chromium_src.git - central chromium sources

diff options

author	darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2008-11-20 08:14:39 +0000
committer	darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2008-11-20 08:14:39 +0000
commit	cd5b9a73feb4a4178973ccd571b277fcdd83e590 (patch)
tree	56dee2f3bc2065f4f44b39d3f8dbc25c568a2dde /chrome/browser/login_prompt.h
parent	5103a768ef9ba423590b7417baa3f1bda6daa829 (diff)
download	chromium_src-cd5b9a73feb4a4178973ccd571b277fcdd83e590.zip chromium_src-cd5b9a73feb4a4178973ccd571b277fcdd83e590.tar.gz chromium_src-cd5b9a73feb4a4178973ccd571b277fcdd83e590.tar.bz2

Add a flags to further control response header persistence. We use this to

filter out Set-Cookie and Set-Cookie2 response headers from being forwarded to the renderer. This serves to prevent the renderer from having any access to HttpOnly cookies, and it also prevents XMLHttpRequest consumers from being able to read cookies in the HTTP response headers. This is consistent with changes made to Firefox and WebKit. Patch by marius.schilder@gmail.com R=deanm,darin Review URL: http://codereview.chromium.org/11264 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5767 0039d316-1c4b-4281-b951-d872f2087c98

Diffstat (limited to 'chrome/browser/login_prompt.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: