<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - Errors in CORS scripts are oversanitized"
href="https://bugs.webkit.org/show_bug.cgi?id=151548#c2">Comment # 2</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - Errors in CORS scripts are oversanitized"
href="https://bugs.webkit.org/show_bug.cgi?id=151548">bug 151548</a>
from <span class="vcard"><a class="email" href="mailto:youennf@gmail.com" title="youenn fablet <youennf@gmail.com>"> <span class="fn">youenn fablet</span></a>
</span></b>
<pre>The issue does not seem to be related with CORS checks per se but more on how we keep/retriev that information around.
The main script element is inline so there is no CachedScript and
The cachedScript passed to ScriptExecutionContext::sanitizeScriptError is the top-level script which is inline, so it is null.
We rely solely on the source URL, which is the one of the cross-origin subresource, hence the issue.
I am not sure of the best way to retrieve the related CachedScript here.
Or even if that should be done that way.
Any insight?</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>