Diff
Modified: trunk/LayoutTests/ChangeLog (206008 => 206009)
--- trunk/LayoutTests/ChangeLog 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/LayoutTests/ChangeLog 2016-09-16 07:33:44 UTC (rev 206009)
@@ -1,3 +1,13 @@
+2016-09-16 Youenn Fablet <[email protected]>
+
+ [Fetch API] Referrer and Origin header should not be considered as safe request headers
+ https://bugs.webkit.org/show_bug.cgi?id=161902
+
+ Reviewed by Sam Weinig.
+
+ * http/tests/fetch/fetch-cors-with-referrer-expected.txt: Added.
+ * http/tests/fetch/fetch-cors-with-referrer.html: Added.
+
2016-09-13 Jer Noble <[email protected]>
[media-source] web-platform-test/media-source/mediasource-remove.html test failing
Added: trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer-expected.txt (0 => 206009)
--- trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer-expected.txt 2016-09-16 07:33:44 UTC (rev 206009)
@@ -0,0 +1,3 @@
+
+PASS Ensure setting a referrer does not cause preflighting
+
Added: trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer.html (0 => 206009)
--- trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer.html (rev 0)
+++ trunk/LayoutTests/http/tests/fetch/fetch-cors-with-referrer.html 2016-09-16 07:33:44 UTC (rev 206009)
@@ -0,0 +1,22 @@
+<!doctype html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <title>Fetching a cross origin resource with a given referrer</title>
+ <script src=""
+ <script src=""
+ </head>
+ <body>
+ <script>
+promise_test(function(t) {
+ var url = ""
+ return fetch(url, {"mode": "cors", "referrer": "http://127.0.0.1:8000/referrer"}).then((response) => {
+ assert_equals(response.type, "cors");
+ return response.arrayBuffer().then((arrayBuffer) => {
+ assert_true(arrayBuffer.byteLength > 0);
+ });
+ });
+}, 'Ensure setting a referrer does not cause preflighting');
+ </script>
+ </body>
+</html>
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (206008 => 206009)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2016-09-16 07:33:44 UTC (rev 206009)
@@ -1,3 +1,16 @@
+2016-09-16 Youenn Fablet <[email protected]>
+
+ [Fetch API] Referrer and Origin header should not be considered as safe request headers
+ https://bugs.webkit.org/show_bug.cgi?id=161902
+
+ Reviewed by Sam Weinig.
+
+ * web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker-expected.txt:
+ * web-platform-tests/fetch/api/cors/cors-preflight-referrer.js:
+ (corsPreflightReferrer): Adding check of the preflight Access-Control-Request-Headers header value.
+ Added new tests to check for non-default referrer values.
+
2016-09-14 Chris Dumez <[email protected]>
Add support hr.color IDL attribute
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt (206008 => 206009)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-expected.txt 2016-09-16 07:33:44 UTC (rev 206009)
@@ -1,7 +1,12 @@
-PASS Referrer policy: no-referrer
-PASS Referrer policy: ""
-PASS Referrer policy: origin
-PASS Referrer policy: origin-when-cross-origin
-PASS Referrer policy: unsafe-url
+PASS Referrer policy: no-referrer ('myreferrer' referrer)
+PASS Referrer policy: no-referrer (default referrer)
+PASS Referrer policy: "" ('myreferrer' referrer)
+PASS Referrer policy: "" (default referrer)
+PASS Referrer policy: origin ('myreferrer' referrer)
+PASS Referrer policy: origin (default referrer)
+PASS Referrer policy: origin-when-cross-origin ('myreferrer' referrer)
+PASS Referrer policy: origin-when-cross-origin (default referrer)
+PASS Referrer policy: unsafe-url ('myreferrer' referrer)
+PASS Referrer policy: unsafe-url (default referrer)
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker-expected.txt (206008 => 206009)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker-expected.txt 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer-worker-expected.txt 2016-09-16 07:33:44 UTC (rev 206009)
@@ -1,7 +1,12 @@
-PASS Referrer policy: no-referrer
-PASS Referrer policy: ""
-PASS Referrer policy: origin
-PASS Referrer policy: origin-when-cross-origin
-PASS Referrer policy: unsafe-url
