Google Git
Sign in
webkit / WebKit / 0958d3384ec7bbb495e3bd204cf448e57fd866a9^! / . / Source / WebCore / loader / DocumentThreadableLoader.cpp
commit0958d3384ec7bbb495e3bd204cf448e57fd866a9[log] [tgz]
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri May 26 17:08:30 2017 +0000
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri May 26 17:08:30 2017 +0000
tree668f58f365ff49a68b9cf88cef149deb4b3b68b0
parentf251e5fa187c0cf29c2e2c66d7dfef64656ee16c [diff] [blame]
Minor clean-up related to DocumentThreadableLoader redirections
https://bugs.webkit.org/show_bug.cgi?id=172647

Patch by Youenn Fablet <youenn@apple.com> on 2017-05-26
Reviewed by Chris Dumez.

No change of behavior.

Decrementing m_options redirect count directly instead of using an
additional counter.

To compare whether two URLs are same-origin, use scheme+host+port check
as per the spec.
This is fine as only the initial origin may have specific rules and we
are using the scheme+host+port checks when already being gone to
another origin.

* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::redirectReceived):
* loader/DocumentThreadableLoader.h:
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@217494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/WebCore/loader/DocumentThreadableLoader.cpp b/Source/WebCore/loader/DocumentThreadableLoader.cpp
index 2ca54ab..72e5678 100644
--- a/Source/WebCore/loader/DocumentThreadableLoader.cpp
+++ b/Source/WebCore/loader/DocumentThreadableLoader.cpp

@@ -228,7 +228,7 @@
     ASSERT_UNUSED(resource, &resource == m_resource);
 
     Ref<DocumentThreadableLoader> protectedThis(*this);
-    ++m_redirectCount;
+    --m_options.maxRedirectCount;
 
     // FIXME: We restrict this check to Fetch API for the moment, as this might disrupt WorkerScriptLoader.
     // Reassess this check based on https://github.com/whatwg/fetch/issues/393 discussions.
@@ -258,7 +258,7 @@
     // Use a unique for subsequent loads if needed.
     // https://fetch.spec.whatwg.org/#concept-http-redirect-fetch (Step 10).
     ASSERT(m_options.mode == FetchOptions::Mode::Cors);
-    if (!securityOrigin().canRequest(redirectResponse.url()) && !SecurityOrigin::create(redirectResponse.url())->canRequest(request.url()))
+    if (!securityOrigin().canRequest(redirectResponse.url()) && !protocolHostAndPortAreEqual(redirectResponse.url(), request.url()))
         m_origin = SecurityOrigin::createUnique();
 
     // Except in case where preflight is needed, loading should be able to continue on its own.
@@ -267,8 +267,6 @@
         return;
 
     m_options.allowCredentials = DoNotAllowStoredCredentials;
-    m_options.maxRedirectCount -= m_redirectCount;
-    m_redirectCount = 0;
 
     clearResource();