Skip to site navigation (Press enter)

[webkit-changes] [252127] trunk/Source/WebCore

youenn Wed, 06 Nov 2019 00:29:44 -0800

Title: [252127] trunk/Source/WebCore

Revision: 252127
Author: you...@apple.com
Date: 2019-11-06 00:28:28 -0800 (Wed, 06 Nov 2019)

Log Message

There is no need to clean the content type header of a request if it is null
https://bugs.webkit.org/show_bug.cgi?id=203853


Reviewed by Geoffrey Garen.

No change of behavior.

* loader/CrossOriginAccessControl.cpp:
(WebCore::cleanHTTPRequestHeadersForAccessControl):
Stop early if content type is null so that we do not log an error that is not a real error.

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (252126 => 252127)


--- trunk/Source/WebCore/ChangeLog	2019-11-06 08:06:32 UTC (rev 252126)
+++ trunk/Source/WebCore/ChangeLog	2019-11-06 08:28:28 UTC (rev 252127)
@@ -1,3 +1,16 @@
+2019-11-06  youenn fablet  <you...@apple.com>
+
+        There is no need to clean the content type header of a request if it is null
+        https://bugs.webkit.org/show_bug.cgi?id=203853
+
+        Reviewed by Geoffrey Garen.
+
+        No change of behavior.
+
+        * loader/CrossOriginAccessControl.cpp:
+        (WebCore::cleanHTTPRequestHeadersForAccessControl):
+        Stop early if content type is null so that we do not log an error that is not a real error.
+
 2019-11-05  Ryosuke Niwa  <rn...@webkit.org>
 
         Integrate visualViewport's resize event with HTML5 event loop

Modified: trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp (252126 => 252127)


--- trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp	2019-11-06 08:06:32 UTC (rev 252126)
+++ trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp	2019-11-06 08:28:28 UTC (rev 252127)
@@ -153,8 +153,11 @@
 void cleanHTTPRequestHeadersForAccessControl(ResourceRequest& request, OptionSet<HTTPHeadersToKeepFromCleaning> headersToKeep)
 {
     // Remove headers that may have been added by the network layer that cause access control to fail.
-    if (!headersToKeep.contains(HTTPHeadersToKeepFromCleaning::ContentType) && !isCrossOriginSafeRequestHeader(HTTPHeaderName::ContentType, request.httpContentType()))
-        request.clearHTTPContentType();
+    if (!headersToKeep.contains(HTTPHeadersToKeepFromCleaning::ContentType)) {
+        auto contentType = request.httpContentType();
+        if (!contentType.isNull() && !isCrossOriginSafeRequestHeader(HTTPHeaderName::ContentType, contentType))
+            request.clearHTTPContentType();
+    }
     if (!headersToKeep.contains(HTTPHeadersToKeepFromCleaning::Referer))
         request.clearHTTPReferrer();
     if (!headersToKeep.contains(HTTPHeadersToKeepFromCleaning::Origin))

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes