[Webkit-unassigned] [Bug 130578] New: crossorigin element resource loading should check HTTP redirection
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 21 04:19:38 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=130578
Summary: crossorigin element resource loading should check HTTP
redirection
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: HTML DOM
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: youennf at gmail.com
Created an attachment (id=227412)
--> (https://bugs.webkit.org/attachment.cgi?id=227412&action=review)
Loading of crossorigin <img> with cross-origin redirection
When loading resources from HTML elements with the crossorigin attribute set, any redirection response should be checked according cross-origin access control rules (as defined in http://www.w3.org/TR/cors/#redirect-steps).
Currently, a check is only done for the final response.
No check seems to be done for intermediary redirection (see test in attachment).
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list