Bug 1214819. Add support for @crossorigin to <link rel=prefetch> so resources can be prefetched via anonymous CORS, for example. r=hurley

2024-11-25 22:01:30 +00:00 · 2015-10-15 15:12:00 -04:00 · 2015-10-15 15:12:00 -04:00 · b6743e865b
commit b6743e865b
parent 61bc9e5c55
2 changed files with 17 additions and 2 deletions
--- a/dom/html/HTMLLinkElement.h
+++ b/dom/html/HTMLLinkElement.h
@ -151,6 +151,7 @@ public:
    return nsRefPtr<ImportLoader>(mImportLoader).forget();
  }

+  virtual CORSMode GetCORSMode() const override;
 protected:
  virtual ~HTMLLinkElement();

@ -161,7 +162,6 @@ protected:
                                 nsAString& aMedia,
                                 bool* aIsScoped,
                                 bool* aIsAlternate) override;
-  virtual CORSMode GetCORSMode() const override;
 protected:
  // nsGenericHTMLElement
  virtual void GetItemValueText(DOMString& text) override;
--- a/uriloader/prefetch/nsPrefetchService.cpp
+++ b/uriloader/prefetch/nsPrefetchService.cpp
@ -26,6 +26,8 @@
 #include "nsIAsyncVerifyRedirectCallback.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/Attributes.h"
+#include "mozilla/CORSMode.h"
+#include "mozilla/dom/HTMLLinkElement.h"
 #include "nsIDOMNode.h"
 #include "nsINode.h"
 #include "nsIDocument.h"
@ -186,12 +188,25 @@ nsPrefetchNode::OpenChannel()
        return NS_ERROR_FAILURE;
    }
    nsCOMPtr<nsILoadGroup> loadGroup = source->OwnerDoc()->GetDocumentLoadGroup();
+    CORSMode corsMode = CORS_NONE;
+    if (source->IsHTMLElement(nsGkAtoms::link)) {
+      corsMode = static_cast<dom::HTMLLinkElement*>(source.get())->GetCORSMode();
+    }
+    uint32_t securityFlags;
+    if (corsMode == CORS_NONE) {
+      securityFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS;
+    } else {
+      securityFlags = nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS;
+      if (corsMode == CORS_USE_CREDENTIALS) {
+        securityFlags |= nsILoadInfo::SEC_REQUIRE_CORS_WITH_CREDENTIALS;
+      }
+    }
    nsresult rv = NS_NewChannelInternal(getter_AddRefs(mChannel),
                                        mURI,
                                        source,
                                        source->NodePrincipal(),
                                        nullptr,   //aTriggeringPrincipal
-                                        nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS,
+                                        securityFlags,
                                        nsIContentPolicy::TYPE_OTHER,
                                        loadGroup, // aLoadGroup
                                        this,      // aCallbacks