mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-21 02:08:12 +03:00
LibWeb/Fetch: Don't add cookies when creating ResourceLoader request
Using LoadRequest::create_for_url_on_page will unconditionally add cookies as long as there's a page available. However, it is up to http_network_or_cache_fetch to determine if cookies should be added to the request. This was noticed when implementing CORS-preflight requests, where we sent cookies in OPTIONS requests.
This commit is contained in:
parent
c51026a855
commit
bf2895365b
Notes:
sideshowbarker
2024-07-17 00:33:01 +09:00
Author: https://github.com/Lubrsi Commit: https://github.com/SerenityOS/serenity/commit/bf2895365b Pull-request: https://github.com/SerenityOS/serenity/pull/17383 Reviewed-by: https://github.com/linusg
@ -1583,7 +1583,12 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<PendingResponse>> nonstandard_resource_load
|
||||
if (is<HTML::Window>(global_object))
|
||||
page = static_cast<HTML::Window&>(global_object).page();
|
||||
|
||||
auto load_request = LoadRequest::create_for_url_on_page(request->current_url(), page);
|
||||
// NOTE: Using LoadRequest::create_for_url_on_page here will unconditionally add cookies as long as there's a page available.
|
||||
// However, it is up to http_network_or_cache_fetch to determine if cookies should be added to the request.
|
||||
LoadRequest load_request;
|
||||
load_request.set_url(request->current_url());
|
||||
if (page)
|
||||
load_request.set_page(*page);
|
||||
load_request.set_method(DeprecatedString::copy(request->method()));
|
||||
for (auto const& header : *request->header_list())
|
||||
load_request.set_header(DeprecatedString::copy(header.name), DeprecatedString::copy(header.value));
|
||||
|
Loading…
Reference in New Issue
Block a user