From b9af9c0c5168044f033a4a42ec3ee2ea7741ce4b Mon Sep 17 00:00:00 2001 From: Jon Coppeard Date: Sat, 22 Aug 2020 07:08:10 +0000 Subject: Issue #618 - Don't mute errors for module scripts because they always use CORS --- dom/script/ScriptLoader.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'dom') diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp index 38649e1dd..f90381390 100644 --- a/dom/script/ScriptLoader.cpp +++ b/dom/script/ScriptLoader.cpp @@ -2446,10 +2446,10 @@ ScriptLoader::PrepareLoadedRequest(ScriptLoadRequest* aRequest, } nsCOMPtr channel = do_QueryInterface(req); - // If this load was subject to a CORS check; don't flag it with a - // separate origin principal, so that it will treat our document's - // principal as the origin principal - if (aRequest->mCORSMode == CORS_NONE) { + // If this load was subject to a CORS check, don't flag it with a separate + // origin principal, so that it will treat our document's principal as the + // origin principal. Module loads always use CORS. + if (!aRequest->IsModuleRequest() && aRequest->mCORSMode == CORS_NONE) { rv = nsContentUtils::GetSecurityManager()-> GetChannelResultPrincipal(channel, getter_AddRefs(aRequest->mOriginPrincipal)); NS_ENSURE_SUCCESS(rv, rv); -- cgit v1.2.3