+PASS Referrer policy: no-referrer ('myreferrer' referrer)
+PASS Referrer policy: no-referrer (default referrer)
+PASS Referrer policy: "" ('myreferrer' referrer)
+PASS Referrer policy: "" (default referrer)
+PASS Referrer policy: origin ('myreferrer' referrer)
+PASS Referrer policy: origin (default referrer)
+PASS Referrer policy: origin-when-cross-origin ('myreferrer' referrer)
+PASS Referrer policy: origin-when-cross-origin (default referrer)
+PASS Referrer policy: unsafe-url ('myreferrer' referrer)
+PASS Referrer policy: unsafe-url (default referrer)
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer.js (206008 => 206009)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer.js 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-preflight-referrer.js 2016-09-16 07:33:44 UTC (rev 206009)
@@ -5,12 +5,15 @@
importScripts("../resources/utils.js");
}
-function corsPreflightReferrer(desc, corsUrl, referrerPolicy, expectedReferrer) {
+function corsPreflightReferrer(desc, corsUrl, referrerPolicy, referrer, expectedReferrer) {
var uuid_token = token();
var url = ""
var urlParameters = "?token=" + uuid_token + "&max_age=0";
var requestInit = {"mode": "cors", "referrerPolicy": referrerPolicy};
+ if (referrer)
+ requestInit.referrer = referrer;
+
/* Force preflight */
requestInit["headers"] = {"x-force-preflight": ""};
urlParameters += "&allow_headers=x-force-preflight";
@@ -23,19 +26,27 @@
assert_equals(resp.headers.get("x-did-preflight"), "1", "Preflight request has been made");
assert_equals(resp.headers.get("x-preflight-referrer"), expectedReferrer, "Preflight's referrer is correct");
assert_equals(resp.headers.get("x-referrer"), expectedReferrer, "Request's referrer is correct");
+ assert_equals(resp.headers.get("x-control-request-headers"), "", "Access-Control-Allow-Headers value");
});
});
- }, desc);
+ }, desc + (referrer ? " (default referrer)" : " ('myreferrer' referrer)"));
}
-
var corsUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "preflight.py";
var origin = get_host_info().HTTP_ORIGIN + "/";
-corsPreflightReferrer("Referrer policy: no-referrer", corsUrl, "no-referrer", "");
-corsPreflightReferrer("Referrer policy: \"\"", corsUrl, "", location.toString())
+corsPreflightReferrer("Referrer policy: no-referrer", corsUrl, "no-referrer", undefined, "");
+corsPreflightReferrer("Referrer policy: no-referrer", corsUrl, "no-referrer", "myreferrer", "");
-corsPreflightReferrer("Referrer policy: origin", corsUrl, "origin", origin);
-corsPreflightReferrer("Referrer policy: origin-when-cross-origin", corsUrl, "origin-when-cross-origin", origin);
-corsPreflightReferrer("Referrer policy: unsafe-url", corsUrl, "unsafe-url", location.toString());
+corsPreflightReferrer("Referrer policy: \"\"", corsUrl, "", undefined, location.toString())
+corsPreflightReferrer("Referrer policy: \"\"", corsUrl, "", "myreferrer", new URL("myreferrer", location).toString());
+corsPreflightReferrer("Referrer policy: origin", corsUrl, "origin", undefined, origin);
+corsPreflightReferrer("Referrer policy: origin", corsUrl, "origin", "myreferrer", origin);
+
+corsPreflightReferrer("Referrer policy: origin-when-cross-origin", corsUrl, "origin-when-cross-origin", undefined, origin);
+corsPreflightReferrer("Referrer policy: origin-when-cross-origin", corsUrl, "origin-when-cross-origin", "myreferrer", origin);
+
+corsPreflightReferrer("Referrer policy: unsafe-url", corsUrl, "unsafe-url", undefined, location.toString());
+corsPreflightReferrer("Referrer policy: unsafe-url", corsUrl, "unsafe-url", "myreferrer", new URL("myreferrer", location).toString());
+
done();
Modified: trunk/Source/WebCore/ChangeLog (206008 => 206009)
--- trunk/Source/WebCore/ChangeLog 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/ChangeLog 2016-09-16 07:33:44 UTC (rev 206009)
@@ -1,3 +1,44 @@
+2016-09-16 Youenn Fablet <[email protected]>
+
+ [Fetch API] Referrer and Origin header should not be considered as safe request headers
+ https://bugs.webkit.org/show_bug.cgi?id=161902
+
+ Reviewed by Sam Weinig.
