mirror of
https://bitbucket.org/chromiumembedded/cef
synced 2025-06-05 21:39:12 +02:00
Fix cookie exclusion for fetch CORS pre-flight requests (fixes #3596)
Cookies (and other credentials) will be excluded when appropriate by downgrading |credentials_mode| from kSameOrigin to kOmit. Improve logic for Origin header inclusion, including a fix for Referrer/Origin calculation in URLRequestJob::ComputeReferrerForPolicy when used with custom standard schemes. Specify correct CookiePartitionKeyCollection when loading cookies. To test: - Run tests from https://browseraudit.com/ with and without `--disable-request-handling-for-testing`. Results are the same. - Run `ceftests --gtest_filter=CorsTest.*`.
This commit is contained in:
@@ -36,7 +36,7 @@ class CefAppManager {
|
||||
// (url/url_util.h) via ContentClient::AddAdditionalSchemes which calls
|
||||
// AddCustomScheme, and second with Blink (SchemeRegistry) via
|
||||
// ContentRendererClient::WebKitInitialized which calls GetCustomSchemes.
|
||||
void AddCustomScheme(CefSchemeInfo* scheme_info);
|
||||
void AddCustomScheme(const CefSchemeInfo* scheme_info);
|
||||
bool HasCustomScheme(const std::string& scheme_name);
|
||||
|
||||
using SchemeInfoList = std::list<CefSchemeInfo>;
|
||||
|
Reference in New Issue
Block a user