Skip to content

GitLab

T
tangled
Commit b662cdc3 authored by Takashi Toyoshima's avatar Takashi Toyoshima Committed by Commit Bot
Browse files
Options

OOR-CORS: CORS-preflight requests do not need to have "Save-Data" header 

Currently ServiceWorkerBrowserTest.CrossOriginFetchWithSaveData checks
if CORS-preflight requests have "Save-Data" header. This is existing
behavior, but new CORS stack does not add the "Save-Data" header for the
CORS-preflight. In terms of the fetch spec, it will be better not to
have the header in the preflight request.

Bug: 907389
Change-Id: Ic6906f5a9ce270a403b7be6f48274f78d2fce546
Reviewed-on: https://chromium-review.googlesource.com/c/1345685Reviewed-by: default avatarTarun Bansal <tbansal@chromium.org>
Reviewed-by: default avatarMatt Falkenhagen <falken@chromium.org>
Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#610295}
parent 4a1a9848
Hide whitespace changes
Inline Side-by-side
Showing with 11 additions and 4 deletions
content/browser/service_worker/service_worker_browsertest.cc
View file @ b662cdc3
......@@ -278,10 +278,17 @@ VerifySaveDataHeaderNotInRequest(const net::test_server::HttpRequest& request) {
std::unique_ptr<net::test_server::HttpResponse>
VerifySaveDataNotInAccessControlRequestHeader(
const net::test_server::HttpRequest& request) {
// Save-Data should be present.
auto it = request.headers.find("Save-Data");
EXPECT_NE(request.headers.end(), it);
EXPECT_EQ("on", it->second);
if (base::FeatureList::IsEnabled(network::features::kOutOfBlinkCors)) {
// 'Save-Data' is not expected to be in the CORS preflight request.
auto it = request.headers.find("Save-Data");
EXPECT_EQ(request.headers.end(), it);
} else {
// The legacy code path appends 'Save-Data' header regardless of CORS
// preflight just because it can not be distinguished.
auto it = request.headers.find("Save-Data");
EXPECT_NE(request.headers.end(), it);
EXPECT_EQ("on", it->second);
}
std::unique_ptr<net::test_server::BasicHttpResponse> http_response(
new net::test_server::BasicHttpResponse());
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment