示例#1
0
void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
    // Upload event listeners should be disallowed for simple cross-origin requests, because POSTing to an URL that does not
    // permit cross origin requests should look exactly like POSTing to an URL that does not respond at all. If a listener exists
    // when creating the request, it will force preflight.
    // Also, only async requests support upload progress events.
    m_uploadEventsAllowed = false;
    if (m_async) {
        dispatchLoadStartEvent();
        if (m_requestEntityBody && m_upload) {
            m_uploadEventsAllowed = m_upload->hasListeners();
            m_upload->dispatchLoadStartEvent();
        }
    }

    m_sameOriginRequest = scriptExecutionContext()->securityOrigin()->canRequest(m_url);

    if (!m_sameOriginRequest) {
        makeCrossOriginAccessRequest(ec);
        return;
    }

    m_uploadEventsAllowed = true;

    makeSameOriginRequest(ec);
}
示例#2
0
void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
    if (m_async) {
        dispatchLoadStartEvent();
        if (m_requestEntityBody && m_upload)
            m_upload->dispatchLoadStartEvent();
    }

    m_sameOriginRequest = scriptExecutionContext()->securityOrigin()->canRequest(m_url);

    if (!m_sameOriginRequest) {
        makeCrossSiteAccessRequest(ec);
        return;
    }

    makeSameOriginRequest(ec);
}
示例#3
0
void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
    if (m_async)
        dispatchLoadStartEvent();

    //m_sameOriginRequest = m_doc->securityOrigin()->canRequest(m_url);
	//If we have decided to use the workaround...go ahead by treating it as the same origin request. We expect to use the domain filtering system to cover up
	//any security issues.
	EA::WebKit::Parameters& param = EA::WebKit::GetParameters();
	if(param.mbEnableCrossDomainScripting)
		m_sameOriginRequest = true;
	else
		m_sameOriginRequest = m_doc->securityOrigin()->canRequest(m_url);

    if (!m_sameOriginRequest) {
        makeCrossSiteAccessRequest(ec);
        return;
    }

    makeSameOriginRequest(ec);
}