Diff
Modified: trunk/LayoutTests/ChangeLog (135008 => 135009)
--- trunk/LayoutTests/ChangeLog 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/LayoutTests/ChangeLog 2012-11-16 23:30:31 UTC (rev 135009)
@@ -1,3 +1,19 @@
+2012-11-16 Pablo Flouret <[email protected]>
+
+ [JSC] Don't sanitize window.onerror information on crossorigin-enabled scripts
+ https://bugs.webkit.org/show_bug.cgi?id=70574
+
+ Reviewed by Geoffrey Garen.
+
+ * http/tests/security/resources/cors-script.php:
+ * http/tests/security/script-crossorigin-onerror-information-expected.txt: Added.
+ * http/tests/security/script-crossorigin-onerror-information.html: Added.
+ * http/tests/security/script-no-crossorigin-onerror-should-be-sanitized-expected.txt: Added.
+ * http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html: Added.
+
+ * platform/chromium/TestExpectations:
+ This patch only deals with JSC right now, skip the new tests.
+
2012-11-16 Dimitri Glazkov <[email protected]>
[Chromium] Remaining bits of Win7 rebaselines.
Modified: trunk/LayoutTests/http/tests/security/resources/cors-script.php (135008 => 135009)
--- trunk/LayoutTests/http/tests/security/resources/cors-script.php 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/LayoutTests/http/tests/security/resources/cors-script.php 2012-11-16 23:30:31 UTC (rev 135009)
@@ -1,5 +1,8 @@
<?php
header("Access-Control-Allow-Origin: http://127.0.0.1:8000");
header("Content-Type: application/_javascript_");
+if (strtolower($_GET["fail"]) == "true")
+ echo "throw({toString: function(){ return 'SomeError' }});";
+else
+ echo "alert('script ran.');";
?>
-alert("script ran.");
Added: trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information-expected.txt (0 => 135009)
--- trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information-expected.txt 2012-11-16 23:30:31 UTC (rev 135009)
@@ -0,0 +1,13 @@
+CONSOLE MESSAGE: line 1: SomeError
+The test passes if window.onerror gets unsanitized information about the script error.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS msg.match(/SomeError/)[0] is "SomeError"
+PASS url is "http://localhost:8000/security/resources/cors-script.php?fail=true"
+PASS line is 1
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information.html (0 => 135009)
--- trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/script-crossorigin-onerror-information.html 2012-11-16 23:30:31 UTC (rev 135009)
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<head>
+</head>
+<body>
+<script src=""
+<script>
+window.jsTestIsAsync = true;
+description("The test passes if window.onerror gets unsanitized information about the script error.");
+
+window._onerror_ = function(msg, url, line) {
+ window.msg = msg;
+ window.url = ""
+ window.line = line;
+ shouldBeEqualToString("msg.match(/SomeError/)[0]", "SomeError");
+ shouldBeEqualToString("url", "http://localhost:8000/security/resources/cors-script.php?fail=true");
+ shouldBe("line", "1");
+ finishJSTest();
+}
+</script>
+<script crossorigin=" anonymous " src=""
+<script src=""
Added: trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized-expected.txt (0 => 135009)
--- trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized-expected.txt (rev 0)
+++ trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized-expected.txt 2012-11-16 23:30:31 UTC (rev 135009)
@@ -0,0 +1,13 @@
+CONSOLE MESSAGE: line 1: SomeError
+The test passes if window.onerror gets sanitized information about the script error.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS msg.match(/SomeError/) is null
+PASS url is ""
+PASS line is 0
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html (0 => 135009)
--- trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html (rev 0)
+++ trunk/LayoutTests/http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html 2012-11-16 23:30:31 UTC (rev 135009)
@@ -0,0 +1,20 @@
+<body>
+<script src=""
+<script>
+window.jsTestIsAsync = true;
+description("The test passes if window.onerror gets sanitized information about the script error.");
+
+window._onerror_ = function(msg, url, line) {
+ window.msg = msg;
+ window.url = ""
+ window.line = line;
+ shouldBeNull("msg.match(/SomeError/)");
+ shouldBeEqualToString("url", "");
+ shouldBe("line", "0");
+ finishJSTest();
+}
+</script>
+<!-- crossorigin attribute is not set, we shouldn't get any specific info on the error. -->
+<script src=""
+<script src=""
+
Modified: trunk/LayoutTests/platform/chromium/TestExpectations (135008 => 135009)
--- trunk/LayoutTests/platform/chromium/TestExpectations 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/LayoutTests/platform/chromium/TestExpectations 2012-11-16 23:30:31 UTC (rev 135009)
@@ -4112,6 +4112,10 @@
webkit.org/b/100142 css3/filters/effect-reference-hw.html [ Failure ImageOnlyFailure ]
webkit.org/b/100142 css3/filters/effect-reference-ordering-hw.html [ Failure ImageOnlyFailure Missing ]
+# Only ready for JSC so far, not fixed in v8 yet.
+webkit.org/b/97499 http/tests/security/script-crossorigin-onerror-information.html [ Failure ]
+webkit.org/b/97499 http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html [ Failure ]
+
# This test is probably either Failure or ImageOnlyFailure depending on which fonts are installed.
webkit.org/b/99749 [ MountainLion ] fast/text/midword-break-before-surrogate-pair.html [ Failure ImageOnlyFailure ]
Modified: trunk/Source/WebCore/ChangeLog (135008 => 135009)
--- trunk/Source/WebCore/ChangeLog 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/ChangeLog 2012-11-16 23:30:31 UTC (rev 135009)
@@ -1,3 +1,56 @@
+2012-11-16 Pablo Flouret <[email protected]>
+
+ [JSC] Don't sanitize window.onerror information on crossorigin-enabled scripts
+ https://bugs.webkit.org/show_bug.cgi?id=70574
+
+ Reviewed by Geoffrey Garen.
+
+ For scripts that use CORS (via the crossorigin attribute in this case),
+ don't sanitize the information passed to the window's onerror handler (i.e.
+ message, url, and line number). Useful for scripts hosted on CDNs.
+
+ Tests: http/tests/security/script-crossorigin-onerror-information.html
+ http/tests/security/script-no-crossorigin-onerror-should-be-sanitized.html
+
+ * WebCore.exp.in:
+ * WebCore.order:
+
+ * bindings/js/JSDOMBinding.cpp:
+ (WebCore::reportException):
+ * bindings/js/JSDOMBinding.h:
+ (WebCore):
+ * bindings/js/ScriptController.cpp:
+ (WebCore::ScriptController::evaluateInWorld):
+ * bindings/js/ScriptSourceCode.h:
+ (WebCore::ScriptSourceCode::ScriptSourceCode):
+ (WebCore::ScriptSourceCode::cachedScript):
+ (ScriptSourceCode):
+ * bindings/js/WorkerScriptController.cpp:
+ (WebCore::WorkerScriptController::evaluate):
+ Keep a reference to the cached script in the ScriptSourceCode, so
+ that it can be passed around and be available when reporting the
+ exception.
+
+ * dom/ScriptExecutionContext.cpp:
+ (WebCore::ScriptExecutionContext::sanitizeScriptError):
+ (WebCore::ScriptExecutionContext::reportException):
+ (WebCore::ScriptExecutionContext::dispatchErrorEvent):
+ * dom/ScriptExecutionContext.h:
+ (WebCore):
+ (ScriptExecutionContext):
+ Check if the script passes the access control checks, and if so,
+ don't sanitize the error information.
+
+ * html/parser/HTMLPreloadScanner.cpp:
+ (WebCore::PreloadTask::processAttributes):
+ (WebCore::PreloadTask::preload):
+ (PreloadTask):
+ (WebCore::PreloadTask::crossOriginModeAllowsCookies):
+ When preloading script elements, check for the crossorigin attribute
+ and adjust the request's allowCookies value accordingly. Otherwise
+ when the script is loaded from the cache later on, the cross origin mode
+ (anonymous/use-credentials) will be effectively ignored.
