Fail cross-origin redirection loads in case of CORS with redirection URLs having...
authoryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Nov 2019 01:27:45 +0000 (01:27 +0000)
committeryouenn@apple.com <youenn@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 12 Nov 2019 01:27:45 +0000 (01:27 +0000)
https://bugs.webkit.org/show_bug.cgi?id=204036

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

* web-platform-tests/cors/redirect-userinfo-expected.txt:
* web-platform-tests/fetch/api/cors/cors-redirect-credentials.any-expected.txt:
* web-platform-tests/fetch/api/cors/cors-redirect-credentials.any.worker-expected.txt:
* web-platform-tests/fetch/api/redirect/redirect-location.any-expected.txt:
* web-platform-tests/fetch/api/redirect/redirect-location.any.worker-expected.txt:
* web-platform-tests/fetch/api/redirect/redirect-schemes-expected.txt:
* web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any-expected.txt:
* web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any.worker-expected.txt:
* web-platform-tests/fetch/security/redirect-to-url-with-credentials.https-expected.txt:
* web-platform-tests/service-workers/service-worker/fetch-event-redirect.https-expected.txt:
* web-platform-tests/xhr/access-control-and-redirects-async-expected.txt:

Source/WebCore:

Update checks in SubresourceLoader according networking process.
Make error messages consistent,
Test: http/tests/navigation/page-cache-mediastream.html

* loader/CrossOriginAccessControl.cpp:
(WebCore::validateCrossOriginRedirectionURL):
(WebCore::isValidCrossOriginRedirectionURL): Deleted.
* loader/CrossOriginAccessControl.h:
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::didReceiveResponse):
(WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):

Source/WebKit:

Implement https://fetch.spec.whatwg.org/#http-redirect-fetch steps 7 and 8.
Covered by updated tests.

* NetworkProcess/NetworkLoadChecker.cpp:
(WebKit::NetworkLoadChecker::checkRedirection):

LayoutTests:

* http/tests/security/shape-image-cors-redirect-error-message-logging-4-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-async.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@252348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

23 files changed:
LayoutTests/ChangeLog
LayoutTests/TestExpectations
LayoutTests/http/tests/security/shape-image-cors-redirect-error-message-logging-4-expected.txt
LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt
LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async.html
LayoutTests/imported/w3c/ChangeLog
LayoutTests/imported/w3c/web-platform-tests/cors/redirect-userinfo-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials.any-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials.any.worker-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-location.any-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-location.any.worker-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-schemes-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any.worker-expected.txt
LayoutTests/imported/w3c/web-platform-tests/fetch/security/redirect-to-url-with-credentials.https-expected.txt
LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-redirect.https-expected.txt
LayoutTests/imported/w3c/web-platform-tests/xhr/access-control-and-redirects-async-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/loader/CrossOriginAccessControl.cpp
Source/WebCore/loader/CrossOriginAccessControl.h
Source/WebCore/loader/SubresourceLoader.cpp
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkLoadChecker.cpp

index e7def93..92fc533 100644 (file)
@@ -1,3 +1,14 @@
+2019-11-11  Youenn Fablet  <youenn@apple.com>
+
+        Fail cross-origin redirection loads in case of CORS with redirection URLs having credentials
+        https://bugs.webkit.org/show_bug.cgi?id=204036
+
+        Reviewed by Alex Christensen.
+
+        * http/tests/security/shape-image-cors-redirect-error-message-logging-4-expected.txt:
+        * http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
+        * http/tests/xmlhttprequest/access-control-and-redirects-async.html:
+
 2019-11-11  Kate Cheney  <katherine_cheney@apple.com>
 
