Chrome Version: 57.0.2987.98 (Official Build) (64-bit)
OS: OSX, but likely all.
What steps will reproduce the problem?
JSBIN: http://jsbin.com/miqoxad/edit?html,js,output(1) Preload something with MIME application/json, crossdomain, using as=""
(2) Fetch or XHR same resource
What is the expected result?
Sing network request happens.
What happens instead?
Multiple network requests happen.
Also there's a console warning:
> "The resource [] was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it wasn't preloaded for nothing."
Please use labels and text to provide additional information.
Forked from https://bugs.chromium.org/p/gerrit/issues/detail?id=5670#c10For graphics-related bugs, please copy/paste the contents of the about:gpupage at the end of this report.
Chrome Version: 57.0.2987.98 (Official Build) (64-bit)
OS: OSX, but likely all.
What steps will reproduce the problem?
JSBIN: http://jsbin.com/miqoxad/edit?html,js,output
(1) Preload something with MIME application/json, crossdomain, using as=""
(2) Fetch or XHR same resource
What is the expected result?
Single network request happens.
What happens instead?
Multiple network requests happen.
Also there's a console warning:
> "The resource [] was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it wasn't preloaded for nothing."
Please use labels and text to provide additional information.
Forked from https://bugs.chromium.org/p/gerrit/issues/detail?id=5670#c10
Looking into that issue, it seems like the `corsEnabled` ResourceLoaderOption is not turned on for XHRs, but is turned on for preloads when the crossorigin attribute is set. IIUC, this option is enabled by `setCrossOriginAccessControl()` which seems to be called for all CORS enabled fetches except for XHR.
Turning it on for XHRs would be easy, and seems to solve this issue, but I'm not sure that's the right thing to do, and that it won't have other implications.
Talking to yhirano@ on #chromium, it seems like this flag is not turned on for XHR intentionally, in order to avoid CORS handling in both DocumentThreadableLoader and ResourceLoader.
Maybe the right path here is to exempt XHR from the corsEnabled check in ResourceLoaderOptions::canReuseRequest() ?
yhirano@: FYI, Jochen has an intern coming in this summer that was interested in chipping away at the `ResourceLoader`/`DocumentThreadableLoader` divide, as it makes some things like HSTS Priming and CORS-RFC1918 harder to implement. I don't think we have a solid design for that in mind, however, but it's probably worth syncing with Jochen if y'all have something sketched out.
Comment 1 by andyb...@chromium.org
, Mar 19 2017Components: Blink>Network>XHR Blink>Network>FetchAPI
Owner: y...@yoav.ws
Status: Assigned (was: Untriaged)