+
2012-11-16 Jon Lee <[email protected]>
Change visual look of placeholder
Modified: trunk/Source/WebCore/WebCore.exp.in (135008 => 135009)
--- trunk/Source/WebCore/WebCore.exp.in 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/WebCore.exp.in 2012-11-16 23:30:31 UTC (rev 135009)
@@ -411,7 +411,7 @@
__ZN7WebCore15localizedStringEPKc
__ZN7WebCore15originalURLDataEP5NSURL
__ZN7WebCore15pathGetFileNameERKN3WTF6StringE
-__ZN7WebCore15reportExceptionEPN3JSC9ExecStateENS0_7JSValueE
+__ZN7WebCore15reportExceptionEPN3JSC9ExecStateENS0_7JSValueEPNS_12CachedScriptE
__ZN7WebCore15setDOMExceptionEPN3JSC9ExecStateEi
__ZN7WebCore15toDOMStringListEPN3JSC9ExecStateENS0_7JSValueE
__ZN7WebCore15visitedLinkHashEPKtj
Modified: trunk/Source/WebCore/WebCore.order (135008 => 135009)
--- trunk/Source/WebCore/WebCore.order 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/WebCore.order 2012-11-16 23:30:31 UTC (rev 135009)
@@ -2038,7 +2038,7 @@
__ZN7WebCore16findAtomicStringERKN3JSC10IdentifierE
__ZNK3WTF9HashTableIPNS_16AtomicStringImplESt4pairIS2_jENS_18PairFirstExtractorIS4_EENS_7PtrHashIS2_EENS_14PairHashTraitsINS_10HashTraitsIS2_EENSA_IjEEEESB_E8containsIS2_NS_22IdentityHashTranslatorIS2_S4_S8_EEEEbRKT_
__ZNK3WTF9HashTableIPNS_16AtomicStringImplESt4pairIS2_PN7WebCore7ElementEENS_18PairFirstExtractorIS7_EENS_7PtrHashIS2_EENS_14PairHashTraitsINS_10HashTraitsIS2_EENSD_IS6_EEEESE_E8containsIS2_NS_22IdentityHashTranslatorIS2_S7_SB_EEEEbRKT_
-__ZN7WebCore15reportExceptionEPN3JSC9ExecStateENS0_7JSValueE
+__ZN7WebCore15reportExceptionEPN3JSC9ExecStateENS0_7JSValueEPNS_12CachedScriptE
__ZNK3JSC7JSValue8toStringEPNS_9ExecStateE
__ZNK3JSC8JSObject3getEPNS_9ExecStateERKNS_10IdentifierE
__ZN7WebCore15toExceptionBaseEN3JSC7JSValueE
Modified: trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp (135008 => 135009)
--- trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/bindings/js/JSDOMBinding.cpp 2012-11-16 23:30:31 UTC (rev 135009)
@@ -22,6 +22,7 @@
#include "JSDOMBinding.h"
#include "BindingSecurity.h"
+#include "CachedScript.h"
#include "DOMObjectHashTableMap.h"
#include "DOMStringList.h"
#include "ExceptionCode.h"
@@ -145,7 +146,7 @@
return JSC::constructArray(exec, 0, globalObject, list);
}
-void reportException(ExecState* exec, JSValue exception)
+void reportException(ExecState* exec, JSValue exception, CachedScript* cachedScript)
{
if (isTerminatedExecutionException(exception))
return;
@@ -166,7 +167,7 @@
return;
}
ScriptExecutionContext* scriptExecutionContext = globalObject->scriptExecutionContext();
- scriptExecutionContext->reportException(errorMessage, lineNumber, exceptionSourceURL, 0);
+ scriptExecutionContext->reportException(errorMessage, lineNumber, exceptionSourceURL, 0, cachedScript);
}
void reportCurrentException(ExecState* exec)
Modified: trunk/Source/WebCore/bindings/js/JSDOMBinding.h (135008 => 135009)
--- trunk/Source/WebCore/bindings/js/JSDOMBinding.h 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/bindings/js/JSDOMBinding.h 2012-11-16 23:30:31 UTC (rev 135009)
@@ -57,6 +57,7 @@
#define MAYBE_MISSING_PARAMETER(exec, index, policy) (((policy) == DefaultIsNullString && (index) >= (exec)->argumentCount()) ? (JSValue()) : ((exec)->argument(index)))
+ class CachedScript;
class Frame;
class KURL;
@@ -253,7 +254,7 @@
const JSC::HashTable* getHashTableForGlobalData(JSC::JSGlobalData&, const JSC::HashTable* staticTable);
- void reportException(JSC::ExecState*, JSC::JSValue exception);
+ void reportException(JSC::ExecState*, JSC::JSValue exception, CachedScript* = 0);
void reportCurrentException(JSC::ExecState*);
// Convert a DOM implementation exception code into a _javascript_ exception in the execution state.
