<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[204224] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/204224">204224</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2016-08-06 01:50:13 -0700 (Sat, 06 Aug 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>[Fetch API] Fetch API should strip fragment and credentials from URLs used as referrer
https://bugs.webkit.org/show_bug.cgi?id=160593
Patch by Youenn Fablet <youenn@apple.com> on 2016-08-06
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
* web-platform-tests/fetch/api/basic/referrer-expected.txt:
* web-platform-tests/fetch/api/basic/referrer-worker-expected.txt:
* web-platform-tests/fetch/api/basic/referrer.js:
(runTest): Adding more tests.
One test is failing as the redirection from same-origin to cross-origin is stripping the referer header.
But none is added afterwards. Hence cross-origin redirected request is sent without any referer header.
* web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt: Rebasing according redirect.py script changes.
* web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt: Ditto.
* web-platform-tests/fetch/api/resources/redirect.py:
(main): Fixing rediret.py script.
Source/WebCore:
Covered by updated tests.
Stripping of referrer value before sending a load request.
Fixing bug in workers as referrer value was overwritten by WorkerThreadableLoader.
The current handling of referrer values as HTTP header is not great as this may trigger unnecessary preflighting.
Refactoring should allow passing it as a separate parameter and setting it after preflighting as per
https://fetch.spec.whatwg.org/#http-network-or-cache-fetch.
Also a newly added test is failing, as SubresourceLoader is removing the referer header in case of a cross-origin redirection.
But none is added back.
* Modules/fetch/FetchRequest.cpp:
(WebCore::FetchRequest::internalRequest): Stripping referrer value.
* loader/WorkerThreadableLoader.cpp:
(WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Do not override referrer value if one is defined.
* page/SecurityPolicy.cpp:
(WebCore::SecurityPolicy::generateReferrerHeader): Adding assertion to ensure referrer value does not contain
credentials and/or fragment identifiers.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsimportedw3cChangeLog">trunk/LayoutTests/imported/w3c/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerexpectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerworkerexpectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerjs">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapicorscorsredirectcredentialsexpectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapicorscorsredirectcredentialsworkerexpectedtxt">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt</a></li>
<li><a href="#trunkLayoutTestsimportedw3cwebplatformtestsfetchapiresourcesredirectpy">trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreModulesfetchFetchRequestcpp">trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp</a></li>
<li><a href="#trunkSourceWebCoreloaderWorkerThreadableLoadercpp">trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp</a></li>
<li><a href="#trunkSourceWebCorepageSecurityPolicycpp">trunk/Source/WebCore/page/SecurityPolicy.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsimportedw3cChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/ChangeLog (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,3 +1,21 @@
</span><ins>+2016-08-06 Youenn Fablet <youenn@apple.com>
+
+ [Fetch API] Fetch API should strip fragment and credentials from URLs used as referrer
+ https://bugs.webkit.org/show_bug.cgi?id=160593
+
+ Reviewed by Alex Christensen.
+
+ * web-platform-tests/fetch/api/basic/referrer-expected.txt:
+ * web-platform-tests/fetch/api/basic/referrer-worker-expected.txt:
+ * web-platform-tests/fetch/api/basic/referrer.js:
+ (runTest): Adding more tests.
+ One test is failing as the redirection from same-origin to cross-origin is stripping the referer header.
+ But none is added afterwards. Hence cross-origin redirected request is sent without any referer header.
+ * web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt: Rebasing according redirect.py script changes.
+ * web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt: Ditto.
+ * web-platform-tests/fetch/api/resources/redirect.py:
+ (main): Fixing rediret.py script.