         CrashTracer: com.apple.WebKit.Networking.Development at com.apple.WebKit: WebKit::NetworkProcess::setIsRunningResourceLoadStatisticsTest
index 96dd5e1..a8cc760 100644 (file)
@@ -418,6 +418,7 @@ imported/w3c/web-platform-tests/html/interaction/focus/the-autofocus-attribute/u
 imported/w3c/web-platform-tests/fetch/api/basic/mode-same-origin.any.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/fetch/api/basic/scheme-about.any.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/fetch/api/basic/scheme-about.any.worker.html [ DumpJSConsoleLogInStdErr ]
+imported/w3c/web-platform-tests/cors/redirect-userinfo.htm  [ DumpJSConsoleLogInStdErr ]
 
 imported/w3c/web-platform-tests/html/semantics/document-metadata/the-link-element/link-load-error-events.html [ DumpJSConsoleLogInStdErr ]
 imported/w3c/web-platform-tests/html/semantics/document-metadata/the-link-element/link-load-error-events.https.html [ DumpJSConsoleLogInStdErr ]
index 5119de9..f54dc4a 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: Cross-origin redirection to mailto://example.com denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to mailto://example.com denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 Verify the error message in console in case of CORS failing checks.
 
 
index b7fe744..e158727 100644 (file)
@@ -1,6 +1,8 @@
 CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi denied by Cross-Origin Resource Sharing policy: Origin http://127.0.0.1:8000 is not allowed by Access-Control-Allow-Origin.
 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi denied by Cross-Origin Resource Sharing policy: redirection URL http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi has credentials
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=http://127.0.0.1:8000 due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&%20%20access-control-allow-origin=http://127.0.0.1:8000 due to access control checks.
 CONSOLE MESSAGE: Preflight response is not successful
 CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&%20%20url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&%20%20access-control-allow-origin=* due to access control checks.
@@ -16,9 +18,8 @@ Expecting success: true
 PASS: PASS: Cross-domain access allowed.
 
 Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&  access-control-allow-origin=http://127.0.0.1:8000 without credentials
-Expecting success: true
-PASS: PASS: Cross-domain access allowed.
-
+Expecting success: false
+PASS: 0
 Testing http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&  access-control-allow-origin=http://127.0.0.1:8000 without credentials
 Expecting success: false
 PASS: 0
index 7be23f9..bca44c6 100644 (file)
@@ -53,11 +53,10 @@ var tests = [
   access-control-allow-origin=http://127.0.0.1:8000",
   withoutCredentials, noCustomHeader, succeeds],
 
-// Receives a redirect response with a URL containing the userinfo production. Although loading should fail according fetch spec,
-// the underlying HTTP stack currently removes credentials from redirection URL, hence loading is successful.
+// Receives a redirect response with a URL containing the userinfo production.
 ["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
   access-control-allow-origin=http://127.0.0.1:8000",
-  withoutCredentials, noCustomHeader, succeeds],
+  withoutCredentials, noCustomHeader, fails],
 
 // Receives a redirect response with a URL with an unsupported scheme.
 ["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&\
index e879f0b..a5de667 100644 (file)
@@ -1,3 +1,22 @@
+2019-11-11  Youenn Fablet  <youenn@apple.com>
+
+        Fail cross-origin redirection loads in case of CORS with redirection URLs having credentials
+        https://bugs.webkit.org/show_bug.cgi?id=204036
+
+        Reviewed by Alex Christensen.
+
+        * web-platform-tests/cors/redirect-userinfo-expected.txt:
+        * web-platform-tests/fetch/api/cors/cors-redirect-credentials.any-expected.txt:
+        * web-platform-tests/fetch/api/cors/cors-redirect-credentials.any.worker-expected.txt:
+        * web-platform-tests/fetch/api/redirect/redirect-location.any-expected.txt:
+        * web-platform-tests/fetch/api/redirect/redirect-location.any.worker-expected.txt:
+        * web-platform-tests/fetch/api/redirect/redirect-schemes-expected.txt:
+        * web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any-expected.txt:
+        * web-platform-tests/fetch/api/redirect/redirect-to-dataurl.any.worker-expected.txt:
+        * web-platform-tests/fetch/security/redirect-to-url-with-credentials.https-expected.txt:
+        * web-platform-tests/service-workers/service-worker/fetch-event-redirect.https-expected.txt:
+        * web-platform-tests/xhr/access-control-and-redirects-async-expected.txt:
+
 2019-11-11  Matt Lewis  <jlewis3@apple.com>
 