Modified: trunk/Source/WebCore/bindings/js/ScriptController.cpp (135008 => 135009)
--- trunk/Source/WebCore/bindings/js/ScriptController.cpp 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/bindings/js/ScriptController.cpp 2012-11-16 23:30:31 UTC (rev 135009)
@@ -144,7 +144,7 @@
InspectorInstrumentation::didEvaluateScript(cookie);
if (evaluationException) {
- reportException(exec, evaluationException);
+ reportException(exec, evaluationException, sourceCode.cachedScript());
m_sourceURL = savedSourceURL;
return ScriptValue();
}
Modified: trunk/Source/WebCore/bindings/js/ScriptSourceCode.h (135008 => 135009)
--- trunk/Source/WebCore/bindings/js/ScriptSourceCode.h 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/bindings/js/ScriptSourceCode.h 2012-11-16 23:30:31 UTC (rev 135009)
@@ -31,6 +31,8 @@
#ifndef ScriptSourceCode_h
#define ScriptSourceCode_h
+#include "CachedResourceHandle.h"
+#include "CachedScript.h"
#include "CachedScriptSourceProvider.h"
#include "KURL.h"
#include <parser/SourceProvider.h>
@@ -48,9 +50,10 @@
{
}
- ScriptSourceCode(CachedScript* cs)
- : m_provider(CachedScriptSourceProvider::create(cs))
+ explicit ScriptSourceCode(CachedScript* cachedScript)
+ : m_provider(CachedScriptSourceProvider::create(cachedScript))
, m_code(m_provider)
+ , m_cachedScript(cachedScript)
{
}
@@ -62,13 +65,17 @@
int startLine() const { return m_code.firstLine(); }
+ CachedScript* cachedScript() const { return m_cachedScript.get(); }
+
const KURL& url() const { return m_url; }
private:
RefPtr<JSC::SourceProvider> m_provider;
JSC::SourceCode m_code;
-
+
+ CachedResourceHandle<CachedScript> m_cachedScript;
+
KURL m_url;
};
Modified: trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp (135008 => 135009)
--- trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp 2012-11-16 23:30:31 UTC (rev 135009)
@@ -150,7 +150,7 @@
String errorMessage;
int lineNumber = 0;
String sourceURL = sourceCode.url().string();
- if (m_workerContext->sanitizeScriptError(errorMessage, lineNumber, sourceURL))
+ if (m_workerContext->sanitizeScriptError(errorMessage, lineNumber, sourceURL, sourceCode.cachedScript()))
*exception = ScriptValue(*m_globalData, throwError(exec, createError(exec, errorMessage.impl())));
else
*exception = ScriptValue(*m_globalData, evaluationException);
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.cpp (135008 => 135009)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.cpp 2012-11-16 23:30:31 UTC (rev 135009)
@@ -28,6 +28,7 @@
#include "config.h"
#include "ScriptExecutionContext.h"
+#include "CachedScript.h"
#include "ContentSecurityPolicy.h"
#include "DOMTimer.h"
#include "ErrorEvent.h"
@@ -285,10 +286,10 @@
}
}
-bool ScriptExecutionContext::sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL)
+bool ScriptExecutionContext::sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL, CachedScript* cachedScript)
{
KURL targetURL = completeURL(sourceURL);
- if (securityOrigin()->canRequest(targetURL))
+ if (securityOrigin()->canRequest(targetURL) || (cachedScript && cachedScript->passesAccessControlCheck(securityOrigin())))
return false;
errorMessage = "Script error.";
sourceURL = String();
@@ -296,7 +297,7 @@
return true;
}
-void ScriptExecutionContext::reportException(const String& errorMessage, int lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack> callStack)
+void ScriptExecutionContext::reportException(const String& errorMessage, int lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack> callStack, CachedScript* cachedScript)
{
if (m_inDispatchErrorEvent) {
if (!m_pendingExceptions)
@@ -306,7 +307,7 @@
}
// First report the original exception and only then all the nested ones.
