[Webkit-unassigned] [Bug 103977] Cross Origin XMLHttpRequest can not expose "Location" header even if it is indicated in Access-Control-Expose-Headers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 6 03:34:12 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=103977
--- Comment #3 from florin.botis at gmail.com 2012-12-06 03:36:39 PST ---
Created an attachment (id=177987)
--> (https://bugs.webkit.org/attachment.cgi?id=177987&action=review)
HTML file used for reproducing the issue
I deployed a simple web app on Heroku (http://vast-retreat-1055.herokuapp.com). The response to a HTTP GET response is:
HTTP Status 200
Headers:
Content-Type:text/html
Access-Control-Allow-Origin:*
Access-Control-Expose-Headers:Location,Content-Length,Accept-Ranges
Location:LocationHeaderValue
Accept-Ranges:Accept-RangesHeaderValue
In order to reproduce the bug open the attached corsBug.html in Safari 5.1.7, press "getLocationHeaderCORSCall()" button. 2 alerts will pop up :
1.The value returned by xhr.getResponseHeader("Location")
2.The value returned by xhr.getAllResponseHeaders()
You can check the server response using a HTTP packets sniffer
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list