commit | c1df004861ab704945d31a0d207bb7f4c205e60c | [log] [tgz] |
---|---|---|
author | Takeshi Yoshino <tyoshino@chromium.org> | Mon Feb 19 05:25:55 2018 |
committer | Commit Bot <commit-bot@chromium.org> | Mon Feb 19 05:25:55 2018 |
tree | cc5eafc706313a7b43bdac00b2e48d7cff99ae75 | |
parent | d356217626d029ab76d4355e0fdfe5f744266a35 [diff] |
Stop reusing MemoryCache entries for requests with a different source origin. ResourceFetcher/ResourceLoader now saves the result of the CORS check on the Resource object. Though the result of the CORS check varies depending on the source origin, reusing an existing resource fetched by a different source origin is allowed by mistake. This patch introduces a logic to prevent MemoryCache entries from being reused for requests with a different source (requestor) origin by saving the source origin on the Resource object and comparing that with the new source origin in Resource::CanReuse(), so that the result of the CORS check is reused only when the source origin is the same. An alternative possibly-better approach is to isolate MemoryCache for different origins by changing the cache identifier to take into account the source origin of requests. However, to keep the patch small and fix the issue quickly, this patch just prevents reuse. Bug: 799477, 809350 Change-Id: Ib96c9e728abe969a53f3d80519118a83392067b4 Reviewed-on: https://chromium-review.googlesource.com/897040 Commit-Queue: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#537580}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .