Temporarily Remove: Navigator.sendBeacon() with a Blob whose type is not a CORS-safelisted value for the data argument |
|||||||
Issue descriptionChange description: The security issue described in bug 490015 must be fixed, but we don't have any reasonable immediate fix for it. So, temporarily disable the feature by prioritizing fixing the security issue. Changes to API surface: Make Navigator.sendBeacon() throw when called with a Blob whose type is not a CORS-safelisted value for the data argument. Links: The original entry about the security issue: bug 490015 Support in other browsers: Internet Explorer: ? Firefox: Supported Safari: ?
,
May 23 2017
,
May 30 2017
In M60 and merged to M59.
,
Sep 12 2017
This issue has been automatically relabelled type=task because type=launch-owp issues are now officially deprecated. The deprecation is because they were creating confusion about how to get launch approvals, which should be instead done via type=launch issues. We recommend this issue be used for implementation tracking (for public visibility), but if you already have an issue for that, you may mark this as duplicate. For more details see here: https://docs.google.com/document/d/1JA6RohjtZQc26bTrGoIE_bSXGXUDQz8vc6G0n_sZJ2o/edit For any questions, please contact owencm, sshruthi, larforge
,
Feb 26 2018
Reassigning to yhirano@.
,
Mar 3 2018
,
Aug 31
|
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by tyoshino@chromium.org
, May 22 2017