void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
if (m_async) {
dispatchLoadStartEvent();
if (m_requestEntityBody && m_upload)
m_upload->dispatchLoadStartEvent();
}
m_sameOriginRequest = scriptExecutionContext()->securityOrigin()->canRequest(m_url);
if (!m_sameOriginRequest) {
makeCrossSiteAccessRequest(ec);
return;
}
makeSameOriginRequest(ec);
}
void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
if (m_async)
dispatchLoadStartEvent();
//m_sameOriginRequest = m_doc->securityOrigin()->canRequest(m_url);
//If we have decided to use the workaround...go ahead by treating it as the same origin request. We expect to use the domain filtering system to cover up
//any security issues.
EA::WebKit::Parameters& param = EA::WebKit::GetParameters();
if(param.mbEnableCrossDomainScripting)
m_sameOriginRequest = true;
else
m_sameOriginRequest = m_doc->securityOrigin()->canRequest(m_url);
if (!m_sameOriginRequest) {
makeCrossSiteAccessRequest(ec);
return;
}
makeSameOriginRequest(ec);
}
