[Webkit-unassigned] [Bug 130578] New: crossorigin element resource loading should check HTTP redirection

Fri Mar 21 04:19:38 PDT 2014

https://bugs.webkit.org/show_bug.cgi?id=130578

           Summary: crossorigin element resource loading should check HTTP
                    redirection
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: HTML DOM
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: youennf at gmail.com

Created an attachment (id=227412)
 --> (https://bugs.webkit.org/attachment.cgi?id=227412&action=review)
Loading of crossorigin <img> with cross-origin redirection

When loading resources from HTML elements with the crossorigin attribute set, any redirection response should be checked according cross-origin access control rules (as defined in http://www.w3.org/TR/cors/#redirect-steps).
Currently, a check is only done for the final response.
No check seems to be done for intermediary redirection (see test in attachment).

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.