[Webkit-unassigned] [Bug 50773] CORS origin header not set on GET when content type request header is set
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 4 12:09:22 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=50773
--- Comment #18 from Martin Galpin <martin at 66laps.com> 2011-02-04 12:09:22 PST ---
Thanks for the comments. An amended patch will follow shortly.
> Now that I look at DocumentThreadableLoader with this header in mind, it looks like every time that loadRequest is called the origin should be set "if (!m_sameOriginRequest)", but that introduces other wierdness.
Yes, I found the same "weirdness". This patch seems to be the least disruptive option in the short term.
> Why don't we get it automatically added by FrameLoader::addHTTPOriginIfNeeded(), for example?
> That method does not understand CORS.
Correct - FrameLoader::addHTTPOriginIfNeeded does not set "Origin" for a GET request (irrespective of whether it is CORS). Therefore we need to bring a preflighted request inline with a one which is simple [line 115].
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list