commit | c7d715dc6f67f777d12eea9e72cababb8d60863e | [log] [tgz] |
---|---|---|
author | Yutaka Hirano <yhirano@chromium.org> | Tue Jan 29 04:34:48 2019 |
committer | Commit Bot <commit-bot@chromium.org> | Tue Jan 29 04:34:48 2019 |
tree | 6ce1579e3fcf6c415ce409df54f54933da09661f | |
parent | e4753f3c1828733b2b624d107f0e64b9bba45998 [diff] |
Set "origin" header from ResourceRequest::RequestorOrigin In BaseFetchContext, "origin" header is set from - FetchContext's security origin, or - the referrer string. On the other hand, https://fetch.spec.whatwg.org/#http-network-or-cache-fetch says: If the CORS flag is set, httpRequest’s method is neither `GET` nor `HEAD`, or httpRequest’s mode is "websocket", then append `Origin`/the result of serializing a request origin with httpRequest, to httpRequest’s header list. This CL makes it a bit more spec conformant by setting the header based on ResourceRequest::RequestorOrigin. Bug: 914739 Change-Id: Ia911ca1f2efaf2be080d891b1258f87230d57f2d Reviewed-on: https://chromium-review.googlesource.com/c/1388344 Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#626889}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .