Re: Intent to ship: Add wildcard to Access-Control-Expose-Headers, Access-Control-Allow-Methods, and Access-Control-Allow-Headers
Am Dienstag, 23. Juli 2019 00:07:28 UTC+2 schrieb Kershaw Jang: > Hi Ehsan, > > Thanks for correcting this. Yes, this should be shipped in Firefox 70. If I understand correctly, this ships in Firefox 69 and ESR 68.x to fix bug 1559795 in these versions. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: Intent to ship: Add wildcard to Access-Control-Expose-Headers, Access-Control-Allow-Methods, and Access-Control-Allow-Headers
Hi Ehsan, Thanks for correcting this. Yes, this should be shipped in Firefox 70. Regards, Kershaw On Sat, Jul 20, 2019 at 2:40 AM Ehsan Akhgari wrote: > Thanks Kershaw for fixing this. I was curious why you expect this to ship > in Firefox 71 but not 70? > > On Tue, Jul 16, 2019 at 1:56 PM Kershaw Jang wrote: > >> Hi everyone, >> >> *Summary*: >> Allow more wildcards in CORS headers when used without credential. >> So, the new syntax for these http headers is: >> Access-Control-Expose-Headers = #field-name / wildcard >> Access-Control-Allow-Methods = #method / wildcard >> Access-Control-Allow-Headers = #field-name / wildcard >> >> *Bug*: >> https://bugzilla.mozilla.org/show_bug.cgi?id=1309358 >> >> *Link to standard*: >> https://fetch.spec.whatwg.org/#http-new-header-syntax >> >> *Platform coverage*: >> all platforms. >> >> *Estimated or target release*: >> Firefox 71. >> >> *Preference behind which this will be implemented*: >> No preference. >> >> *DevTools bug*: >> No. >> >> *Do other browser engines implement this?* >> Yes, both Blink and WebKit support this feature. >> >> *web-platform-tests*: >> We already have existing wpt tests for this. >> >> *Is this feature restricted to secure contexts?* >> No. >> >> Please note that I already landed this patch in nightly since I was not >> aware of that I should send this email first. If anyone has any concerns, >> feel free to file another bug to back this out. >> >> Thanks, >> Kershaw >> ___ >> dev-platform mailing list >> dev-platform@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-platform >> > > > -- > Ehsan > ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: Intent to ship: Add wildcard to Access-Control-Expose-Headers, Access-Control-Allow-Methods, and Access-Control-Allow-Headers
Thanks Kershaw for fixing this. I was curious why you expect this to ship in Firefox 71 but not 70? On Tue, Jul 16, 2019 at 1:56 PM Kershaw Jang wrote: > Hi everyone, > > *Summary*: > Allow more wildcards in CORS headers when used without credential. > So, the new syntax for these http headers is: > Access-Control-Expose-Headers = #field-name / wildcard > Access-Control-Allow-Methods = #method / wildcard > Access-Control-Allow-Headers = #field-name / wildcard > > *Bug*: > https://bugzilla.mozilla.org/show_bug.cgi?id=1309358 > > *Link to standard*: > https://fetch.spec.whatwg.org/#http-new-header-syntax > > *Platform coverage*: > all platforms. > > *Estimated or target release*: > Firefox 71. > > *Preference behind which this will be implemented*: > No preference. > > *DevTools bug*: > No. > > *Do other browser engines implement this?* > Yes, both Blink and WebKit support this feature. > > *web-platform-tests*: > We already have existing wpt tests for this. > > *Is this feature restricted to secure contexts?* > No. > > Please note that I already landed this patch in nightly since I was not > aware of that I should send this email first. If anyone has any concerns, > feel free to file another bug to back this out. > > Thanks, > Kershaw > ___ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > -- Ehsan ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Intent to ship: Add wildcard to Access-Control-Expose-Headers, Access-Control-Allow-Methods, and Access-Control-Allow-Headers
Hi everyone, *Summary*: Allow more wildcards in CORS headers when used without credential. So, the new syntax for these http headers is: Access-Control-Expose-Headers = #field-name / wildcard Access-Control-Allow-Methods = #method / wildcard Access-Control-Allow-Headers = #field-name / wildcard *Bug*: https://bugzilla.mozilla.org/show_bug.cgi?id=1309358 *Link to standard*: https://fetch.spec.whatwg.org/#http-new-header-syntax *Platform coverage*: all platforms. *Estimated or target release*: Firefox 71. *Preference behind which this will be implemented*: No preference. *DevTools bug*: No. *Do other browser engines implement this?* Yes, both Blink and WebKit support this feature. *web-platform-tests*: We already have existing wpt tests for this. *Is this feature restricted to secure contexts?* No. Please note that I already landed this patch in nightly since I was not aware of that I should send this email first. If anyone has any concerns, feel free to file another bug to back this out. Thanks, Kershaw ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform