Make Content-Type CORS request check stronger #29701

chromium-wpt-export-bot · 2021-07-19T08:38:04Z

If a Content-Type request header contains multiple comma separated
value, this change makes sure to check that all of them are safelisted
and otherwise triggers a CORS preflight.

Bug: 1155640
Change-Id: I75f5d1e4a51b876caea102de5c26afb5bfa090d1
Reviewed-on: https://chromium-review.googlesource.com/3031304
WPT-Export-Revision: bd4190b49ef22b1f1195a76d440f323490b68704

wpt-pr-bot

The review process for this patch is being conducted in the Chromium project.

If a Content-Type request header contains multiple comma separated value, this change makes sure to check that all of them are safelisted and otherwise triggers a CORS preflight. Bug: 1155640 Change-Id: I75f5d1e4a51b876caea102de5c26afb5bfa090d1

chromium-wpt-export-bot added chromium-export do not merge yet labels Jul 19, 2021

wpt-pr-bot added the fetch label Jul 19, 2021

wpt-pr-bot approved these changes Jul 19, 2021

View reviewed changes

chromium-wpt-export-bot force-pushed the chromium-export-cl-3031304 branch from 9ae09f0 to 7b4c137 Compare January 8, 2022 03:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Make Content-Type CORS request check stronger #29701

Make Content-Type CORS request check stronger #29701

Uh oh!

chromium-wpt-export-bot commented Jul 19, 2021

Uh oh!

wpt-pr-bot left a comment

Uh oh!

Uh oh!

Make Content-Type CORS request check stronger #29701

Are you sure you want to change the base?

Make Content-Type CORS request check stronger #29701

Uh oh!

Conversation

chromium-wpt-export-bot commented Jul 19, 2021

Uh oh!

wpt-pr-bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!