Home | History | Annotate | Download | only in fetch

Lines Matching refs:securityOrigin

36 #include "platform/weborigin/SecurityOrigin.h"
103 void updateRequestForAccessControl(ResourceRequest& request, SecurityOrigin* securityOrigin, StoredCredentials allowCredentials)
108     if (securityOrigin)
109         request.setHTTPOrigin(securityOrigin->toAtomicString());
112 ResourceRequest createAccessControlPreflightRequest(const ResourceRequest& request, SecurityOrigin* securityOrigin)
115     updateRequestForAccessControl(preflightRequest, securityOrigin, DoNotAllowStoredCredentials);
145 bool passesAccessControlCheck(const ResourceResponse& response, StoredCredentials includeCredentials, SecurityOrigin* securityOrigin, String& errorDescription)
151         errorDescription = "Received an invalid response. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
162             errorDescription = "A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
165     } else if (accessControlOriginString != securityOrigin->toAtomicString()) {
167             errorDescription = "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
169             errorDescription = "The 'Access-Control-Allow-Origin' header contains multiple values '" + accessControlOriginString + "', but only one is allowed. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
173                 errorDescription = "The 'Access-Control-Allow-Origin' header contains the invalid value '" + accessControlOriginString + "'. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
175                 errorDescription = "The 'Access-Control-Allow-Origin' header has a value '" + accessControlOriginString + "' that is not equal to the supplied origin. Origin '" + securityOrigin->toString() + "' is therefore not allowed access.";
228 bool CrossOriginAccessControl::handleRedirect(Resource* resource, SecurityOrigin* securityOrigin, ResourceRequest& request, const ResourceResponse& redirectResponse, ResourceLoaderOptions& options, String& errorMessage)
234     bool redirectCrossOrigin = !securityOrigin->canRequest(requestURL);
237     if (!securityOrigin->canRequest(originalURL)) {
246             allowRedirect = passesAccessControlCheck(redirectResponse, withCredentials, securityOrigin, errorDescription);
248                 RefPtr<SecurityOrigin> originalOrigin = SecurityOrigin::create(originalURL);
252                     options.securityOrigin = SecurityOrigin::createUnique();
253                     securityOrigin = options.securityOrigin.get();
258             const String& originalOrigin = SecurityOrigin::create(originalURL)->toString();
266         request.setHTTPOrigin(securityOrigin->toAtomicString());