Open
Bug 1945565
Opened 11 days ago
Updated 8 days ago
Update FedCM network requests to use the correct CORS parameters
Categories
(Core :: DOM: Credential Management, defect, P3)
Core
DOM: Credential Management
Tracking
()
ASSIGNED
People
(Reporter: bvandersloot, Assigned: bvandersloot)
References
(Blocks 1 open bug)
Details
Attachments
(2 files)
We don't send the right Origin headers on the account and token endpoints. We probably have to use an nsIChannel directly to do this.
Assignee | ||
Updated•11 days ago
|
Priority: -- → P3
Assignee | ||
Comment 1•8 days ago
|
||
This updates RequestInit's ChromeOnly behavior:
- fixes up triggeringPrincipalOverride
- adds neverTaint
This adds Content-type: web-identity to ORB's allowlist.
Assignee | ||
Comment 2•8 days ago
|
||
Doing this in a Javascript module is easier, so let's move it there.
I didn't include the Metadata endpoint because I'm going to remove that
anyway.
Depends on D237043
Updated•8 days ago
|
Assignee: nobody → bvandersloot
Attachment #9464373 -
Attachment description: WIP: Bug 1945565 - Add ChromeOnly features to Fetch to allow FedCM to work WIP → Bug 1945565 - Add ChromeOnly features to Fetch to allow FedCM to work - r=valentin!
Status: NEW → ASSIGNED
Updated•8 days ago
|
Attachment #9464374 -
Attachment description: WIP: Bug 1945565 - Update FedCM network requests to use the correct CORS parameters - WIP → Bug 1945565 - Update FedCM network requests to use the correct CORS parameters - r=emz!
You need to log in
before you can comment on or make changes to this bug.
Description
•