Following on bug 161389, http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html is flaky as a redirectResponse is sent both to SubresourceLoader::willSendRequestInternal and SubresourceLoader::didReceiveResponse. The first call marks the resource as as cross-origin as the redirection (same-origin) redirects to a cross-origin resource. The second then checks for CORS on the same redirection.
Created attachment 288019 [details] Patch
Created attachment 288020 [details] Patch
Comment on attachment 288020 [details] Patch Clearing flags on attachment: 288020 Committed r205481: <http://trac.webkit.org/changeset/205481>
All reviewed patches have been landed. Closing bug.