AllowCaching;
StoredCredentials allowCredentials = m_crossOriginMode.isNull() || equalLettersIgnoringASCIICase(m_crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;
@@ -72,7 +72,7 @@
#if HAVE(AVFOUNDATION_LOADER_DELEGATE) && PLATFORM(MAC)
// FIXME: Workaround for <rdar://problem/26071607>. We are not able to do CORS checking on 304 responses because they
// are usually missing the headers we need.
- if (corsPolicy == PotentiallyCrossOriginEnabled)
+ if (corsPolicy == FetchOptions::Mode::Cors)
updatedRequest.makeUnconditional();
#endif
Modified: trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/NetscapePlugInStreamLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -43,7 +43,7 @@
// FIXME: Skip Content Security Policy check when associated plugin element is in a user agent shadow tree.
// See <https://bugs.webkit.org/show_bug.cgi?id=146663>.
NetscapePlugInStreamLoader::NetscapePlugInStreamLoader(Frame& frame, NetscapePlugInStreamLoaderClient& client)
- : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
+ : ResourceLoader(frame, ResourceLoaderOptions(SendCallbacks, SniffContent, DoNotBufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching))
, m_client(&client)
{
#if ENABLE(CONTENT_EXTENSIONS)
Modified: trunk/Source/WebCore/loader/ResourceLoaderOptions.h (202810 => 202811)
--- trunk/Source/WebCore/loader/ResourceLoaderOptions.h 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/ResourceLoaderOptions.h 2016-07-04 18:36:30 UTC (rev 202811)
@@ -55,12 +55,6 @@
DoSecurityCheck
};
-enum RequestOriginPolicy {
- UseDefaultOriginRestrictionsForType,
- RestrictToSameOrigin,
- PotentiallyCrossOriginEnabled // Indicates "potentially CORS-enabled fetch" in HTML standard.
-};
-
enum CertificateInfoPolicy {
IncludeCertificateInfo,
DoNotIncludeCertificateInfo
@@ -90,12 +84,11 @@
, m_clientCredentialPolicy(DoNotAskClientForAnyCredentials)
, m_credentialRequest(ClientDidNotRequestCredentials)
, m_securityCheck(DoSecurityCheck)
- , m_requestOriginPolicy(UseDefaultOriginRestrictionsForType)
, m_certificateInfoPolicy(DoNotIncludeCertificateInfo)
{
}
- ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, RequestOriginPolicy requestOriginPolicy, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
+ ResourceLoaderOptions(SendCallbackPolicy sendLoadCallbacks, ContentSniffingPolicy sniffContent, DataBufferingPolicy dataBufferingPolicy, StoredCredentials allowCredentials, ClientCredentialPolicy credentialPolicy, CredentialRequest credentialRequest, SecurityCheckPolicy securityCheck, FetchOptions::Mode mode, CertificateInfoPolicy certificateInfoPolicy, ContentSecurityPolicyImposition contentSecurityPolicyImposition, DefersLoadingPolicy defersLoadingPolicy, CachingPolicy cachingPolicy)
: m_sendLoadCallbacks(sendLoadCallbacks)
, m_sniffContent(sniffContent)
, m_dataBufferingPolicy(dataBufferingPolicy)
@@ -103,12 +96,12 @@
, m_clientCredentialPolicy(credentialPolicy)
, m_credentialRequest(credentialRequest)
, m_securityCheck(securityCheck)
- , m_requestOriginPolicy(requestOriginPolicy)
, m_certificateInfoPolicy(certificateInfoPolicy)
, m_contentSecurityPolicyImposition(contentSecurityPolicyImposition)
, m_defersLoadingPolicy(defersLoadingPolicy)
, m_cachingPolicy(cachingPolicy)
{
+ this->mode = mode;
}
SendCallbackPolicy sendLoadCallbacks() const { return static_cast<SendCallbackPolicy>(m_sendLoadCallbacks); }
@@ -125,8 +118,6 @@
void setCredentialRequest(CredentialRequest credentialRequest) { m_credentialRequest = credentialRequest; }
SecurityCheckPolicy securityCheck() const { return static_cast<SecurityCheckPolicy>(m_securityCheck); }
void setSecurityCheck(SecurityCheckPolicy check) { m_securityCheck = check; }
- RequestOriginPolicy requestOriginPolicy() const { return static_cast<RequestOriginPolicy>(m_requestOriginPolicy); }
- void setRequestOriginPolicy(RequestOriginPolicy policy) { m_requestOriginPolicy = policy; }
CertificateInfoPolicy certificateInfoPolicy() const { return static_cast<CertificateInfoPolicy>(m_certificateInfoPolicy); }
void setCertificateInfoPolicy(CertificateInfoPolicy policy) { m_certificateInfoPolicy = policy; }
ContentSecurityPolicyImposition contentSecurityPolicyImposition() const { return m_contentSecurityPolicyImposition; }
@@ -143,7 +134,6 @@
unsigned m_clientCredentialPolicy : 2; // When we should ask the client for credentials (if we allow credentials at all).
unsigned m_credentialRequest: 1; // Whether the client (e.g. XHR) wanted credentials in the first place.
unsigned m_securityCheck : 1;
- unsigned m_requestOriginPolicy : 2;
unsigned m_certificateInfoPolicy : 1; // Whether the response should include certificate info.
