Summary: | Add SPI to disable CORS on requests to URLs matching a pattern | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Alex Christensen <achristensen> | ||||||||
Component: | New Bugs | Assignee: | Alex Christensen <achristensen> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | cdumez, dbates, ews-watchlist, japhet, webkit-bug-importer | ||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||
Version: | WebKit Nightly Build | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Attachments: |
|
Description
Alex Christensen
2019-12-20 17:57:47 PST
Created attachment 386285 [details]
Patch
Created attachment 386293 [details]
Patch
Created attachment 386296 [details]
Patch
Comment on attachment 386296 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386296&action=review r=me > Source/WebCore/loader/DocumentThreadableLoader.cpp:156 > + bool disableCORS = document.isRunningUserScripts() && LegacySchemeRegistry::isUserExtensionScheme(request.url().protocol().toStringWithoutCopying()); s/disableCORS/shouldDisableCORS > Source/WebCore/page/Page.cpp:338 > + } Shouldn't we shrinkToFit() afterwards? > Source/WebCore/page/Page.cpp:3102 > + for (const auto& pattern : m_corsDisablingPatterns) { Could be written using WTF::anyOf() > Source/WebKit/UIProcess/API/APIPageConfiguration.h:138 > + const Vector<WTF::String> corsDisablingPatterns() const { return m_corsDisablingPatterns; } const Vector<WTF::String>& for return value. |