commit 92358044fff21ee6cf6d89842b801c072145c432
author horo <horo@chromium.org> Fri Dec 11 07:15:33 2015
committer Commit bot <commit-bot@chromium.org> Fri Dec 11 07:16:13 2015
tree 09b0a582d7a83d44ed4ad4201470fc22377a4343
parent a43f74d17a38f3792bf9ead732681518bf76d920

Set credentials mode "same-origin" when crossOrigin=anonymous is set.

According to the HTML spec, the fetch credentials mode for resources which crossOrigin is "anonymous" must be "same-origin".
https://html.spec.whatwg.org/multipage/infrastructure.html#cors-settings-attributes

So the request which is sent to the server for "<img src='./test.png' crossOrigin='anonymous'>" must contain cookies, because it is a same origin request.
And if a Service Worker intercept the request, the fetchevent.request.credentials must be "same-origin".
But Chrome doesn't send cookies for <img src="./test.png" crossOrigin="anonymous">.
And fetchevent.request.credentials is "omit".

This CL fix this problem.
(https://codereview.chromium.org/1267023004 introduced a workaround only for WebFonts.)

https://codereview.chromium.org/1135203002 introduced CrossOriginAttributeValue enum.
But String value and ResourceLoaderOptions are still used only for passing the crossOrigin value.
So this CL change those code to use the enum value.

- CrossOriginAttributeNotSet:
    corsEnabled: NO
- CrossOriginAttributeAnonymous:
    corsEnabled: YES
    allowCredentials: YES if the request URL origin is same as the document's origin. Otherwise NO.
    credentialsRequested: NO
- CrossOriginAttributeUseCredentials:
    corsEnabled: YES
    allowCredentials: YES
    credentialsRequested: YES

BUG=486689,563328

Review URL: https://codereview.chromium.org/1487343002

Cr-Commit-Position: refs/heads/master@{#364641}