| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- /*
- * Copyright (c) 2023, Srikavin Ramkumar <me@srikavin.me>
- *
- * SPDX-License-Identifier: BSD-2-Clause
- */
- #include <LibWeb/HTML/CORSSettingAttribute.h>
- #include <LibWeb/HTML/PotentialCORSRequest.h>
- namespace Web::HTML {
- // https://html.spec.whatwg.org/multipage/urls-and-fetching.html#create-a-potential-cors-request
- JS::NonnullGCPtr<Fetch::Infrastructure::Request>
- create_potential_CORS_request(JS::VM& vm, AK::URL const& url, Optional<Fetch::Infrastructure::Request::Destination> destination, CORSSettingAttribute cors_attribute_state, SameOriginFallbackFlag same_origin_fallback_flag)
- {
- // 1. Let mode be "no-cors" if corsAttributeState is No CORS, and "cors" otherwise.
- auto mode = cors_attribute_state == CORSSettingAttribute::NoCORS
- ? Fetch::Infrastructure::Request::Mode::NoCORS
- : Fetch::Infrastructure::Request::Mode::CORS;
- // 2. If same-origin fallback flag is set and mode is "no-cors", set mode to "same-origin".
- if (same_origin_fallback_flag == SameOriginFallbackFlag::Yes && mode == Fetch::Infrastructure::Request::Mode::NoCORS)
- mode = Fetch::Infrastructure::Request::Mode::SameOrigin;
- // 3. Let credentialsMode be "include".
- auto credentials_mode = Fetch::Infrastructure::Request::CredentialsMode::Include;
- // 4. If corsAttributeState is Anonymous, set credentialsMode to "same-origin".
- if (cors_attribute_state == CORSSettingAttribute::Anonymous)
- credentials_mode = Fetch::Infrastructure::Request::CredentialsMode::SameOrigin;
- // 5. Let request be a new request whose URL is url, destination is destination, mode is mode, credentials mode is credentialsMode,
- // and whose use-URL-credentials flag is set.
- auto request = Fetch::Infrastructure::Request::create(vm);
- request->set_url(url);
- request->set_destination(destination);
- request->set_mode(mode);
- request->set_credentials_mode(credentials_mode);
- request->set_use_url_credentials(true);
- return request;
- }
- }
|
