[Webkit-unassigned] [Bug 230492] New: css font face rule is not sending a CORS request for fonts
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Sep 20 11:41:12 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=230492
Bug ID: 230492
Summary: css font face rule is not sending a CORS request for
fonts
Product: WebKit
Version: Safari 14
Hardware: Mac (Intel)
OS: macOS 11
Status: NEW
Severity: Minor
Priority: P2
Component: CSS
Assignee: webkit-unassigned at lists.webkit.org
Reporter: gaurav5430 at gmail.com
i am preloading fonts (as well as specifying them in CSS). the first time that the application loads, safari makes a preload request, sending the correct CORS headers (origin header), and amazon S3 responds with the correct CORS headers. the request gets fulfilled and safari caches the response
I also see another request from css font face, which is without the Origin header. S3 responds with the file without the correct CORS headers in this case (doesn't send access-control-allow-origin).
Safari now caches the response of this CSS font face request which does not have the Cors headers, and when I refresh the app, it tries to reuse that from cache in the preload request.
There are multiple issues here, all of which might not be valid:
- why is safari making another request from css for the font if it has already been preloaded?
- why is safari making the request from css without the Origin header?
- why is safari using the cached response from the css font face in the preload request (this is probably because of no vary header on the response, and same etag)
- if used without preload and only in css font face, the font request does not show up in the network pane after it gets cached the first time. even if it is cached, I would expect it show up in the network calls
This works fine on chrome / firefox
while I try to figure out the other issues, I would just like to raise the issue with font face not treating the font request as cross origin, although it should ?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210920/768eaedc/attachment.htm>
More information about the webkit-unassigned
mailing list