servo: Merge #18882 - Use the correct origin in fetch (from KiChjang:fix-origin); r=jdm

Fixes #18147. Source-Repo: https://github.com/servo/servo Source-Revision: c9884604e974937c45ca3dfc5afb23079536fd41 --HG-- extra : subtree_source : https%3A//hg.mozilla.org/projects/converted-servo-linear extra : subtree_revision : 5f90b4e0a201a1921488b1d7e1ce1736d9dc464e
2017-11-15 16:08:49 -06:00 · 2017-11-15 16:08:49 -06:00 · 26b5914e89
commit 26b5914e89
parent 9f39405d6a
2 changed files with 6 additions and 4 deletions
--- a/servo/components/net/fetch/methods.rs
+++ b/servo/components/net/fetch/methods.rs
@ -118,7 +118,7 @@ pub fn main_fetch(request: &mut Request,
    // TODO: handle upgrade to a potentially secure URL.

    // Step 5.
-    if should_be_blocked_due_to_bad_port(&request.url()) {
+    if should_be_blocked_due_to_bad_port(&request.current_url()) {
        response = Some(Response::network_error(NetworkError::Internal("Request attempted on bad port".into())));
    }
    // TODO: handle blocking as mixed content.
--- a/servo/components/net/http_loader.rs
+++ b/servo/components/net/http_loader.rs
@ -670,8 +670,10 @@ pub fn http_redirect_fetch(request: &mut Request,
    request.redirect_count += 1;

    // Step 7
-    // FIXME: Correctly use request's origin
-    let same_origin = location_url.origin() == request.current_url().origin();
+    let same_origin = match request.origin {
+        Origin::Origin(ref origin) => *origin == location_url.origin(),
+        Origin::Client => panic!("Request origin should not be client for {}", request.current_url()),
+    };
    let has_credentials = has_credentials(&location_url);

    if request.mode == RequestMode::CorsMode && !same_origin && has_credentials {
@ -690,7 +692,7 @@ pub fn http_redirect_fetch(request: &mut Request,
    }

    // Step 10
-    if cors_flag && !same_origin {
+    if cors_flag && location_url.origin() != request.current_url().origin() {
        request.origin = Origin::Origin(ImmutableOrigin::new_opaque());
    }