Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(270)

Issue 2925783002: [XMLHttpRequest] Filter forbidden response headers.

Created:
3 years, 6 months ago by Raveendra Karu
Modified:
3 years, 5 months ago
CC:
blink-reviews, chromium-reviews, tyoshino+watch_chromium.org
Target Ref:
refs/heads/master
Project:
chromium
Visibility:
Public.

Description

[XMLHttpRequest] Filter forbidden response headers. * https://xhr.spec.whatwg.org/#the-getresponseheader()-method * https://xhr.spec.whatwg.org/#the-getallresponseheaders()-method According to fetch spec, forbidden headers can't be set or get. Hiding forbidden-name headers in response headers for all kinds of filtered responses. BUG=567527 Signed-off-by: Raveendra Karu <r.karu@samsung.com>;

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+2 lines, -10 lines) Patch
M third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp View 2 chunks +2 lines, -10 lines 0 comments Download

Messages

Total messages: 13 (5 generated)
Raveendra Karu
On 2017/06/06 09:37:16, Raveendra Karu wrote: > mailto:r.karu@samsung.com changed reviewers: > + mailto:srirama.m@samsung.com --Internal Review ...
3 years, 6 months ago (2017-06-06 09:38:18 UTC) #3
Srirama
On 2017/06/06 09:38:18, Raveendra Karu wrote: > On 2017/06/06 09:37:16, Raveendra Karu wrote: > > ...
3 years, 6 months ago (2017-06-06 12:29:09 UTC) #4
Raveendra Karu
Dear yhirano, Please take a look!
3 years, 6 months ago (2017-06-06 12:32:54 UTC) #6
yhirano
tyoshino@, can you take a look?
3 years, 6 months ago (2017-06-07 08:52:56 UTC) #8
tyoshino (SeeGerritForStatus)
lgtm. Thank you for working on this!
3 years, 6 months ago (2017-06-08 09:28:24 UTC) #9
tyoshino (SeeGerritForStatus)
On 2017/06/08 09:28:24, tyoshino wrote: > lgtm. Thank you for working on this! Adding mkwst@ ...
3 years, 6 months ago (2017-06-08 09:51:19 UTC) #11
Mike West
In general this seems reasonable. Can you add tests to verify the behavior change?
3 years, 6 months ago (2017-06-12 09:19:33 UTC) #12
Raveendra Karu
3 years, 5 months ago (2017-07-18 05:45:29 UTC) #13
On 2017/06/12 09:19:33, Mike West wrote:
> In general this seems reasonable. Can you add tests to verify the behavior
> change?

Dear Mike,
Added tests as you mentioned. But due to set-cookie/set-cookie2 headers are
getting filtered in net/ module, unable to verify the test cases.

test cases @: https://bugs.chromium.org/p/chromium/issues/detail?id=567527#c10

Could you please take a look.

Thanks.

Powered by Google App Engine
This is Rietveld 408576698