Closed
Bug 1199693
Opened 9 years ago
Closed 9 years ago
Test CORS preflight interception with and without an internal redirect
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla43
Tracking | Status | |
---|---|---|
firefox43 | --- | fixed |
People
(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)
References
Details
Attachments
(1 file)
3.21 KB,
patch
|
jdm
:
review+
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Comment 1•9 years ago
|
||
Attachment #8654171 -
Flags: review?(josh)
Comment 2•9 years ago
|
||
Comment on attachment 8654171 [details] [diff] [review] Test CORS preflight interception with and without an internal redirect Review of attachment 8654171 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/workers/test/serviceworkers/fetch/fetch_tests.js @@ +148,5 @@ > my_ok(xhr.getResponseHeader("access-control-allow-origin") == null, "cors headers should be filtered out"); > finish(); > }); > > +// Test that CORS preflight requests cannot be intercepteda. intercepted @@ +149,5 @@ > finish(); > }); > > +// Test that CORS preflight requests cannot be intercepteda. > +// This test happens with an internal redirect because the SW doesn't call respondWith. I don't understand what this means, so let's be more explicit: Performs a cross-origin XHR that the SW chooses not to intercept. This requires a preflight request, which the SW must not be allowed to intercept. @@ +155,5 @@ > my_ok(xhr.status == 0, "cross origin load with incorrect headers should be a failure"); > finish(); > }, [["X-Unsafe", "unsafe"]]); > > +// Test that CORS preflight requests cannot be intercepteda. intercepted @@ +156,5 @@ > finish(); > }, [["X-Unsafe", "unsafe"]]); > > +// Test that CORS preflight requests cannot be intercepteda. > +// This test happens without an internal redirect because the SW does call respondWith. Same confusion. More explicitly: Performs a cross-origin XHR that the SW chooses to intercept and respond with a cross-origin fetch. This requires a preflight request, which the SW must not be allowed to intercept.
Attachment #8654171 -
Flags: review?(josh) → review+
Comment 4•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7ba08e5e0857
Assignee: nobody → ehsan
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox43:
--- → fixed
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•