Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(65)

Issue 21532002: CORS: Handle error HTTP status code 4XX/5XX in preflight requests. (Closed)

Created:
7 years, 4 months ago by ancilgeorge
Modified:
7 years, 4 months ago
CC:
blink-reviews, dglazkov+blink, Nate Chapin, eae+blinkwatch, gavinp+loader_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Visibility:
Public.

Description

CORS: Handle error HTTP status code 4XX/5XX in preflight requests. As per the W33 CORS Spec http://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 'network error'should be triggered when the response is a error status code (4XX/5XX) Also refer http://fetch.spec.whatwg.org/#cors-preflight-fetch-0. However when response with such status code was received it was treated as success and the actual request was made. Added code check the error status code and send 'network error' in case of preflight requests. This makes the behavior consistent with Mozilla Firefox Browser. Also clears the failures in http://w3c-test.org/webappsec/tests/cors/submitted/opera/staging/status.htm http://w3c-test.org/webappsec/tests/cors/submitted/opera/staging/status-async.htm BUG=266807 R=abarth@chromium.org, kbr@chromium.org, bbudge@chromium.org Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=155413

Patch Set 1 #

Total comments: 2

Patch Set 2 : #

Messages

Total messages: 9 (0 generated)
ancilgeorge
Requesting review
7 years, 4 months ago (2013-08-01 12:04:04 UTC) #1
abarth-chromium
W33 -> W3C
7 years, 4 months ago (2013-08-01 16:40:44 UTC) #2
abarth-chromium
lgtm Thanks!
7 years, 4 months ago (2013-08-01 16:42:09 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/ancilgeorge@samsung.com/21532002/1
7 years, 4 months ago (2013-08-01 16:42:25 UTC) #4
bbudge-google
LGTM https://codereview.chromium.org/21532002/diff/1/Source/core/loader/CrossOriginAccessControl.cpp File Source/core/loader/CrossOriginAccessControl.cpp (right): https://codereview.chromium.org/21532002/diff/1/Source/core/loader/CrossOriginAccessControl.cpp#newcode172 Source/core/loader/CrossOriginAccessControl.cpp:172: errorDescription = "Invalid HTTP status code " + ...
7 years, 4 months ago (2013-08-01 16:48:08 UTC) #5
Ken Russell (switch to Gerrit)
LGTM FWIW
7 years, 4 months ago (2013-08-01 23:03:29 UTC) #6
ancilgeorge
https://codereview.chromium.org/21532002/diff/1/Source/core/loader/CrossOriginAccessControl.cpp File Source/core/loader/CrossOriginAccessControl.cpp (right): https://codereview.chromium.org/21532002/diff/1/Source/core/loader/CrossOriginAccessControl.cpp#newcode172 Source/core/loader/CrossOriginAccessControl.cpp:172: errorDescription = "Invalid HTTP status code " + String::number(response.httpStatusCode()); ...
7 years, 4 months ago (2013-08-02 04:35:06 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/ancilgeorge@samsung.com/21532002/14001
7 years, 4 months ago (2013-08-02 04:35:19 UTC) #8
commit-bot: I haz the power
7 years, 4 months ago (2013-08-02 07:20:58 UTC) #9
Message was sent while issue was closed.
Change committed as 155413

Powered by Google App Engine
This is Rietveld 408576698