DescriptionBlock all scripts from setting unsafe headers in XMLHttpRequest.
Previously, privileged scripts (file:// URLs) could set all headers. This patch blocks all scripts from setting any unsafe headers.
BUG=196071
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=149364
Patch Set 1 #Patch Set 2 : Fix line width. #
Total comments: 8
Patch Set 3 : Block all scripts from setting unsafe headers. #Patch Set 4 : Fix the header. #
Messages
Total messages: 14 (0 generated)
|