[Webkit-unassigned] [Bug 89185] AssociatedURLLoader should allow trusted clients to read all headers, not just exposed ones
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jun 15 07:21:25 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=89185
--- Comment #5 from Bill Budge <bbudge at gmail.com> 2012-06-15 07:21:24 PST ---
Adam, this new WebURLLoaderOption field completely turns off response header filtering. Therefore this would expose "set-cookie" headers to the client. I'm assuming this is OK since it's trusted.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list