+
+ Test: http/tests/fetch/fetch-cors-with-referrer.html and updated WPT tests.
+
+ Removing Origin and Referrer from safe request headers.
+ Making referrer header setting after preflight for fetch API code path.
+
+ Ensuring that no ThreadableLoader client sets Origin or Referrer headers of the ResourceRequest, as they should use the proper mechanisms for that.
+
+ Handling no-referrer referrer special value by setting the referrer-policy to NoReferrer in FetchLoader.
+
+ * Modules/fetch/FetchLoader.cpp:
+ (WebCore::FetchLoader::start): Computing referrer value and handling special "client"and "no-referrer" cases.
+ Passing the value directly to ThreadableLoader.
+ * Modules/fetch/FetchRequest.cpp:
+ (WebCore::FetchRequest::internalRequest): Removing setting of ResourceRequest referrer header.
+ (WebCore::FetchRequest::clone): Removing obsolete FIXME.
+ * Modules/fetch/FetchRequest.h:
+ * loader/CrossOriginAccessControl.cpp:
+ (WebCore::isOnAccessControlSimpleRequestHeaderWhitelist): Removing Origin and Referrer headers.
+ * loader/DocumentThreadableLoader.cpp:
+ (WebCore::DocumentThreadableLoader::create): Updated to take a referrer as parameter.
+ (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
+ * loader/DocumentThreadableLoader.h: Ditto.
+ * loader/ThreadableLoader.cpp: Ditto.
+ (WebCore::ThreadableLoader::create): Ditto.
+ * loader/ThreadableLoader.h: Ditto.
+ * loader/WorkerThreadableLoader.cpp: Ditto.
+ (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Ditto.
+ (WebCore::WorkerThreadableLoader::loadResourceSynchronously): Ditto.
+ * loader/WorkerThreadableLoader.h: Ditto.
+ (WebCore::WorkerThreadableLoader::create): Ditto.
+ * platform/network/ResourceRequestBase.cpp:
+ (WebCore::ResourceRequestBase::hasHTTPReferrer): Added to enable asserting that no threadable loader client sets the referrer in the request.
+ * platform/network/ResourceRequestBase.h:
+
2016-09-15 Dave Hyatt <[email protected]>
[CSS Parser] Get CSSParserFastPaths.cpp compiling
Modified: trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp (206008 => 206009)
--- trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/Modules/fetch/FetchLoader.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -92,7 +92,14 @@
return;
}
- m_loader = ThreadableLoader::create(context, *this, WTFMove(fetchRequest), options);
+ String referrer = request.internalRequestReferrer();
+ if (referrer == "no-referrer") {
+ options.referrerPolicy = FetchOptions::ReferrerPolicy::NoReferrer;
+ referrer = String();
+ } else
+ referrer = (referrer == "client") ? context.url().strippedForUseAsReferrer() : URL(context.url(), referrer).strippedForUseAsReferrer();
+
+ m_loader = ThreadableLoader::create(context, *this, WTFMove(fetchRequest), options, WTFMove(referrer));
m_isStarted = m_loader;
}
Modified: trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp (206008 => 206009)
--- trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -304,10 +304,6 @@
request.setHTTPHeaderFields(m_headers->internalHeaders());
request.setHTTPBody(body().bodyForInternalRequest(*scriptExecutionContext()));
- // FIXME: Support no-referrer and client. Ensure this case-sensitive comparison is ok.
