summaryrefslogtreecommitdiffstats
path: root/webkit
diff options
context:
space:
mode:
authorbbudge@chromium.org <bbudge@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-04-14 16:51:25 +0000
committerbbudge@chromium.org <bbudge@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-04-14 16:51:25 +0000
commit84d5b453e3b8f4eef8cab9860a27c25466c7fe0a (patch)
tree5cb1af47b6e7fd98e81bcd2500c65a7070ed2d51 /webkit
parentc87f49e41dbf531ec55887d611e0175d4ddcd8e8 (diff)
downloadchromium_src-84d5b453e3b8f4eef8cab9860a27c25466c7fe0a.zip
chromium_src-84d5b453e3b8f4eef8cab9860a27c25466c7fe0a.tar.gz
chromium_src-84d5b453e3b8f4eef8cab9860a27c25466c7fe0a.tar.bz2
Add CORS options to URL requests. This information will be used by the URLLoader to create the AssociatedURLLoader that sends the request.
The CORS options are simplified to fit with what is already in PPAPI. For example, since we already have a trusted interface with universal access, setting the PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS property TRUE corresponds to using access control to check the request. If we want to remove the trusted interface, then we should modify this CL so that we can specify Allow, Deny, or UseAccessControl. Also, I chose not to expose the SniffContent option from WebKit's loader. BUG=47354 TEST=test_shell_tests Review URL: http://codereview.chromium.org/6755015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81604 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
-rw-r--r--webkit/plugins/ppapi/ppb_url_request_info_impl.cc10
-rw-r--r--webkit/plugins/ppapi/ppb_url_request_info_impl.h8
-rw-r--r--webkit/plugins/ppapi/url_request_info_unittest.cc26
3 files changed, 42 insertions, 2 deletions
diff --git a/webkit/plugins/ppapi/ppb_url_request_info_impl.cc b/webkit/plugins/ppapi/ppb_url_request_info_impl.cc
index a3685d3..89cf3c1 100644
--- a/webkit/plugins/ppapi/ppb_url_request_info_impl.cc
+++ b/webkit/plugins/ppapi/ppb_url_request_info_impl.cc
@@ -200,7 +200,9 @@ PPB_URLRequestInfo_Impl::PPB_URLRequestInfo_Impl(PluginInstance* instance)
follow_redirects_(true),
record_download_progress_(false),
record_upload_progress_(false),
- has_custom_referrer_url_(false) {
+ has_custom_referrer_url_(false),
+ allow_cross_origin_requests_(false),
+ allow_credentials_(false) {
}
PPB_URLRequestInfo_Impl::~PPB_URLRequestInfo_Impl() {
@@ -242,6 +244,12 @@ bool PPB_URLRequestInfo_Impl::SetBooleanProperty(PP_URLRequestProperty property,
case PP_URLREQUESTPROPERTY_RECORDUPLOADPROGRESS:
record_upload_progress_ = value;
return true;
+ case PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS:
+ allow_cross_origin_requests_ = value;
+ return true;
+ case PP_URLREQUESTPROPERTY_ALLOWCREDENTIALS:
+ allow_credentials_ = value;
+ return true;
default:
return false;
}
diff --git a/webkit/plugins/ppapi/ppb_url_request_info_impl.h b/webkit/plugins/ppapi/ppb_url_request_info_impl.h
index a626e86..1b06aa7 100644
--- a/webkit/plugins/ppapi/ppb_url_request_info_impl.h
+++ b/webkit/plugins/ppapi/ppb_url_request_info_impl.h
@@ -55,6 +55,11 @@ class PPB_URLRequestInfo_Impl : public Resource {
bool record_download_progress() const { return record_download_progress_; }
bool record_upload_progress() const { return record_upload_progress_; }
+ bool allow_cross_origin_requests() const {
+ return allow_cross_origin_requests_;
+ }
+ bool allow_credentials() const { return allow_credentials_; }
+
private:
struct BodyItem;
typedef std::vector<BodyItem> Body;
@@ -76,6 +81,9 @@ class PPB_URLRequestInfo_Impl : public Resource {
bool has_custom_referrer_url_;
std::string custom_referrer_url_;
+ bool allow_cross_origin_requests_;
+ bool allow_credentials_;
+
DISALLOW_COPY_AND_ASSIGN(PPB_URLRequestInfo_Impl);
};
diff --git a/webkit/plugins/ppapi/url_request_info_unittest.cc b/webkit/plugins/ppapi/url_request_info_unittest.cc
index c2e2e77..cc56abc 100644
--- a/webkit/plugins/ppapi/url_request_info_unittest.cc
+++ b/webkit/plugins/ppapi/url_request_info_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -160,6 +160,30 @@ TEST_F(URLRequestInfoTest, RecordUploadProgress) {
ASSERT_FALSE(info_->record_upload_progress());
}
+TEST_F(URLRequestInfoTest, AllowCrossOriginRequests) {
+ ASSERT_FALSE(info_->allow_cross_origin_requests());
+
+ ASSERT_TRUE(info_->SetBooleanProperty(
+ PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS, true));
+ ASSERT_TRUE(info_->allow_cross_origin_requests());
+
+ ASSERT_TRUE(info_->SetBooleanProperty(
+ PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS, false));
+ ASSERT_FALSE(info_->allow_cross_origin_requests());
+}
+
+TEST_F(URLRequestInfoTest, AllowCredentials) {
+ ASSERT_FALSE(info_->allow_credentials());
+
+ ASSERT_TRUE(info_->SetBooleanProperty(
+ PP_URLREQUESTPROPERTY_ALLOWCREDENTIALS, true));
+ ASSERT_TRUE(info_->allow_credentials());
+
+ ASSERT_TRUE(info_->SetBooleanProperty(
+ PP_URLREQUESTPROPERTY_ALLOWCREDENTIALS, false));
+ ASSERT_FALSE(info_->allow_credentials());
+}
+
TEST_F(URLRequestInfoTest, SetURL) {
// Test default URL is "about:blank".
ASSERT_TRUE(IsExpected(GetURL(), "about:blank"));