New issue
Advanced search Search tips
Starred by 6 users

Issue metadata

Status: Started
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Task
Launch-M-Approved: 60-Stable
Launch-M-Target: 59-Beta , 59-Stable , 60-Dev , 60-Beta , 60-Stable

issue 876670
issue 490015

Sign in to add a comment

Issue 720283: Temporarily Remove: Navigator.sendBeacon() with a Blob whose type is not a CORS-safelisted value for the data argument

Reported by, May 10 2017 Project Member

Issue description

Change description:
The security issue described in  bug 490015  must be fixed, but we don't have any reasonable immediate fix for it. So, temporarily disable the feature by prioritizing fixing the security issue.

Changes to API surface:
Make Navigator.sendBeacon() throw when called with a Blob whose type is not a CORS-safelisted value for the data argument.

The original entry about the security issue:  bug 490015 

Support in other browsers:
Internet Explorer: ?
Firefox: Supported
Safari: ?

Comment 1 by, May 22 2017

See bug 724929 for tracking the progress for reviving the feature.

Comment 2 by, May 23 2017

Components: Blink>Network

Comment 3 by, May 30 2017

Labels: Launch-M-Approved-60-Stable Launch-M-Target-59-Beta Launch-M-Target-59-Stable Launch-M-Target-60-Dev Launch-M-Target-60-Beta Launch-M-Target-60-Stable
Status: Started (was: Assigned)
In M60 and merged to M59.

Comment 4 by, Sep 12 2017

Labels: migrated-launch-owp Type-Task
This issue has been automatically relabelled type=task because type=launch-owp issues are now officially deprecated. The deprecation is because they were creating confusion about how to get launch approvals, which should be instead done via type=launch issues.

We recommend this issue be used for implementation tracking (for public visibility), but if you already have an issue for that, you may mark this as duplicate.

For more details see here:

For any questions, please contact owencm, sshruthi, larforge

Comment 5 by, Feb 26 2018

Reassigning to yhirano@.

Comment 6 by, Mar 3 2018

Labels: Hotlist-Interop

Comment 7 by, Aug 31

Blocking: 876670

Sign in to add a comment