[Webkit-unassigned] [Bug 219995] [GTK][WPE] Expose setCORSDisablingPatterns
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 18 14:18:44 PST 2021
https://bugs.webkit.org/show_bug.cgi?id=219995
--- Comment #15 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Comment on attachment 416521
--> https://bugs.webkit.org/attachment.cgi?id=416521
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=416521&action=review
> Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp:4725
> + * Sets @allow_list for which CORS (Cross-Origin Resource Sharing) checks are disabled in @web_view.
> + * Passing a %NULL as @allow_list implies that no URIs are disabled for CORS checks.
> + * URI patterns must be of the form `[protocol]://[host]/[path]`, where the
> + * *host* and *path* components can contain the wildcard character (`*`) to
> + * represent zero or more other characters.
We should clarify that requests *to* resources that match the allowed patterns bypass CORS, not requests *from* resources that match the allowed patterns. Otherwise, it's not clear which. :)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210118/249457ad/attachment.htm>
More information about the webkit-unassigned
mailing list