Double key image cache by requesting origin, and store CORS status with cached images.

components/net_traits/image_cache.rs

@@ -5,7 +5,7 @@
 use crate::image::base::{Image, ImageMetadata};
 use crate::FetchResponseMsg;
 use ipc_channel::ipc::IpcSender;
-use servo_url::ServoUrl;
+use servo_url::{ImmutableOrigin, ServoUrl};
 use std::sync::Arc;
 
 // ======================================================================
@@ -110,6 +110,7 @@ pub trait ImageCache: Sync + Send {
     fn find_image_or_metadata(
         &self,
         url: ServoUrl,
+        origin: ImmutableOrigin,
         use_placeholder: UsePlaceholder,
         can_request: CanRequestImages,
     ) -> Result<ImageOrMetadataAvailable, ImageState>;
@@ -121,3 +122,14 @@ pub trait ImageCache: Sync + Send {
     /// Inform the image cache about a response for a pending request.
     fn notify_pending_response(&self, id: PendingImageId, action: FetchResponseMsg);
 }
+
+/// Whether this response passed any CORS checks, and is thus safe to read from
+/// in cross-origin environments.
+#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
+pub enum CorsStatus {
+    /// The response is either same-origin or cross-origin but passed CORS checks.
+    Safe,
+    /// The response is cross-origin and did not pass CORS checks. It is unsafe
+    /// to expose pixel data to the requesting environment.
+    Unsafe,
+}