+
</ins><span class="cx"> 2016-08-05 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><span class="cx"> DOMException should be constructible
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,4 +1,8 @@
</span><span class="cx">
</span><span class="cx"> PASS origin-when-cross-origin policy on a same-origin URL
</span><span class="cx"> PASS origin-when-cross-origin policy on a cross-origin URL
</span><ins>+FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null
+PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection
+PASS Referrer with credentials should be stripped
+PASS Referrer with fragment ID should be stripped
</ins><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerworkerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,4 +1,8 @@
</span><span class="cx">
</span><span class="cx"> PASS origin-when-cross-origin policy on a same-origin URL
</span><span class="cx"> PASS origin-when-cross-origin policy on a cross-origin URL
</span><ins>+FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null
+PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection
+PASS Referrer with credentials should be stripped
+PASS Referrer with fragment ID should be stripped
</ins><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapibasicreferrerjs"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -6,6 +6,11 @@
</span><span class="cx">
</span><span class="cx"> function runTest(url, init, expectedReferrer, title) {
</span><span class="cx"> promise_test(function(test) {
</span><ins>+ if (url.indexOf('?') !== -1)
+ url += "&headers=referer&cors";
+ else
+ url += "?headers=referer&cors";
+
</ins><span class="cx"> return fetch(url , init).then(function(resp) {
</span><span class="cx"> assert_equals(resp.status, 200, "HTTP status is 200");
</span><span class="cx"> assert_equals(resp.headers.get("x-request-referer"), expectedReferrer, "Request's referrer is correct");
</span><span class="lines">@@ -13,13 +18,21 @@
</span><span class="cx"> }, title);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-var fetchedUrl = RESOURCES_DIR + "inspect-headers.py?headers=referer";
-var corsFetchedUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py?headers=referer&cors";
</del><ins>+var fetchedUrl = RESOURCES_DIR + "inspect-headers.py";
+var corsFetchedUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py";
</ins><span class="cx"> var redirectUrl = RESOURCES_DIR + "redirect.py?location=" ;
</span><span class="cx"> var corsRedirectUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "redirect.py?location=";
</span><span class="cx">
</span><span class="cx"> runTest(fetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, location.toString(), "origin-when-cross-origin policy on a same-origin URL");
</span><span class="cx"> runTest(corsFetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a cross-origin URL");
</span><ins>+runTest(redirectUrl + corsFetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a cross-origin URL after same-origin redirection");
+runTest(corsRedirectUrl + fetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a same-origin URL after cross-origin redirection");
</ins><span class="cx">
</span><ins>+
+var referrerUrlWithCredentials = get_host_info().HTTP_ORIGIN.replace("http://", "http://username:password@");
+runTest(fetchedUrl, {referrer: referrerUrlWithCredentials}, get_host_info().HTTP_ORIGIN + "/", "Referrer with credentials should be stripped");
+var referrerUrlWithFragmentIdentifier = get_host_info().HTTP_ORIGIN + "#fragmentIdentifier";
+runTest(fetchedUrl, {referrer: referrerUrlWithFragmentIdentifier}, get_host_info().HTTP_ORIGIN + "/", "Referrer with fragment ID should be stripped");
+
</ins><span class="cx"> done();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapicorscorsredirectcredentialsexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,48 +1,48 @@
</span><del>-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
</del><ins>+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
</ins><span class="cx">
</span><span class="cx"> PASS Redirect 301 from same origin to remote with user and password
</span><span class="cx"> PASS Redirect 301 from same origin to remote with user
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapicorscorsredirectcredentialsworkerexpectedtxt"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,48 +1,48 @@
</span><del>-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
</del><ins>+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
</ins><span class="cx">
</span><span class="cx"> PASS Redirect 301 from same origin to remote with user and password
</span><span class="cx"> PASS Redirect 301 from same origin to remote with user
</span></span></pre></div>
<a id="trunkLayoutTestsimportedw3cwebplatformtestsfetchapiresourcesredirectpy"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -37,7 +37,10 @@
</span><span class="cx"> if scheme == "" or scheme == "http" or scheme == "https":
</span><span class="cx"> url += "&" if '?' in url else "?"
</span><span class="cx"> #keep url parameters in location
</span><del>- url += urlencode(request.GET.items())
</del><ins>+ url_parameters = {}
+ for item in request.GET.items():
+ url_parameters[item[0]] = item[1][0]
+ url += urlencode(url_parameters)
</ins><span class="cx"> #make sure location changes during redirection loop
</span><span class="cx"> url += "&count=" + str(stashed_data['count'])
</span><span class="cx"> headers.append(("Location", url))
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/ChangeLog 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -1,3 +1,30 @@
</span><ins>+2016-08-06 Youenn Fablet <youenn@apple.com>
+
+ [Fetch API] Fetch API should strip fragment and credentials from URLs used as referrer
+ https://bugs.webkit.org/show_bug.cgi?id=160593
+
+ Reviewed by Alex Christensen.
