gistfile1.diff

diff --git a/Source/WebKit/chromium/src/AssociatedURLLoader.cpp b/Source/WebKit/chromium/src/AssociatedURLLoader.cpp
index f1c2aab..e466f4d 100644
--- a/Source/WebKit/chromium/src/AssociatedURLLoader.cpp
+++ b/Source/WebKit/chromium/src/AssociatedURLLoader.cpp
@@ -32,6 +32,7 @@
 #include "AssociatedURLLoader.h"
 
 #include "CrossOriginAccessControl.h"
+#include "Document.h"
 #include "DocumentThreadableLoader.h"
 #include "DocumentThreadableLoaderClient.h"
 #include "HTTPValidation.h"
@@ -346,8 +347,10 @@ void AssociatedURLLoader::loadAsynchronously(const WebURLRequest& request, WebUR
         options.crossOriginRequestPolicy = static_cast<WebCore::CrossOriginRequestPolicy>(m_options.crossOriginRequestPolicy);
         options.shouldBufferData = DoNotBufferData;
 
-        const ResourceRequest& webcoreRequest = newRequest.toResourceRequest();
+        ResourceRequest& webcoreRequest = newRequest.toMutableResourceRequest();
         Document* webcoreDocument = m_frameImpl->frame()->document();
+        if (options.crossOriginRequestPolicy == WebCore::UseAccessControl)
+            updateRequestForAccessControl(webcoreRequest, webcoreDocument->securityOrigin(), options.allowCredentials);
         m_loader = DocumentThreadableLoader::create(webcoreDocument, m_clientAdapter.get(), webcoreRequest, options);
     } else {
         // FIXME: return meaningful error codes.