- if (m_internalRequest.referrer != "no-referrer" && m_internalRequest.referrer != "client")
- request.setHTTPReferrer(URL(URL(), m_internalRequest.referrer).strippedForUseAsReferrer());
-
return request;
}
@@ -318,7 +314,6 @@
return nullptr;
}
- // FIXME: Validate body teeing.
return adoptRef(*new FetchRequest(context, FetchBody(m_body), FetchHeaders::create(m_headers.get()), FetchRequest::InternalRequest(m_internalRequest)));
}
Modified: trunk/Source/WebCore/Modules/fetch/FetchRequest.h (206008 => 206009)
--- trunk/Source/WebCore/Modules/fetch/FetchRequest.h 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/Modules/fetch/FetchRequest.h 2016-09-16 07:33:44 UTC (rev 206009)
@@ -92,6 +92,8 @@
const FetchOptions& fetchOptions() const { return m_internalRequest.options; }
ResourceRequest internalRequest() const;
+ const String& internalRequestReferrer() const { return m_internalRequest.referrer; }
+
private:
FetchRequest(ScriptExecutionContext&, FetchBody&&, Ref<FetchHeaders>&&, InternalRequest&&);
Modified: trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp (206008 => 206009)
--- trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/CrossOriginAccessControl.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -51,8 +51,6 @@
case HTTPHeaderName::Accept:
case HTTPHeaderName::AcceptLanguage:
case HTTPHeaderName::ContentLanguage:
- case HTTPHeaderName::Origin:
- case HTTPHeaderName::Referer:
return true;
case HTTPHeaderName::ContentType: {
// Preflight is required for MIME types that can not be sent via form submission.
Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp (206008 => 206009)
--- trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -76,9 +76,9 @@
return loader;
}
-RefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document& document, ThreadableLoaderClient& client, ResourceRequest&& request, const ThreadableLoaderOptions& options)
+RefPtr<DocumentThreadableLoader> DocumentThreadableLoader::create(Document& document, ThreadableLoaderClient& client, ResourceRequest&& request, const ThreadableLoaderOptions& options, String&& referrer)
{
- return create(document, client, WTFMove(request), options, nullptr, nullptr, String());
+ return create(document, client, WTFMove(request), options, nullptr, nullptr, WTFMove(referrer));
}
DocumentThreadableLoader::DocumentThreadableLoader(Document& document, ThreadableLoaderClient& client, BlockingBehavior blockingBehavior, ResourceRequest&& request, const ThreadableLoaderOptions& options, RefPtr<SecurityOrigin>&& origin, std::unique_ptr<ContentSecurityPolicy>&& contentSecurityPolicy, String&& referrer)
@@ -92,9 +92,12 @@
, m_async(blockingBehavior == LoadAsynchronously)
, m_contentSecurityPolicy(WTFMove(contentSecurityPolicy))
{
- // Setting an outgoing referer is only supported in the async code path.
- ASSERT(m_async || request.httpReferrer().isEmpty());
+ // Setting a referrer header is only supported in the async code path.
+ ASSERT(m_async || m_referrer.isEmpty());
+ // Referrer and Origin headers should be set after the preflight if any.
