[Webkit-unassigned] [Bug 50773] New: CORS origin header not set on GET when source is localhost

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Dec 9 11:43:34 PST 2010 

https://bugs.webkit.org/show_bug.cgi?id=50773

           Summary: CORS origin header not set on GET when source is
                    localhost
           Product: WebKit
           Version: 525.x (Safari 3.2)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: XML
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: sky.sanders at gmail.com


This seems to only be an issue when source is localhost
reproduced on latest Chrome and Safari


Here is a POST (origin is set)

POST /RESTWebServices/session HTTP/1.1
Host: ec2-174-129-8-69.compute-1.amazonaws.com
Referer: http://localhost:10042/documentation/samples/ciapijs-newsdetail-steps.sample.aspx
Accept: */*
Accept-Language: en-US
Origin: http://localhost:10042
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8
Accept-Encoding: gzip, deflate
Content-Length: 45
Connection: keep-alive
Connection: keep-alive

{"UserName":"CC735158","Password":"password"}
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 50
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Max-Age: 1728000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 05 Dec 2010 12:48:47 GMT

{"Session":"D2FF3E4D-01EA-4741-86F0-437C919B5559"}


Here is a GET (Origin is missing)

GET /a valid url
Host: ec2-174-129-8-69.compute-1.amazonaws.com
Connection: keep-alive
Referer: http://localhost:10042/documentation/samples/ciapijs-newsdetail-steps.sample.aspx
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.215 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3


HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 1152
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 05 Dec 2010 12:44:25 GMT

{ valid json respose }

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list