New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 6 users

Issue metadata

Status: Fixed
Owner:
OOO until July 2
Closed: Dec 7
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Feature


Show other hotlists

Hotlists containing this issue:
EnamelAndFriendsFixIt


Sign in to add a comment

[CORS] Add wildcard support for Access-Control-Allow-Methods, Access-Control-Allow-Headers and Access-Control-Expose-Headers

Project Member Reported by tyoshino@chromium.org, May 27 2016

Issue description

The Fetch Standard has been updated to accept the wildcard value for Access-Control-Allow-Methods, Access-Control-Allow-Headers and Access-Control-Expose-Headers.

https://github.com/whatwg/fetch/pull/298

 
Blockedon: 698721
 Issue 698241  has been merged into this issue.

Comment 3 by mkwst@chromium.org, May 15 2017

Cc: tyoshino@chromium.org yhirano@chromium.org
Components: Blink>SecurityFeature>CORS
tyoshino@, yhirano@: Can you triage this? It seems like a relatively small set of changes that might make some developers' lives a little simpler. I know y'all are stretched, but this might be a nice small project for someone who wants to ship something. :)
Components: -Blink>Network -Blink>Loader Blink>Network>XHR Blink>Network>FetchAPI
Yeah, this is just do it bug. might be good to keep for interns.
It turned out that we need to resolve a spec issue. See https://github.com/whatwg/fetch/issues/548
That's now resolved, updated tests at https://bugs.chromium.org/p/chromium/issues/detail?id=698721.
Owner: yhirano@chromium.org
Status: Assigned (was: Available)
 Issue 698721  has been merged into this issue.
Labels: Hotlist-Interop
Blockedon: -698721
Labels: M-63
Status: Fixed (was: Assigned)
Status: Started (was: Fixed)
No, it's not fixed yet. We need to support Access-Control-Expose-Headers as well.
Labels: Hotlist-EnamelAndFriendsFixIt
Project Member

Comment 16 by bugdroid1@chromium.org, Dec 6

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532

commit 59a2bc8acbe0926b70b5f926ae6e2383fc6dd532
Author: Yutaka Hirano <yhirano@chromium.org>
Date: Wed Dec 06 14:40:04 2017

[Fetch] Support wildcard for access-control-expose-headers

Bug:  615313 
Change-Id: Ie608f427083303af5afd98e8939dcfc43a266942
Reviewed-on: https://chromium-review.googlesource.com/805395
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#522082}
[delete] https://crrev.com/26635467c354ce2a49e0a39765c67cd11790804b/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star-expected.txt
[delete] https://crrev.com/26635467c354ce2a49e0a39765c67cd11790804b/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star-worker-expected.txt
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/fetch/api/cors/cors-expose-star.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/cache-storage/script-tests/cache-match.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/cache-storage/window/cache-match.https.html
[add] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-cors-exposed-header-names.https.html
[add] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/resources/fetch-cors-exposed-header-names-worker.js
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/core/exported/WebAssociatedURLLoaderImpl.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchManager.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseData.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseData.h
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/FetchResponseDataTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/modules/fetch/ResponseTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/platform/exported/WebCORS.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/Source/platform/exported/WebCORSTest.cpp
[modify] https://crrev.com/59a2bc8acbe0926b70b5f926ae6e2383fc6dd532/third_party/WebKit/public/platform/WebCORS.h

Status: Fixed (was: Started)
Currently Safari is passing some of the tests just introduced
https://wpt.fyi/fetch/api/cors

Sign in to add a comment