Mark YouTube safe search header as CORS exempt.

Bug: 1085309 Change-Id: Idb58fa6e32de68c4b92760fcc8ca6298be0212f7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2216853 Auto-Submit: John Abd-El-Malek <jam@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Cr-Commit-Position: refs/heads/master@{#772585}
qweri0p · May 28, 2020 · c0956ed · c0956ed
1 parent 4094adf
commit c0956ed
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/chrome/common/google_url_loader_throttle.cc b/chrome/common/google_url_loader_throttle.cc
@@ -30,6 +30,8 @@ void GoogleURLLoaderThrottle::UpdateCorsExemptHeader(
     network::mojom::NetworkContextParams* params) {
   params->cors_exempt_header_list.push_back(
       safe_search_util::kGoogleAppsAllowedDomains);
+  params->cors_exempt_header_list.push_back(
+      safe_search_util::kYouTubeRestrictHeaderName);
 #if defined(OS_ANDROID)
   params->cors_exempt_header_list.push_back(kCCTClientDataHeader);
 #endif
@@ -70,7 +72,7 @@ void GoogleURLLoaderThrottle::WillStartRequest(
       dynamic_params_.youtube_restrict <
           safe_search_util::YOUTUBE_RESTRICT_COUNT) {
     safe_search_util::ForceYouTubeRestrict(
-        request->url, &request->headers,
+        request->url, &request->cors_exempt_headers,
         static_cast<safe_search_util::YouTubeRestrictMode>(
             dynamic_params_.youtube_restrict));
   }
@@ -125,7 +127,7 @@ void GoogleURLLoaderThrottle::WillRedirectRequest(
       dynamic_params_.youtube_restrict <
           safe_search_util::YOUTUBE_RESTRICT_COUNT) {
     safe_search_util::ForceYouTubeRestrict(
-        redirect_info->new_url, modified_headers,
+        redirect_info->new_url, modified_cors_exempt_headers,
         static_cast<safe_search_util::YouTubeRestrictMode>(
             dynamic_params_.youtube_restrict));
   }