+ ASSERT(!request.hasHTTPReferrer() && !request.hasHTTPOrigin());
+
ASSERT_WITH_SECURITY_IMPLICATION(isAllowedByContentSecurityPolicy(request.url()));
m_options.allowCredentials = (m_options.credentials == FetchOptions::Credentials::Include || (m_options.credentials == FetchOptions::Credentials::SameOrigin && m_sameOriginRequest)) ? AllowStoredCredentials : DoNotAllowStoredCredentials;
Modified: trunk/Source/WebCore/loader/DocumentThreadableLoader.h (206008 => 206009)
--- trunk/Source/WebCore/loader/DocumentThreadableLoader.h 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/DocumentThreadableLoader.h 2016-09-16 07:33:44 UTC (rev 206009)
@@ -49,7 +49,7 @@
static void loadResourceSynchronously(Document&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&);
static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, RefPtr<SecurityOrigin>&&, std::unique_ptr<ContentSecurityPolicy>&&, String&& referrer);
- static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&);
+ static RefPtr<DocumentThreadableLoader> create(Document&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, String&& referrer = String());
virtual ~DocumentThreadableLoader();
Modified: trunk/Source/WebCore/loader/ThreadableLoader.cpp (206008 => 206009)
--- trunk/Source/WebCore/loader/ThreadableLoader.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/ThreadableLoader.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -59,12 +59,12 @@
{
}
-RefPtr<ThreadableLoader> ThreadableLoader::create(ScriptExecutionContext& context, ThreadableLoaderClient& client, ResourceRequest&& request, const ThreadableLoaderOptions& options)
+RefPtr<ThreadableLoader> ThreadableLoader::create(ScriptExecutionContext& context, ThreadableLoaderClient& client, ResourceRequest&& request, const ThreadableLoaderOptions& options, String&& referrer)
{
if (is<WorkerGlobalScope>(context))
- return WorkerThreadableLoader::create(downcast<WorkerGlobalScope>(context), client, WorkerRunLoop::defaultMode(), WTFMove(request), options);
+ return WorkerThreadableLoader::create(downcast<WorkerGlobalScope>(context), client, WorkerRunLoop::defaultMode(), WTFMove(request), options, referrer);
- return DocumentThreadableLoader::create(downcast<Document>(context), client, WTFMove(request), options);
+ return DocumentThreadableLoader::create(downcast<Document>(context), client, WTFMove(request), options, WTFMove(referrer));
}
void ThreadableLoader::loadResourceSynchronously(ScriptExecutionContext& context, ResourceRequest&& request, ThreadableLoaderClient& client, const ThreadableLoaderOptions& options)
Modified: trunk/Source/WebCore/loader/ThreadableLoader.h (206008 => 206009)
--- trunk/Source/WebCore/loader/ThreadableLoader.h 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/ThreadableLoader.h 2016-09-16 07:33:44 UTC (rev 206009)
@@ -80,7 +80,7 @@
WTF_MAKE_NONCOPYABLE(ThreadableLoader);
public:
static void loadResourceSynchronously(ScriptExecutionContext&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&);
- static RefPtr<ThreadableLoader> create(ScriptExecutionContext&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&);
+ static RefPtr<ThreadableLoader> create(ScriptExecutionContext&, ThreadableLoaderClient&, ResourceRequest&&, const ThreadableLoaderOptions&, String&& referrer = String());
virtual void cancel() = 0;
void ref() { refThreadableLoader(); }
Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp (206008 => 206009)
--- trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -50,10 +50,10 @@
static const char loadResourceSynchronouslyMode[] = "loadResourceSynchronouslyMode";
-WorkerThreadableLoader::WorkerThreadableLoader(WorkerGlobalScope& workerGlobalScope, ThreadableLoaderClient& client, const String& taskMode, ResourceRequest&& request, const ThreadableLoaderOptions& options)
+WorkerThreadableLoader::WorkerThreadableLoader(WorkerGlobalScope& workerGlobalScope, ThreadableLoaderClient& client, const String& taskMode, ResourceRequest&& request, const ThreadableLoaderOptions& options, const String& referrer)
