Bug 205534

Summary: Add SPI to disable CORS on requests to URLs matching a pattern
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, dbates, ews-watchlist, japhet, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch cdumez: review+, cdumez: commit-queue-

Alex Christensen
Reported 2019-12-20 17:57:47 PST
Add SPI to disable CORS on requests to URLs matching a pattern
Attachments
Patch (17.57 KB, patch)
2019-12-20 18:21 PST, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (17.55 KB, patch)
2019-12-21 00:31 PST, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (17.62 KB, patch)
2019-12-21 07:56 PST, Alex Christensen 		cdumez: review+
cdumez: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Alex Christensen
Comment 1 2019-12-20 18:21:00 PST
Created attachment 386285 [details] Patch
Alex Christensen
Comment 2 2019-12-20 18:21:04 PST
<rdar://problem/58011337>
Alex Christensen
Comment 3 2019-12-21 00:31:17 PST
Created attachment 386293 [details] Patch
Alex Christensen
Comment 4 2019-12-21 07:56:11 PST
Created attachment 386296 [details] Patch
Chris Dumez
Comment 5 2020-01-02 11:57:30 PST
Comment on attachment 386296 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386296&action=review r=me > Source/WebCore/loader/DocumentThreadableLoader.cpp:156 > + bool disableCORS = document.isRunningUserScripts() && LegacySchemeRegistry::isUserExtensionScheme(request.url().protocol().toStringWithoutCopying()); s/disableCORS/shouldDisableCORS > Source/WebCore/page/Page.cpp:338 > + } Shouldn't we shrinkToFit() afterwards? > Source/WebCore/page/Page.cpp:3102 > + for (const auto& pattern : m_corsDisablingPatterns) { Could be written using WTF::anyOf() > Source/WebKit/UIProcess/API/APIPageConfiguration.h:138 > + const Vector<WTF::String> corsDisablingPatterns() const { return m_corsDisablingPatterns; } const Vector<WTF::String>& for return value.
Alex Christensen
Comment 6 2020-01-02 13:14:15 PST
http://trac.webkit.org/r253978
Note You need to log in before you can comment on or make changes to this bug.