Fetch: content-length header is being added to the safe-list

NEW
Unassigned

Status

()

defect
P2
normal
a year ago
2 months ago

People

(Reporter: shacharz, Unassigned)

Tracking

(Blocks 1 bug)

59 Branch
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Reporter

Description

a year ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36

Steps to reproduce:

1. create a CORS fetch request to a url that has content-length in its response and doesn't add content-length to access-control-expose-headers
2.  content-length should be accessible in the response's headers


Actual results:

content-length is not exposed



Expected results:

When doing a CORS fetch request if content-length exists in the http response it should be exposed on the response headers even if it's not added to the access-control-expose-headers.


The spec is under change:
https://github.com/whatwg/fetch/pull/626
https://github.com/w3c/web-platform-tests/pull/10930
Component: Untriaged → DOM
Product: Firefox → Core
Priority: -- → P2
Component: DOM → DOM: Core & HTML
Product: Core → Core
You need to log in before you can comment on or make changes to this bug.