: m_workerGlobalScope(workerGlobalScope)
, m_workerClientWrapper(ThreadableLoaderClientWrapper::create(client))
- , m_bridge(*new MainThreadBridge(m_workerClientWrapper.get(), workerGlobalScope.thread().workerLoaderProxy(), taskMode, WTFMove(request), options, workerGlobalScope.url().strippedForUseAsReferrer(), workerGlobalScope.securityOrigin(), workerGlobalScope.contentSecurityPolicy()))
+ , m_bridge(*new MainThreadBridge(m_workerClientWrapper.get(), workerGlobalScope.thread().workerLoaderProxy(), taskMode, WTFMove(request), options, referrer.isEmpty() ? workerGlobalScope.url().strippedForUseAsReferrer() : referrer, workerGlobalScope.securityOrigin(), workerGlobalScope.contentSecurityPolicy()))
{
}
@@ -70,7 +70,7 @@
String mode = loadResourceSynchronouslyMode;
mode.append(String::number(runLoop.createUniqueId()));
- RefPtr<WorkerThreadableLoader> loader = WorkerThreadableLoader::create(workerGlobalScope, client, mode, WTFMove(request), options);
+ RefPtr<WorkerThreadableLoader> loader = WorkerThreadableLoader::create(workerGlobalScope, client, mode, WTFMove(request), options, String());
MessageQueueWaitResult result = MessageQueueMessageReceived;
while (!loader->done() && result != MessageQueueTerminated)
result = runLoop.runInMode(&workerGlobalScope, mode);
Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.h (206008 => 206009)
--- trunk/Source/WebCore/loader/WorkerThreadableLoader.h 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.h 2016-09-16 07:33:44 UTC (rev 206009)
@@ -50,9 +50,9 @@
WTF_MAKE_FAST_ALLOCATED;
public:
static void loadResourceSynchronously(WorkerGlobalScope&, ResourceRequest&&, ThreadableLoaderClient&, const ThreadableLoaderOptions&);
- static Ref<WorkerThreadableLoader> create(WorkerGlobalScope& workerGlobalScope, ThreadableLoaderClient& client, const String& taskMode, ResourceRequest&& request, const ThreadableLoaderOptions& options)
+ static Ref<WorkerThreadableLoader> create(WorkerGlobalScope& workerGlobalScope, ThreadableLoaderClient& client, const String& taskMode, ResourceRequest&& request, const ThreadableLoaderOptions& options, const String& referrer)
{
- return adoptRef(*new WorkerThreadableLoader(workerGlobalScope, client, taskMode, WTFMove(request), options));
+ return adoptRef(*new WorkerThreadableLoader(workerGlobalScope, client, taskMode, WTFMove(request), options, referrer));
}
~WorkerThreadableLoader();
@@ -120,7 +120,7 @@
String m_taskMode;
};
- WorkerThreadableLoader(WorkerGlobalScope&, ThreadableLoaderClient&, const String& taskMode, ResourceRequest&&, const ThreadableLoaderOptions&);
+ WorkerThreadableLoader(WorkerGlobalScope&, ThreadableLoaderClient&, const String& taskMode, ResourceRequest&&, const ThreadableLoaderOptions&, const String& referrer);
Ref<WorkerGlobalScope> m_workerGlobalScope;
Ref<ThreadableLoaderClientWrapper> m_workerClientWrapper;
Modified: trunk/Source/WebCore/platform/network/ResourceRequestBase.cpp (206008 => 206009)
--- trunk/Source/WebCore/platform/network/ResourceRequestBase.cpp 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/platform/network/ResourceRequestBase.cpp 2016-09-16 07:33:44 UTC (rev 206009)
@@ -288,6 +288,11 @@
return httpHeaderField(HTTPHeaderName::Referer);
}
+bool ResourceRequestBase::hasHTTPReferrer() const
+{
+ return m_httpHeaderFields.contains(HTTPHeaderName::Referer);
+}
+
void ResourceRequestBase::setHTTPReferrer(const String& httpReferrer)
{
setHTTPHeaderField(HTTPHeaderName::Referer, httpReferrer);
Modified: trunk/Source/WebCore/platform/network/ResourceRequestBase.h (206008 => 206009)
--- trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2016-09-16 00:56:14 UTC (rev 206008)
+++ trunk/Source/WebCore/platform/network/ResourceRequestBase.h 2016-09-16 07:33:44 UTC (rev 206009)
@@ -98,6 +98,7 @@
void clearHTTPContentType();
WEBCORE_EXPORT String httpReferrer() const;
+ bool hasHTTPReferrer() const;
WEBCORE_EXPORT void setHTTPReferrer(const String&);
WEBCORE_EXPORT void clearHTTPReferrer();
