Skip to site navigation (Press enter)

[webkit-changes] [163915] trunk

commit-queue Tue, 11 Feb 2014 15:59:23 -0800

Title: [163915] trunk

Revision: 163915
Author: commit-qu...@webkit.org
Date: 2014-02-11 16:02:31 -0800 (Tue, 11 Feb 2014)

Log Message

XMLHttpRequest should not send DNT header
https://bugs.webkit.org/show_bug.cgi?id=128533


Patch by Youenn Fablet <youe...@gmail.com> on 2014-02-11
Reviewed by Alexey Proskuryakov.

Source/WebCore:

Added DNT (Do Not Track) header to the list of forbidden headers.
Updated http/tests/xmlhttprequest/set-dangerous-headers.html to test that header.

* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequestStaticData::XMLHttpRequestStaticData):

LayoutTests:

Updated http/tests/xmlhttprequest/set-dangerous-headers.html to test that DNT header is not sent.

* http/tests/xmlhttprequest/set-dangerous-headers-expected.txt:
* http/tests/xmlhttprequest/set-dangerous-headers.html:

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers-expected.txt
trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/xml/XMLHttpRequest.cpp

Diff

Modified: trunk/LayoutTests/ChangeLog (163914 => 163915)


--- trunk/LayoutTests/ChangeLog	2014-02-11 23:07:49 UTC (rev 163914)
+++ trunk/LayoutTests/ChangeLog	2014-02-12 00:02:31 UTC (rev 163915)
@@ -1,3 +1,15 @@
+2014-02-11  Youenn Fablet  <youe...@gmail.com>
+
+        XMLHttpRequest should not send DNT header
+        https://bugs.webkit.org/show_bug.cgi?id=128533
+
+        Reviewed by Alexey Proskuryakov.
+
+        Updated http/tests/xmlhttprequest/set-dangerous-headers.html to test that DNT header is not sent.
+
+        * http/tests/xmlhttprequest/set-dangerous-headers-expected.txt:
+        * http/tests/xmlhttprequest/set-dangerous-headers.html:
+
 2014-02-10  Jeffrey Pfau  <jp...@apple.com>
 
         Bring third-party app cache blocking behavior in line with private browsing app cache blocking behavior

Modified: trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers-expected.txt (163914 => 163915)


--- trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers-expected.txt	2014-02-11 23:07:49 UTC (rev 163914)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers-expected.txt	2014-02-12 00:02:31 UTC (rev 163915)
@@ -8,6 +8,7 @@
 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE"
 CONSOLE MESSAGE: Refused to set unsafe header "COOKIE2"
 CONSOLE MESSAGE: Refused to set unsafe header "DATE"
+CONSOLE MESSAGE: Refused to set unsafe header "DNT"
 CONSOLE MESSAGE: Refused to set unsafe header "EXPECT"
 CONSOLE MESSAGE: Refused to set unsafe header "HOST"
 CONSOLE MESSAGE: Refused to set unsafe header "KEEP-ALIVE"

Modified: trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html (163914 => 163915)


--- trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html	2014-02-11 23:07:49 UTC (rev 163914)
+++ trunk/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html	2014-02-12 00:02:31 UTC (rev 163915)
@@ -24,6 +24,7 @@
     req.setRequestHeader("COOKIE", "foobar");
     req.setRequestHeader("COOKIE2", "foobar");
     req.setRequestHeader("DATE", "foobar");
+    req.setRequestHeader("DNT", "foobar");
     req.setRequestHeader("EXPECT", "100-continue");
     req.setRequestHeader("HOST", "foobar");
     req.setRequestHeader("KEEP-ALIVE", "foobar");

Modified: trunk/Source/WebCore/ChangeLog (163914 => 163915)


--- trunk/Source/WebCore/ChangeLog	2014-02-11 23:07:49 UTC (rev 163914)
+++ trunk/Source/WebCore/ChangeLog	2014-02-12 00:02:31 UTC (rev 163915)
@@ -1,3 +1,16 @@
+2014-02-11  Youenn Fablet  <youe...@gmail.com>
+
+        XMLHttpRequest should not send DNT header
+        https://bugs.webkit.org/show_bug.cgi?id=128533
+
+        Reviewed by Alexey Proskuryakov.
+
+        Added DNT (Do Not Track) header to the list of forbidden headers.
+        Updated http/tests/xmlhttprequest/set-dangerous-headers.html to test that header.
+
+        * xml/XMLHttpRequest.cpp:
+        (WebCore::XMLHttpRequestStaticData::XMLHttpRequestStaticData):
+
 2014-02-10  Jeffrey Pfau  <jp...@apple.com>
 
         Bring third-party app cache blocking behavior in line with private browsing app cache blocking behavior

Modified: trunk/Source/WebCore/xml/XMLHttpRequest.cpp (163914 => 163915)


--- trunk/Source/WebCore/xml/XMLHttpRequest.cpp	2014-02-11 23:07:49 UTC (rev 163914)
+++ trunk/Source/WebCore/xml/XMLHttpRequest.cpp	2014-02-12 00:02:31 UTC (rev 163915)
@@ -102,6 +102,7 @@
         "cookie",
         "cookie2",
         "date",
+        "dnt",
         "expect",
         "host",
         "keep-alive",

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes