| OLD | NEW |
|---|
| 1 CONSOLE MESSAGE: Refused to set unsafe header "ACCEPT-CHARSET" | 1 CONSOLE MESSAGE: Refused to set unsafe header "ACCEPT-CHARSET" |
| 2 CONSOLE MESSAGE: Refused to set unsafe header "ACCEPT-ENCODING" | 2 CONSOLE MESSAGE: Refused to set unsafe header "ACCEPT-ENCODING" |
| 3 CONSOLE MESSAGE: Refused to set unsafe header "ACCESS-CONTROL-REQUEST-HEADERS" | 3 CONSOLE MESSAGE: Refused to set unsafe header "ACCESS-CONTROL-REQUEST-HEADERS" |
| 4 CONSOLE MESSAGE: Refused to set unsafe header "ACCESS-CONTROL-REQUEST-METHOD" | 4 CONSOLE MESSAGE: Refused to set unsafe header "ACCESS-CONTROL-REQUEST-METHOD" |
| 5 CONSOLE MESSAGE: Refused to set unsafe header "CONNECTION" | 5 CONSOLE MESSAGE: Refused to set unsafe header "CONNECTION" |
| 6 CONSOLE MESSAGE: Refused to set unsafe header "CONTENT-LENGTH" | 6 CONSOLE MESSAGE: Refused to set unsafe header "CONTENT-LENGTH" |
| 7 CONSOLE MESSAGE: Refused to set unsafe header "CONTENT-TRANSFER-ENCODING" | 7 CONSOLE MESSAGE: Refused to set unsafe header "CONTENT-TRANSFER-ENCODING" |
| 8 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE" | 8 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE" |
| 9 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE2" | 9 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE2" |
| 10 CONSOLE MESSAGE: Refused to set unsafe header "DATE" | 10 CONSOLE MESSAGE: Refused to set unsafe header "DATE" |
| 11 CONSOLE MESSAGE: Refused to set unsafe header "EXPECT" | 11 CONSOLE MESSAGE: Refused to set unsafe header "EXPECT" |
| 12 CONSOLE MESSAGE: Refused to set unsafe header "HOST" | 12 CONSOLE MESSAGE: Refused to set unsafe header "HOST" |
| 13 CONSOLE MESSAGE: Refused to set unsafe header "KEEP-ALIVE" | 13 CONSOLE MESSAGE: Refused to set unsafe header "KEEP-ALIVE" |
| 14 CONSOLE MESSAGE: Refused to set unsafe header "ORIGIN" | 14 CONSOLE MESSAGE: Refused to set unsafe header "ORIGIN" |
| 15 CONSOLE MESSAGE: Refused to set unsafe header "REFERER" | 15 CONSOLE MESSAGE: Refused to set unsafe header "REFERER" |
| 16 CONSOLE MESSAGE: Refused to set unsafe header "TE" | 16 CONSOLE MESSAGE: Refused to set unsafe header "TE" |
| 17 CONSOLE MESSAGE: Refused to set unsafe header "TRAILER" | 17 CONSOLE MESSAGE: Refused to set unsafe header "TRAILER" |
| 18 CONSOLE MESSAGE: Refused to set unsafe header "TRANSFER-ENCODING" | 18 CONSOLE MESSAGE: Refused to set unsafe header "TRANSFER-ENCODING" |
| 19 CONSOLE MESSAGE: Refused to set unsafe header "UPGRADE" | 19 CONSOLE MESSAGE: Refused to set unsafe header "UPGRADE" |
| 20 CONSOLE MESSAGE: Refused to set unsafe header "USER-AGENT" | 20 CONSOLE MESSAGE: Refused to set unsafe header "USER-AGENT" |
| 21 CONSOLE MESSAGE: Refused to set unsafe header "VIA" | 21 CONSOLE MESSAGE: Refused to set unsafe header "VIA" |
| 22 CONSOLE MESSAGE: Refused to set unsafe header "Proxy-" | 22 CONSOLE MESSAGE: Refused to set unsafe header "Proxy-" |
| 23 CONSOLE MESSAGE: Refused to set unsafe header "Proxy-test" | 23 CONSOLE MESSAGE: Refused to set unsafe header "Proxy-test" |
| 24 CONSOLE MESSAGE: Refused to set unsafe header "PROXY-FOO" | 24 CONSOLE MESSAGE: Refused to set unsafe header "PROXY-FOO" |
| 25 CONSOLE MESSAGE: Refused to set unsafe header "Sec-" | 25 CONSOLE MESSAGE: Refused to set unsafe header "Sec-" |
| 26 CONSOLE MESSAGE: Refused to set unsafe header "Sec-test" | 26 CONSOLE MESSAGE: Refused to set unsafe header "Sec-test" |
| 27 CONSOLE MESSAGE: Refused to set unsafe header "SEC-FOO" | 27 CONSOLE MESSAGE: Refused to set unsafe header "SEC-FOO" |
| 28 Test that setRequestHeader cannot be used to alter security-sensitive headers. | 28 Test that setRequestHeader cannot be used to alter security-sensitive headers fo
r file:// urls. |
| 29 | 29 |
| 30 SUCCESS | 30 SUCCESS |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 13979011:
Block all scripts from setting unsafe headers in XMLHttpRequest (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master