[Webkit-unassigned] [Bug 229034] New: [GTK] Origin is empty when sending fetch/XHR request to servers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 12 04:39:08 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=229034
Bug ID: 229034
Summary: [GTK] Origin is empty when sending fetch/XHR request
to servers
Product: WebKit
Version: Other
Hardware: PC
OS: Linux
Status: NEW
Keywords: Gtk
Severity: Normal
Priority: P3
Component: WebKitGTK
Assignee: webkit-unassigned at lists.webkit.org
Reporter: wusyong9104 at gmail.com
CC: bugs-noreply at webkitgtk.org
I got a weird CORS behavior that if I register a URI scheme, gtk:// for example. If the page is loaded with that URI scheme, and then using fetch or XHR inside that webview to any server that enables CORS, it will got the following errors.
> [Error] Origin is not allowed by Access-Control-Allow-Origin.
> [Error] Fetch API cannot load http://mockbin.org/bin/123fj399fiv due to access control checks.
> [Error] Failed to load resource: Origin is not allowed by Access-Control-Allow-Origin.
The origin seems to be empty, not even null. But if I checked in the devtools, the origin will be there (gtk://localhost for example)
Setting Access-Control-Allow-Origin: * will pass, but any others won't(gtk://, gtk://*, gtk://localhost... etc).
Functions webkit_security_manager_register_uri_scheme_as_cors_enabled(security_manager, "gtk") didn't work either.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210812/1cce770d/attachment.htm>
More information about the webkit-unassigned
mailing list