Closed
Bug 462802
Opened 16 years ago
Closed 16 years ago
Highly suspect origin code in nsCrossSiteListenerProxy.cpp
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla1.9.1
People
(Reporter: bzbarsky, Assigned: sicking)
References
Details
(Keywords: fixed1.9.1)
It looks like this code was added in bug 389508.
The two issues, from my point of view:
1) It doesn't use the innermost URI from the principal. Should it?
2) It never sends "null" as the Origin; instead it kills off the load if the
origin is something without a host. This doesn't seem to be the code's
intent.
It seems to me that we should factor out the principal -> origin conversion out somewhere and make it correct; there are various abortive attempts at this code in the "origin header on POST" bug as well...
Requesting blocking, since it looks to me like we tried to align ourselves with the access-control spec here and sorta failed.
Flags: blocking1.9.1?
|
||
Updated•16 years ago
|
Flags: blocking1.9.1? → blocking1.9.1+
Priority: -- → P2
|
|
||
Updated•16 years ago
|
Assignee: nobody → jonas
|
|
||
Updated•16 years ago
|
Target Milestone: --- → mozilla1.9.1
|
Assignee | |
Comment 2•16 years ago
|
||
Bug 464954 that is :)
|
Reporter | |
Comment 3•16 years ago
|
||
Yeah. I added it to the dep list! ;)
|
|
Assignee | |
Comment 4•16 years ago
|
||
This was fixed by patch in bug 464954
Status: NEW → RESOLVED
Closed: 16 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
|
|
Reporter | |
Comment 5•16 years ago
|
||
Reopening, since that patch got backed out.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Assignee | |
Comment 6•16 years ago
|
||
Hopefully bug 464954 should be in for good now.
Status: REOPENED → RESOLVED
Closed: 16 years ago → 16 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Updated•16 years ago
|
Keywords: fixed1.9.1
|
||
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•