New issue
Advanced search Search tips

Issue 573937 link

Starred by 5 users

Issue metadata

Status: Fixed
Closed: Jan 2016
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug

Sign in to add a comment

GET request can incorrectly contain a body

Project Member Reported by, Jan 4 2016

Issue description

A service worker with:
self.addEventListener('fetch', event => event.respondWith(event.request));

Then, user submits a form that POSTs data, creating a manual-redirect POST request with a body. This is handled fine, but if the response is a 302, the resulting request has a method of GET, but the same body as the original POST, so it fails.

I don't have a reduced case, but it can be recreated on - set a breakpoint at the fetch event, then search for a train from MAN to EUS. When the breakpoint hits, call event.respondWith(event.request) each time.

Error is "TypeError: Failed to execute 'fetch' on 'ServiceWorkerGlobalScope': Request with GET/HEAD method cannot have body."
The specs seem like they're missing bits when it comes to redirects, so also filed and
Here's a more-reduced example

Comment 3 by, Jan 5 2016

Status: Assigned
That test link should be, sorry

Comment 5 by, Jan 18 2016

Running into this bug myself. Is there a workaround beyond manually excluding all possible redirect-after-POST URLs from my service worker?
In I add an extra `req = new Request(request.url)` step.

Comment 7 by, Jan 19 2016

Thanks -- at I ended up implementing the workaround like this:

request = new Request(request.url, {
    method: 'GET',
    headers: request.headers,
    mode: request.mode,
    credentials: request.credentials,
    redirect: request.redirect

The straight "new Request(request.url)" didn't work for me, as I needed the credentials passed through as well.

Note that I also tried "new Request(request, {body: ''})", but it didn't work. Hope this helps people in the future!
Labels: -Pri-2 Pri-1
I think we should consider things that break event.respondWith(fetch(event.request)) to be high priority, especially if they cannot be easily worked around by looking at the request.

Comment 9 by, Jan 22 2016

Status: Started
Project Member

Comment 10 by, Jan 25 2016

The following revision refers to this bug:

commit 8f8aeea280e577fc8dddd2aeb6747f47f3ec502e
Author: horo <>
Date: Mon Jan 25 07:35:36 2016

Don't send the body of the redirected request to the ServiceWorker.

The upload data in URLRequest is cleared while handing redirects in URLRequest::Redirect().
But ServiceWorkerURLRequestJob doesn't check it while re-sending the FetchEvent to the ServiceWorker.

This causes an error when "fetch(event.request)" is called in the ServiceWorker.
It is because request.body must not be set when request.method is GET.
To fix this problem, this patch adds has_upload() check in ServiceWorkerURLRequestJob::CreateFetchRequest().

BUG= 573937 

Review URL:

Cr-Commit-Position: refs/heads/master@{#371196}


Comment 11 by, Jan 26 2016

Status: Fixed
Labels: Needs-Feedback
horo@Could you please provide sample test file with reproducible steps to verify the fix from test team end.
Labels: M-50

Comment 14 by, Feb 1 2016

#10 has a layout test.

Execute "./third_party/WebKit/Tools/Scripts/run-blink-httpd" and go

I just upgraded to Chrome 49.0.2623.87 (64-bit), and the workaround I did in Comment 7 is now breaking the service worker. Here's the error:

"Uncaught TypeError: Failed to construct 'Request': Cannot construct a Request with a RequestInit whose mode member is set as 'navigate'."

Comment 16 by, Mar 18 2016

See the discussion in here:
As a workaround, you can recreate the request object without the body

Sign in to add a comment