[Webkit-unassigned] [Bug 50773] CORS origin header not set on GET when content type request header is set
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 4 10:54:14 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=50773
David Levin <levin at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
CC| |levin at chromium.org
Ever Confirmed|0 |1
--- Comment #12 from David Levin <levin at chromium.org> 2011-02-04 10:54:14 PST ---
Nicely done.
Now that I look at DocumentThreadableLoader with this header in mind, it looks like every time that loadRequest is called the origin should be set "if (!m_sameOriginRequest)", but that introduces other wierdness.
At the very least, it should assert that the header is set "if (!m_sameOriginRequest)" However that requires a fix at line 76:
75 if (m_sameOriginRequest || m_options.crossOriginRequestPolicy == AllowCrossOriginRequests) {
76 loadRequest(request, DoSecurityCheck);
And a test which would involve worker import script which is a bit much to ask.
I filed bug 53790 about this.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list