[Webkit-unassigned] [Bug 160028] New: CrossOrigin preflight checker should compute the right Access-Control-Request-Headers value

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jul 21 10:00:53 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=160028

            Bug ID: 160028
           Summary: CrossOrigin preflight checker should compute the right
                    Access-Control-Request-Headers value
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: youennf at gmail.com

As per https://fetch.spec.whatwg.org/#cors-preflight-fetch, computation of this value should be done before Origin header is set.
It should also remove safe request headers from the list and sort the unsafe headers.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160721/eb50ed2f/attachment-0001.html>

More information about the webkit-unassigned mailing list