[Webkit-unassigned] [Bug 66909] XMLHttpRequest method/header validation is not available for other untrusted HTTP requests.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 24 22:22:26 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66909
--- Comment #4 from Bill Budge <bbudge at gmail.com> 2011-08-24 22:22:25 PST ---
The reason for this is to implement untrusted HTTP requests in Chromium's Pepper API (PPAPI). We're trying to provide the same restricted URL requests to untrusted code as in Javascript. These methods will be used in an upcoming patch to Source/Webkit/chromium/src/AssociatedURLLoader. We're adding a new 'untrustedHttp' field to WebURLLoaderOptions, which will cause AssociatedURLLoader to check the method and headers in exactly the same way as XMLHttpRequest.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list