Ignore HSTS for partitioned, cross-origin subresource requests
[WebKit-https.git] / Source / WebCore / ChangeLog
index cfd6e02..683283f 100644 (file)
@@ -1,3 +1,22 @@
+2017-11-02  John Wilander  <wilander@apple.com>
+
+        Ignore HSTS for partitioned, cross-origin subresource requests
+        https://bugs.webkit.org/show_bug.cgi?id=178993
+        <rdar://problem/34962462>
+
+        Reviewed by Brent Fulgham and Alex Christensen.
+
+        No new tests. HSTS is not supported in layout tests.
+        Tested manually.
+
+        * platform/network/mac/WebCoreURLResponse.mm:
+        (WebCore::synthesizeRedirectResponseIfNecessary):
+            Now also synthesizes a response if
+            _schemeWasUpgradedDueToDynamicHSTS is set on the
+            request. Because in such cases the scheme might
+            have been downgraded and there the two schemes
+            match.
+
 2017-11-02  Zalan Bujtas  <zalan@apple.com>
 
         LayoutState::m_next is really the ancestor state.