+
+ Covered by updated tests.
+
+ Stripping of referrer value before sending a load request.
+
+ Fixing bug in workers as referrer value was overwritten by WorkerThreadableLoader.
+ The current handling of referrer values as HTTP header is not great as this may trigger unnecessary preflighting.
+ Refactoring should allow passing it as a separate parameter and setting it after preflighting as per
+ https://fetch.spec.whatwg.org/#http-network-or-cache-fetch.
+
+ Also a newly added test is failing, as SubresourceLoader is removing the referer header in case of a cross-origin redirection.
+ But none is added back.
+
+ * Modules/fetch/FetchRequest.cpp:
+ (WebCore::FetchRequest::internalRequest): Stripping referrer value.
+ * loader/WorkerThreadableLoader.cpp:
+ (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Do not override referrer value if one is defined.
+ * page/SecurityPolicy.cpp:
+ (WebCore::SecurityPolicy::generateReferrerHeader): Adding assertion to ensure referrer value does not contain
+ credentials and/or fragment identifiers.
+
</ins><span class="cx"> 2016-08-05 Yusuke Suzuki <utatane.tea@gmail.com>
</span><span class="cx">
</span><span class="cx"> [ES6] Add ScriptElement::determineScriptType
</span></span></pre></div>
<a id="trunkSourceWebCoreModulesfetchFetchRequestcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -297,7 +297,7 @@
</span><span class="cx">
</span><span class="cx"> // FIXME: Support no-referrer and client. Ensure this case-sensitive comparison is ok.
</span><span class="cx"> if (m_internalRequest.referrer != "no-referrer" && m_internalRequest.referrer != "client")
</span><del>- request.setHTTPReferrer(m_internalRequest.referrer);
</del><ins>+ request.setHTTPReferrer(URL(URL(), m_internalRequest.referrer).strippedForUseAsReferrer());
</ins><span class="cx">
</span><span class="cx"> return request;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceWebCoreloaderWorkerThreadableLoadercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -111,7 +111,7 @@
</span><span class="cx"> auto contentSecurityPolicyCopy = std::make_unique<ContentSecurityPolicy>(*securityOrigin);
</span><span class="cx"> contentSecurityPolicyCopy->copyStateFrom(contentSecurityPolicy);
</span><span class="cx">
</span><del>- auto optionsCopy = std::make_unique<LoaderTaskOptions>(options, outgoingReferrer, *securityOrigin);
</del><ins>+ auto optionsCopy = std::make_unique<LoaderTaskOptions>(options, request.httpReferrer().isNull() ? outgoingReferrer : request.httpReferrer(), *securityOrigin);
</ins><span class="cx">
</span><span class="cx"> // Can we benefit from request being an r-value to create more efficiently its isolated copy?
</span><span class="cx"> m_loaderProxy.postTaskToLoader([this, request = request.isolatedCopy(), options = WTFMove(optionsCopy), contentSecurityPolicyCopy = WTFMove(contentSecurityPolicyCopy)](ScriptExecutionContext& context) mutable {
</span></span></pre></div>
<a id="trunkSourceWebCorepageSecurityPolicycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/page/SecurityPolicy.cpp (204223 => 204224)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/page/SecurityPolicy.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/page/SecurityPolicy.cpp 2016-08-06 08:50:13 UTC (rev 204224)
</span><span class="lines">@@ -68,6 +68,8 @@
</span><span class="cx">
</span><span class="cx"> String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, const URL& url, const String& referrer)
</span><span class="cx"> {
</span><ins>+ ASSERT(referrer == URL(URL(), referrer).strippedForUseAsReferrer());
+
</ins><span class="cx"> if (referrer.isEmpty())
</span><span class="cx"> return String();
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>