[webkit-changes] [WebKit/WebKit] 930a87: Mark request as same-site when we have a matching ...

[Commit Queue]

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 930a87998c722414706d546c1f9dfc123fc62daa
      
https://github.com/WebKit/WebKit/commit/930a87998c722414706d546c1f9dfc123fc62daa
  Author: Matthew Finkel <m_fin...@apple.com>
  Date:   2024-03-12 (Tue, 12 Mar 2024)

  Changed paths:
    M Source/WebCore/loader/FrameLoader.cpp
    M Source/WebCore/loader/FrameLoader.h
    M Source/WebCore/page/Page.h
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKHTTPCookieStore.mm

  Log Message:
  -----------
  Mark request as same-site when we have a matching CORS-disabling pattern
https://bugs.webkit.org/show_bug.cgi?id=270830
rdar://123848604

Reviewed by Alex Christensen.

Some requests can be considered as same-site, even if they aren't according to
the spec, just like we disble CORS for some requests that are cross-origin. We
can leverage the existing CORS-Disabling patterns to decide when a request
should be considered same-site.

Covered by a new API test.

* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::setOriginalURLForDownloadRequest):
(WebCore::FrameLoader::updateRequestAndAddExtraFields):
(WebCore::FrameLoader::addSameSiteInfoToRequestIfNeeded):
* Source/WebCore/loader/FrameLoader.h:
* Source/WebCore/page/Page.h:
(WebCore::Page::shouldAssumeSameSiteForRequestTo const):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKHTTPCookieStore.mm:
(TEST):

Canonical link: https://commits.webkit.org/276015@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes