Bug 159263 - Pass SecurityOrigin as references in CORS check code
Summary: Pass SecurityOrigin as references in CORS check code
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-29 08:08 PDT by youenn fablet
Modified: 2016-06-29 23:29 PDT (History)
1 user (show)

See Also:


Attachments
Patch (21.85 KB, patch)
2016-06-29 08:12 PDT, youenn fablet
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description youenn fablet 2016-06-29 08:08:17 PDT
Pass SecurityOrigin as references in CORS check code
Comment 1 youenn fablet 2016-06-29 08:12:26 PDT
Created attachment 282346 [details]
Patch
Comment 2 Alex Christensen 2016-06-29 09:40:03 PDT
Comment on attachment 282346 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=282346&action=review

This is indeed no change in behavior.  If there's no security origin when doing CORS checks, something has gone horribly wrong

> Source/WebCore/loader/DocumentThreadableLoader.cpp:448
> +    ASSERT(m_document.securityOrigin());

Don't we only need this to be true if m_origin is non-null?
Comment 3 youenn fablet 2016-06-29 13:22:41 PDT
Thanks for the review.

> > Source/WebCore/loader/DocumentThreadableLoader.cpp:448
> > +    ASSERT(m_document.securityOrigin());
> 
> Don't we only need this to be true if m_origin is non-null?

Right, strictly speaking, the assertion is too wide.
At the same time, having a non-null origin and a document with a null origin sounds worrying.
Comment 4 WebKit Commit Bot 2016-06-29 23:29:22 PDT
Comment on attachment 282346 [details]
Patch

Clearing flags on attachment: 282346

Committed r202674: <http://trac.webkit.org/changeset/202674>
Comment 5 WebKit Commit Bot 2016-06-29 23:29:26 PDT
All reviewed patches have been landed.  Closing bug.