Open Bug 1507514 Opened 6 years ago Updated 2 years ago

"no-cors" Headers API security checks are slightly broken

Tracking

()

Status:

NEW

People

(Reporter: annevk, Unassigned)

References

Details

(Whiteboard: [necko-triaged])

Anne (:annevk)

Reporter

Description

•

6 years ago

See https://github.com/whatwg/fetch/pull/833 and https://github.com/web-platform-tests/wpt/pull/14079 for tests.

jkt, this is what we discussed on IRC. I confirmed on Nightly that Firefox doesn't do this correctly.

Anne (:annevk)

Reporter

Updated

•

6 years ago

See Also: → https://bugzilla.mozilla.org/show_bug.cgi?id=1483815

Jonathan Kingston [:jkt] he/him

Comment 1

•

6 years ago

Thanks Anne for raising this.

Assignee: nobody → jkt

Honza Bambas (:mayhemer)

Updated

•

6 years ago

Whiteboard: [necko-triaged]

BugBot [:suhaib / :marco/ :calixte]

Comment 2

•

2 years ago

The bug assignee didn't login in Bugzilla in the last 7 months.
:dragana, could you have a look please?
For more information, please visit auto_nag documentation.

Assignee: jonathan → nobody

Flags: needinfo?(dd.mozilla)

Dragana Damjanovic [:dragana]

Updated

•

2 years ago

Flags: needinfo?(dd.mozilla)

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

"no-cors" Headers API security checks are slightly broken

Categories

(Core :: DOM: Networking, enhancement, P2)

Tracking

()

People

(Reporter: annevk, Unassigned)

References

Details

(Whiteboard: [necko-triaged])

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Comment 2

Updated

Updated