From 5adff930548eac51ed51296d09c6a934ddc573a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iver=20Sm=C3=A5ge=20men=20b=C3=A6rbar?=
 <iversmage@gmail.com>
Date: Mon, 15 May 2023 18:21:08 +0200
Subject: [PATCH 1/2] add response tainting to request builder

---
 components/net_traits/request.rs | 10 +++++++++-
 components/script/fetch.rs       |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/components/net_traits/request.rs b/components/net_traits/request.rs
index 443f4c57dab..c1852e48843 100644
--- a/components/net_traits/request.rs
+++ b/components/net_traits/request.rs
@@ -93,7 +93,7 @@ pub enum RedirectMode {
 }
 
 /// [Response tainting](https://fetch.spec.whatwg.org/#concept-request-response-tainting)
-#[derive(Clone, Copy, MallocSizeOf, PartialEq)]
+#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
 pub enum ResponseTainting {
     Basic,
     CorsTainting,
@@ -253,6 +253,7 @@ pub struct RequestBuilder {
     pub parser_metadata: ParserMetadata,
     pub initiator: Initiator,
     pub https_state: HttpsState,
+    pub response_tainting: ResponseTainting,
 }
 
 impl RequestBuilder {
@@ -282,6 +283,7 @@ impl RequestBuilder {
             initiator: Initiator::None,
             csp_list: None,
             https_state: HttpsState::None,
+            response_tainting: ResponseTainting::Basic,
         }
     }
 
@@ -375,6 +377,11 @@ impl RequestBuilder {
         self
     }
 
+    pub fn response_tainting(mut self, response_tainting: ResponseTainting) -> RequestBuilder {
+        self.response_tainting = response_tainting;
+        self
+    }
+
     pub fn build(self) -> Request {
         let mut request = Request::new(
             self.url.clone(),
@@ -407,6 +414,7 @@ impl RequestBuilder {
         request.integrity_metadata = self.integrity_metadata;
         request.parser_metadata = self.parser_metadata;
         request.csp_list = self.csp_list;
+        request.response_tainting = self.response_tainting;
         request
     }
 }
diff --git a/components/script/fetch.rs b/components/script/fetch.rs
index 9aaeb204245..4889d6f138c 100644
--- a/components/script/fetch.rs
+++ b/components/script/fetch.rs
@@ -127,6 +127,7 @@ fn request_init_from_request(request: NetTraitsRequest) -> RequestBuilder {
         initiator: request.initiator,
         csp_list: None,
         https_state: request.https_state,
+        response_tainting: request.response_tainting,
     }
 }
 

From ed239931bb476af4fac5b8649ca2ef40ca1bc0eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iver=20Sm=C3=A5ge=20men=20b=C3=A6rbar?=
 <iversmage@gmail.com>
Date: Mon, 15 May 2023 18:21:44 +0200
Subject: [PATCH 2/2] use response tainting::cors in cors preflight

---
 components/net/http_loader.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs
index 595fb3c124d..f79f67ce1d9 100644
--- a/components/net/http_loader.rs
+++ b/components/net/http_loader.rs
@@ -1978,6 +1978,7 @@ async fn cors_preflight_fetch(
         .destination(request.destination.clone())
         .referrer_policy(request.referrer_policy)
         .mode(RequestMode::CorsMode)
+        .response_tainting(ResponseTainting::CorsTainting)
         .build();
 
     // Step 2