[Webkit-unassigned] [Bug 88139] The value in Access-Control-Allow-Origin is not being matched correctly for CORS-enabled requests

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 4 15:41:08 PDT 2012


--- Comment #13 from Alexey Proskuryakov <ap at webkit.org>  2012-06-04 15:41:07 PST ---
> The url used for the security origin is lowercased when the SecurityOrigin is created. And then the comparison is case-sensitive with the value of Access-Control-Allow-Origin. The test covers this, but i didn't realize the test is run from, hmm. Any suggestions?

I misread "case sensitive" in bug description. Anyway, not sure how exactly to test, but perhaps localhost vs. LOCALHOST can be used?

>> Hmm. So all tests using this script used to fail in Firefox?
> Yes, it seems like it.

Can you test to confirm?

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list