[Webkit-unassigned] [Bug 6212] New: Investigate disallowing some XMLHttpRequest headers from being set via setRequestHeader
bugzilla-daemon at opendarwin.org
bugzilla-daemon at opendarwin.org
Thu Dec 22 23:12:19 PST 2005
http://bugzilla.opendarwin.org/show_bug.cgi?id=6212
Summary: Investigate disallowing some XMLHttpRequest headers from
being set via setRequestHeader
Product: WebKit
Version: 412+
Platform: Macintosh
OS/Version: Mac OS X 10.4
Status: NEW
Severity: normal
Priority: P1
Component: WebKit Misc.
AssignedTo: webkit-unassigned at opendarwin.org
ReportedBy: ap at nypop.com
Firefox blocks setting some XMLHttpRequest headers for security reasons. All or most of these are
already overridden by the network layer in WebKit, but that needs to be verified, and the checks should
probably be added to the cross-platform layer. See:
http://whatwg.org/specs/web-apps/current-work/#setrequestheader
https://bugzilla.mozilla.org/show_bug.cgi?id=302809
https://bugzilla.mozilla.org/show_bug.cgi?id=302263
https://bugzilla.mozilla.org/show_bug.cgi?id=308484
--
Configure bugmail: http://bugzilla.opendarwin.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list