ContentSecurityPolicyImposition m_contentSecurityPolicyImposition { ContentSecurityPolicyImposition::DoPolicyCheck };
DefersLoadingPolicy m_defersLoadingPolicy { DefersLoadingPolicy::AllowDefersLoading };
Modified: trunk/Source/WebCore/loader/SubresourceLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/SubresourceLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/SubresourceLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -150,8 +150,8 @@
// FIXME: https://bugs.webkit.org/show_bug.cgi?id=155633.
// SubresourceLoader could use the document origin as a default and set PotentiallyCrossOriginEnabled requests accordingly.
- // This would simplify resource loader users as they would only need to set the policy to PotentiallyCrossOriginEnabled.
- if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled)
+ // This would simplify resource loader users as they would only need to set fetch mode to Cors.
+ if (options().mode == FetchOptions::Mode::Cors)
m_origin = SecurityOrigin::createFromString(request.httpOrigin());
return true;
@@ -202,7 +202,7 @@
return;
}
- if (options().requestOriginPolicy() == PotentiallyCrossOriginEnabled && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
+ if (options().mode == FetchOptions::Mode::Cors && !checkCrossOriginAccessControl(request(), redirectResponse, newRequest)) {
cancel();
return;
}
Modified: trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/cache/CachedResourceLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -241,7 +241,7 @@
memoryCache.add(*userSheet);
// FIXME: loadResource calls setOwningCachedResourceLoader() if the resource couldn't be added to cache. Does this function need to call it, too?
- userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
+ userSheet->load(*this, ResourceLoaderOptions(DoNotSendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, SkipSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::SkipPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
return userSheet;
}
@@ -411,7 +411,7 @@
#if ENABLE(VIDEO_TRACK)
case CachedResource::TextTrackResource:
#endif
- if (options.requestOriginPolicy() == RestrictToSameOrigin && !m_document->securityOrigin()->canRequest(url)) {
+ if (options.mode == FetchOptions::Mode::SameOrigin && !m_document->securityOrigin()->canRequest(url)) {
printAccessDeniedMessage(url);
return false;
}
@@ -1190,7 +1190,7 @@
const ResourceLoaderOptions& CachedResourceLoader::defaultCachedResourceOptions()
{
- static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
+ static ResourceLoaderOptions options(SendCallbacks, SniffContent, BufferData, AllowStoredCredentials, AskClientForAllCredentials, ClientRequestedCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching);
return options;
}
Modified: trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/cache/CachedResourceRequest.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -95,9 +95,10 @@
void CachedResourceRequest::setAsPotentiallyCrossOrigin(const String& mode, Document& document)
{
+ ASSERT(m_options.mode == FetchOptions::Mode::NoCors);
if (mode.isNull())
return;
- m_options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
+ m_options.mode = FetchOptions::Mode::Cors;
m_options.setAllowCredentials(equalLettersIgnoringASCIICase(mode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials);
ASSERT(document.securityOrigin());
Modified: trunk/Source/WebCore/loader/icon/IconLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/loader/icon/IconLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/loader/icon/IconLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -59,7 +59,7 @@
return;
// ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
- CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
+ CachedResourceRequest request(ResourceRequest(m_frame.loader().icon().url()), ResourceLoaderOptions(SendCallbacks, SniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForAnyCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::AllowCaching));
request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
request.setInitiator(cachedResourceRequestInitiators().icon);
Modified: trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp (202810 => 202811)
--- trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -71,7 +71,7 @@
RetainPtr<CFURLRequestRef> urlRequest = AVCFAssetResourceLoadingRequestGetURLRequest(m_avRequest.get());
// ContentSecurityPolicyImposition::DoPolicyCheck is a placeholder value. It does not affect the request since Content Security Policy does not apply to raw resources.
- CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
+ CachedResourceRequest request(ResourceRequest(urlRequest.get()), ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
CachedResourceLoader* loader = m_parent->player()->cachedResourceLoader();
Modified: trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm (202810 => 202811)
--- trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm 2016-07-04 18:36:30 UTC (rev 202811)
@@ -69,7 +69,7 @@
// FIXME: Skip Content Security Policy check if the element that inititated this request
// is in a user-agent shadow tree. See <https://bugs.webkit.org/show_bug.cgi?id=155505>.
- CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, UseDefaultOriginRestrictionsForType, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
+ CachedResourceRequest request(nsRequest, ResourceLoaderOptions(SendCallbacks, DoNotSniffContent, BufferData, DoNotAllowStoredCredentials, DoNotAskClientForCrossOriginCredentials, ClientDidNotRequestCredentials, DoSecurityCheck, FetchOptions::Mode::NoCors, DoNotIncludeCertificateInfo, ContentSecurityPolicyImposition::DoPolicyCheck, DefersLoadingPolicy::AllowDefersLoading, CachingPolicy::DisallowCaching));
request.mutableResourceRequest().setPriority(ResourceLoadPriority::Low);
if (auto* loader = m_parent->player()->cachedResourceLoader())
m_resource = loader->requestMedia(request);
Modified: trunk/Source/WebCore/style/StylePendingResources.cpp (202810 => 202811)
--- trunk/Source/WebCore/style/StylePendingResources.cpp 2016-07-04 18:31:37 UTC (rev 202810)
+++ trunk/Source/WebCore/style/StylePendingResources.cpp 2016-07-04 18:36:30 UTC (rev 202811)
@@ -52,7 +52,7 @@
// FIXME: Why does shape-outside have different policy than other properties?
if (loadPolicy == LoadPolicy::ShapeOutside) {
- options.setRequestOriginPolicy(PotentiallyCrossOriginEnabled);
+ options.mode = FetchOptions::Mode::Cors;
options.setAllowCredentials(DoNotAllowStoredCredentials);
}
