Ignore HSTS for partitioned, cross-origin subresource requests
[WebKit-https.git] / Source / WebCore / platform / network / mac / WebCoreURLResponse.mm
index 4cc9e72..2705259 100644 (file)
@@ -332,8 +332,13 @@ NSURLResponse *synthesizeRedirectResponseIfNecessary(NSURLRequest *currentReques
     if (redirectResponse)
         return redirectResponse;
 
+#if HAVE(CFNETWORK_IGNORE_HSTS)
+    if ([[[newRequest URL] scheme] isEqualToString:[[currentRequest URL] scheme]] && ![newRequest _schemeWasUpgradedDueToDynamicHSTS])
+        return nil;
+#else
     if ([[[newRequest URL] scheme] isEqualToString:[[currentRequest URL] scheme]])
         return nil;
+#endif
 
     // If the new request is a different protocol than the current request, synthesize a redirect response.
     // This is critical for HSTS (<rdar://problem/14241270>).