OOR-CORS, WebView: Add CORS tests for requests from custom schemes (6e293feb) · Commits · eriksson monteiro / tangled

Commit 6e293feb authored Jan 27, 2020 by

Takashi Toyoshima Committed by Commit Bot Jan 27, 2020

OOR-CORS, WebView: Add CORS tests for requests from custom schemes

Behaviors have been unclear, but if requests are made from a custom
scheme, the Origin header in outgoing requests should be set to
"<scheme>://" without containing the host:port part those are
officially required to be a proper origin for such special cases
in WebView.
Servers can use "Access-Control-Allow-Origin: *" or
"Access-Control-Allow-Origin: <scheme>://" to permit such accesses.

This patch adds tests to verify these behaviors to keep compatible
behaviors.

Bug: 1035366
Change-Id: Ia08e7b4ed764225566c3b09edef2980cfa1b1b70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2010591Reviewed-by: Richard Coles <torne@chromium.org>
Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#735332}

parent 05e61eae

Expand all Hide whitespace changes

Inline Side-by-side

View file @ 6e293feb

This diff is collapsed.

Please register or to comment