- if (!dispatchErrorEvent(errorMessage, lineNumber, sourceURL))
+ if (!dispatchErrorEvent(errorMessage, lineNumber, sourceURL, cachedScript))
logExceptionToConsole(errorMessage, sourceURL, lineNumber, callStack);
if (!m_pendingExceptions)
@@ -330,7 +331,7 @@
}
-bool ScriptExecutionContext::dispatchErrorEvent(const String& errorMessage, int lineNumber, const String& sourceURL)
+bool ScriptExecutionContext::dispatchErrorEvent(const String& errorMessage, int lineNumber, const String& sourceURL, CachedScript* cachedScript)
{
EventTarget* target = errorEventTarget();
if (!target)
@@ -339,7 +340,7 @@
String message = errorMessage;
int line = lineNumber;
String sourceName = sourceURL;
- sanitizeScriptError(message, line, sourceName);
+ sanitizeScriptError(message, line, sourceName, cachedScript);
ASSERT(!m_inDispatchErrorEvent);
m_inDispatchErrorEvent = true;
Modified: trunk/Source/WebCore/dom/ScriptExecutionContext.h (135008 => 135009)
--- trunk/Source/WebCore/dom/ScriptExecutionContext.h 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/dom/ScriptExecutionContext.h 2012-11-16 23:30:31 UTC (rev 135009)
@@ -49,6 +49,7 @@
namespace WebCore {
+class CachedScript;
class DOMTimer;
class EventListener;
class EventQueue;
@@ -81,8 +82,8 @@
virtual void disableEval(const String& errorMessage) = 0;
- bool sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL);
- void reportException(const String& errorMessage, int lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack>);
+ bool sanitizeScriptError(String& errorMessage, int& lineNumber, String& sourceURL, CachedScript* = 0);
+ void reportException(const String& errorMessage, int lineNumber, const String& sourceURL, PassRefPtr<ScriptCallStack>, CachedScript* = 0);
void addConsoleMessage(MessageSource, MessageType, MessageLevel, const String& message, const String& sourceURL = String(), unsigned lineNumber = 0, PassRefPtr<ScriptCallStack> = 0, unsigned long requestIdentifier = 0);
void addConsoleMessage(MessageSource, MessageType, MessageLevel, const String& message, PassRefPtr<ScriptCallStack>, unsigned long requestIdentifier = 0);
@@ -192,7 +193,7 @@
virtual void addMessage(MessageSource, MessageType, MessageLevel, const String& message, const String& sourceURL, unsigned lineNumber, PassRefPtr<ScriptCallStack>, unsigned long requestIdentifier = 0) = 0;
virtual EventTarget* errorEventTarget() = 0;
virtual void logExceptionToConsole(const String& errorMessage, const String& sourceURL, int lineNumber, PassRefPtr<ScriptCallStack>) = 0;
- bool dispatchErrorEvent(const String& errorMessage, int lineNumber, const String& sourceURL);
+ bool dispatchErrorEvent(const String& errorMessage, int lineNumber, const String& sourceURL, CachedScript*);
void closeMessagePorts();
Modified: trunk/Source/WebCore/html/parser/HTMLPreloadScanner.cpp (135008 => 135009)
--- trunk/Source/WebCore/html/parser/HTMLPreloadScanner.cpp 2012-11-16 23:05:33 UTC (rev 135008)
+++ trunk/Source/WebCore/html/parser/HTMLPreloadScanner.cpp 2012-11-16 23:30:31 UTC (rev 135009)
@@ -74,6 +74,8 @@
if (m_tagName == scriptTag || m_tagName == imgTag) {
if (attributeName == srcAttr)
setUrlToLoad(attributeValue);
+ else if (attributeName == crossoriginAttr && !attributeValue.isNull())
+ m_crossOriginMode = stripLeadingAndTrailingHTMLSpaces(attributeValue);
} else if (m_tagName == linkTag) {
if (attributeName == hrefAttr)
setUrlToLoad(attributeValue);
@@ -129,8 +131,10 @@
CachedResourceLoader* cachedResourceLoader = document->cachedResourceLoader();
CachedResourceRequest request(ResourceRequest(document->completeURL(m_urlToLoad, baseURL)));
request.setInitiator(tagName(), document);
- if (m_tagName == scriptTag)
+ if (m_tagName == scriptTag) {
+ request.mutableResourceRequest().setAllowCookies(crossOriginModeAllowsCookies());
cachedResourceLoader->preload(CachedResource::Script, request, m_charset, scanningBody);
+ }
else if (m_tagName == imgTag || (m_tagName == inputTag && m_inputIsImage))
cachedResourceLoader->preload(CachedResource::ImageResource, request, String(), scanningBody);
else if (m_tagName == linkTag && m_linkIsStyleSheet && m_linkMediaAttributeIsScreen)
@@ -141,10 +145,17 @@
const String& baseElementHref() const { return m_baseElementHref; }
private:
+
+ bool crossOriginModeAllowsCookies()
+ {
+ return m_crossOriginMode.isNull() || equalIgnoringCase(m_crossOriginMode, "use-credentials");
+ }
+
AtomicString m_tagName;
String m_urlToLoad;
String m_charset;
String m_baseElementHref;
+ String m_crossOriginMode;
bool m_linkIsStyleSheet;
bool m_linkMediaAttributeIsScreen;
bool m_inputIsImage;
