0

CORS: Convert existing TODOs for crbug.com/1073353

There are some existing TODOs for request modifications on
CORS redirects. Since this could cause enterprise affecting
compatibility breakages even if this is a spec conformance
fix, let's fix this after the Blink CORS removal, with a
well-considered safe rollout plan.

Bug: 1073353
Change-Id: I6b14304fa981ff3d2212f8189c40e171a1c79d61
NOTRY: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2280747
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Kinuko Yasuda <kinuko@chromium.org>
Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#785620}
This commit is contained in:
Takashi Toyoshima
2020-07-07 07:55:33 +00:00
committed by Commit Bot
parent 766177d512
commit 1e1570a223

@@ -361,14 +361,20 @@ void CorsURLLoader::OnReceiveRedirect(const net::RedirectInfo& redirect_info,
tainted_ = true;
}
// TODO(yhirano): Implement the following:
// TODO(crbug.com/1073353): Implement the following:
// If either |actualResponse|s status is 301 or 302 and |request|s method is
// `POST`, or |actualResponse|s status is 303, set |request|s method to
// `GET` and requests body to null.
// `GET` and requests body to null, and remove request-body-header name from
// request's headers. Some of them are implemented in //net, but when we
// create another request on exceptional redirect cases, such newly created
// request doesn't reflect the spec comformant request modifications. See the
// linked crbug for details. See also 4.4. HTTP-redirect fetch
// (https://fetch.spec.whatwg.org/#http-redirect-fetch), step 11.
// TODO(yhirano): Implement the following:
// TODO(crbug.com/1073353): Implement the following:
// Invoke |set requests referrer policy on redirect| on |request| and
// |actualResponse|.
// |actualResponse|. See 4.4. HTTP-redirect fetch
// (https://fetch.spec.whatwg.org/#http-redirect-fetch), step 14.
redirect_info_ = redirect_info;