New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 615313 link

Starred by 6 users
Status: Fixed
Owner:
yhirano@chromium.org
Closed: Dec 2017
Cc:
yhirano@chromium.org
tyoshino@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Feature


Show other hotlists

Hotlists containing this issue:
EnamelAndFriendsFixIt


Sign in to add a comment

[CORS] Add wildcard support for Access-Control-Allow-Methods, Access-Control-Allow-Headers and Access-Control-Expose-Headers

Project Member Reported by tyoshino@chromium.org, May 27 2016 
The Fetch Standard has been updated to accept the wildcard value for Access-Control-Allow-Methods, Access-Control-Allow-Headers and Access-Control-Expose-Headers.

https://github.com/whatwg/fetch/pull/298

Comment 1 by tyoshino@chromium.org, Mar 8 2017

Blockedon: 698721

Comment 2 by yhirano@chromium.org, Mar 14 2017 

 Issue 698241  has been merged into this issue.

Comment 3 by mkwst@chromium.org, May 15 2017

Cc: tyoshino@chromium.org yhirano@chromium.org
Components: Blink>SecurityFeature>CORS
tyoshino@, yhirano@: Can you triage this? It seems like a relatively small set of changes that might make some developers' lives a little simpler. I know y'all are stretched, but this might be a nice small project for someone who wants to ship something. :)

Comment 4 by tyoshino@chromium.org, May 22 2017

Components: -Blink>Network -Blink>Loader Blink>Network>XHR Blink>Network>FetchAPI
Yeah, this is just do it bug. might be good to keep for interns.

Comment 5 by tyoshino@chromium.org, Jun 1 2017 

It turned out that we need to resolve a spec issue. See https://github.com/whatwg/fetch/issues/548

Comment 6 by annevank...@gmail.com, Sep 7 2017 

That's now resolved, updated tests at https://bugs.chromium.org/p/chromium/issues/detail?id=698721.

Comment 7 by yhirano@chromium.org, Sep 7 2017

Owner: yhirano@chromium.org
Status: Assigned (was: Available)

Comment 8 by yhirano@chromium.org, Sep 14 2017 

 Issue 698721  has been merged into this issue.

Comment 9 by phistuck@chromium.org, Sep 14 2017

Labels: Hotlist-Interop

Comment 10 by phistuck@chromium.org, Sep 14 2017

Blockedon: -698721

Comment 13 by tyoshino@chromium.org, Sep 26 2017

Labels: M-63
Status: Fixed (was: Assigned)

Comment 14 by yhirano@chromium.org, Sep 26 2017

Status: Started (was: Fixed)
No, it's not fixed yet. We need to support Access-Control-Expose-Headers as well.

Comment 15 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt
Project Member

Comment 16 by bugdroid1@chromium.org, Dec 6 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532

commit 59a2bc8acbe0926b70b5f926ae6e2383fc6dd532
Author: Yutaka Hirano <yhirano@chromium.org>
Date: Wed Dec 06 14:40:04 2017

[Fetch] Support wildcard for access-control-expose-headers

Bug:  615313 
Change-Id: Ie608f427083303af5afd98e8939dcfc43a266942
Reviewed-on: https://chromium-review.googlesource.com/805395
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#522082}
[delete] https://crrev.com/26635467c354ce2a49e0a39765c67cd11790804b/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star-expected.txt
[delete] https://crrev.com/26635467c354ce2a49e0a39765c67cd11790804b/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star-worker-expected.txt
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/cache-storage/script-tests/cache-match.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/cache-storage/window/cache-match.https.html
[add] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-cors-exposed-header-names.https.html
[add] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/resources/fetch-cors-exposed-header-names-worker.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/core/exported/WebAssociatedURLLoaderImpl.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseData.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseData.h
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseDataTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/ResponseTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/platform/exported/WebCORS.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/platform/exported/WebCORSTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/public/platform/WebCORS.h

Comment 17 by yhirano@chromium.org, Dec 7 2017

Status: Fixed (was: Started)

Comment 18 by tyoshino@chromium.org, Dec 11 2017 

Currently Safari is passing some of the tests just introduced
https://wpt.fyi/fetch/api/cors

Sign in to add a comment