Fixes AssociatedURLLoader support for Access-Control-Expose-Headers field in response.
authorbbudge@chromium.org <bbudge@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 3 Mar 2012 18:49:50 +0000 (18:49 +0000)
committerbbudge@chromium.org <bbudge@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 3 Mar 2012 18:49:50 +0000 (18:49 +0000)
https://bugs.webkit.org/show_bug.cgi?id=80198

Reviewed by Adam Barth.

* src/AssociatedURLLoader.cpp:
* tests/AssociatedURLLoaderTest.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@109661 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/chromium/ChangeLog
Source/WebKit/chromium/src/AssociatedURLLoader.cpp
Source/WebKit/chromium/tests/AssociatedURLLoaderTest.cpp

index 3b9e0bd..0af8346 100644 (file)
@@ -1,3 +1,13 @@
+2012-03-03  Bill Budge  <bbudge@chromium.org>
+
+        Fixes AssociatedURLLoader support for Access-Control-Expose-Headers field in response.
+        https://bugs.webkit.org/show_bug.cgi?id=80198
+
+        Reviewed by Adam Barth.
+
+        * src/AssociatedURLLoader.cpp:
+        * tests/AssociatedURLLoaderTest.cpp:
+
 2012-03-02  Dana Jansens  <danakj@chromium.org>
 
         [Chromium] Allow plugins to set opaque() on their platform layer
index c314411..0c3a0cf 100644 (file)
@@ -79,6 +79,7 @@ void HTTPRequestHeaderValidator::visitHeader(const WebString& name, const WebStr
     m_isSafe = m_isSafe && isValidHTTPToken(name) && XMLHttpRequest::isAllowedHTTPHeader(name) && isValidHTTPHeaderValue(value);
 }
 
+// FIXME: Remove this and use WebCore code that does the same thing.
 class HTTPResponseHeaderValidator : public WebHTTPHeaderVisitor {
     WTF_MAKE_NONCOPYABLE(HTTPResponseHeaderValidator);
 public:
@@ -97,7 +98,7 @@ void HTTPResponseHeaderValidator::visitHeader(const WebString& name, const WebSt
 {
     String headerName(name);
     if (m_usingAccessControl) {
-        if (equalIgnoringCase(headerName, "access-control-expose-header"))
+        if (equalIgnoringCase(headerName, "access-control-expose-headers"))
             parseAccessControlExposeHeadersAllowList(value, m_exposedHeaders);
         else if (!isOnAccessControlResponseHeaderWhitelist(headerName))
             m_blockedHeaders.add(name);
@@ -112,7 +113,7 @@ const HTTPHeaderSet& HTTPResponseHeaderValidator::blockedHeaders()
         m_exposedHeaders.remove("set-cookie");
         m_exposedHeaders.remove("set-cookie2");
         // Block Access-Control-Expose-Header itself. It could be exposed later.
-        m_blockedHeaders.add("access-control-expose-header");
+        m_blockedHeaders.add("access-control-expose-headers");
         HTTPHeaderSet::const_iterator end = m_exposedHeaders.end();
         for (HTTPHeaderSet::const_iterator it = m_exposedHeaders.begin(); it != end; ++it)
             m_blockedHeaders.remove(*it);
index 677865a..a168ebc 100644 (file)
@@ -241,7 +241,7 @@ public:
         m_expectedResponse.setMIMEType("text/html");
         m_expectedResponse.addHTTPHeaderField("Access-Control-Allow-Origin", "*");
         if (exposed)
-            m_expectedResponse.addHTTPHeaderField("access-control-expose-header", headerNameString);
+            m_expectedResponse.addHTTPHeaderField("access-control-expose-headers", headerNameString);
         m_expectedResponse.addHTTPHeaderField(headerNameString, "foo");
         webkit_support::RegisterMockedURL(url, m_expectedResponse, m_frameFilePath);