Exemple #1
0
FetchResponseData* FetchResponseData::createCORSFilteredResponse()
{
    // "A CORS filtered response is a filtered response whose type is |CORS|,
    // header list excludes all headers in internal response's header list,
    // except those whose name is either one of `Cache-Control`,
    // `Content-Language`, `Content-Type`, `Expires`, `Last-Modified`, and
    // `Pragma`, and except those whose name is one of the values resulting from
    // parsing `Access-Control-Expose-Headers` in internal response's header
    // list."
    FetchResponseData* response = new FetchResponseData(CORSType, m_status, m_statusMessage);
    response->m_url = m_url;
    HTTPHeaderSet accessControlExposeHeaderSet;
    String accessControlExposeHeaders;
    if (m_headerList->get("access-control-expose-headers", accessControlExposeHeaders))
        parseAccessControlExposeHeadersAllowList(accessControlExposeHeaders, accessControlExposeHeaderSet);
    for (size_t i = 0; i < m_headerList->size(); ++i) {
        const FetchHeaderList::Header* header = m_headerList->list()[i].get();
        if (!isOnAccessControlResponseHeaderWhitelist(header->first) && !accessControlExposeHeaderSet.contains(header->first))
            continue;
        response->m_headerList->append(header->first, header->second);
    }
    response->m_buffer = m_buffer;
    response->m_mimeType = m_mimeType;
    response->m_internalResponse = this;
    return response;
}
Exemple #2
0
FetchResponseData* FetchResponseData::createCORSFilteredResponse() const {
  DCHECK_EQ(m_type, DefaultType);
  HTTPHeaderSet accessControlExposeHeaderSet;
  String accessControlExposeHeaders;
  if (m_headerList->get(HTTPNames::Access_Control_Expose_Headers,
                        accessControlExposeHeaders))
    parseAccessControlExposeHeadersAllowList(accessControlExposeHeaders,
                                             accessControlExposeHeaderSet);
  return createCORSFilteredResponse(accessControlExposeHeaderSet);
}