[Webkit-unassigned] [Bug 179475] New: [SOUP] Case of request headers depends on global state in libsoup
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Nov 9 05:09:35 PST 2017
https://bugs.webkit.org/show_bug.cgi?id=179475
Bug ID: 179475
Summary: [SOUP] Case of request headers depends on global state
in libsoup
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Gtk
Assignee: webkit-unassigned at lists.webkit.org
Reporter: Ms2ger at igalia.com
CC: bugs-noreply at webkitgtk.org
http://w3c-test.org/fetch/api/basic/request-headers-case.any.html
soup_message_headers_append interns the header name case-insensitively, and always uses the casing it got in the first call. This means that
fetch("..", {headers: [["TEST", 1]] })
fetch("..", {headers: [["test", 1]] })
will the same header name twice. The name might be "TEST", or it might be any other casing which any other web page has used during the runtime of the browser.
This also provides a way of cross-origin communication: if a web page A uses a sufficiently unique header name in a particular casing, another web page B can check if page A was loaded before page B by checking what happens when using the header name in a different casing.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171109/79865f69/attachment.html>
More information about the webkit-unassigned
mailing list