         Unreviewed, rolling out r252076.
index 4cfb135..d083c34 100644 (file)
@@ -1,10 +1,10 @@
 CORS userinfo redirect handling
 
 
-FAIL Disallow redirect with userinfo (user:pass@) assert_unreached: Reached unreachable code
-FAIL Disallow redirect with userinfo (user:@) assert_unreached: Reached unreachable code
-FAIL Disallow redirect with userinfo (user@) assert_unreached: Reached unreachable code
+PASS Disallow redirect with userinfo (user:pass@) 
+PASS Disallow redirect with userinfo (user:@) 
+PASS Disallow redirect with userinfo (user@) 
 PASS Allow redirect without userinfo (:@ is trimmed during URL parsing) 
-FAIL Disallow redirect with userinfo (:pass@) assert_unreached: Reached unreachable code
+PASS Disallow redirect with userinfo (:pass@) 
 PASS Allow redirect without userinfo (@ is trimmed during URL parsing) 
 
index 434dd51..b2e78e3 100644 (file)
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=301&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://user:@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=301&location=http://:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=302&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://user:@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=302&location=http://:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=303&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://user:@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=303&location=http://:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=307&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://user:@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=307&location=http://:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=308&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://:password@localhost:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://:password@localhost:8801/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://user:@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Fetch API cannot load http://localhost:8801/fetch/api/resources/redirect.py?redirect_status=308&location=http://:password@127.0.0.1:8800/fetch/api/cors/../resources/preflight.py due to access control checks.
 
 PASS Redirect 301 from same origin to remote without user and password 
-FAIL Redirect 301 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 301 from same origin to remote with user and password 
+PASS Redirect 301 from same origin to remote with user 
+PASS Redirect 301 from same origin to remote with password 
+PASS Redirect 301 from remote to same origin with user and password 
+PASS Redirect 301 from remote to same origin with user 
+PASS Redirect 301 from remote to same origin with password 
+PASS Redirect 301 from remote to same remote with user and password 
+PASS Redirect 301 from remote to same remote with user 
+PASS Redirect 301 from remote to same remote with password 
+PASS Redirect 301 from remote to another remote with user and password 
+PASS Redirect 301 from remote to another remote with user 
+PASS Redirect 301 from remote to another remote with password 
 PASS Redirect 302 from same origin to remote without user and password 
-FAIL Redirect 302 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 302 from same origin to remote with user and password 
+PASS Redirect 302 from same origin to remote with user 
+PASS Redirect 302 from same origin to remote with password 
+PASS Redirect 302 from remote to same origin with user and password 
+PASS Redirect 302 from remote to same origin with user 
+PASS Redirect 302 from remote to same origin with password 
+PASS Redirect 302 from remote to same remote with user and password 
+PASS Redirect 302 from remote to same remote with user 
+PASS Redirect 302 from remote to same remote with password 
+PASS Redirect 302 from remote to another remote with user and password 
+PASS Redirect 302 from remote to another remote with user 
+PASS Redirect 302 from remote to another remote with password 
 PASS Redirect 303 from same origin to remote without user and password 
-FAIL Redirect 303 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 303 from same origin to remote with user and password 
+PASS Redirect 303 from same origin to remote with user 
+PASS Redirect 303 from same origin to remote with password 
+PASS Redirect 303 from remote to same origin with user and password 
+PASS Redirect 303 from remote to same origin with user 
+PASS Redirect 303 from remote to same origin with password 
+PASS Redirect 303 from remote to same remote with user and password 
+PASS Redirect 303 from remote to same remote with user 
+PASS Redirect 303 from remote to same remote with password 
+PASS Redirect 303 from remote to another remote with user and password 
+PASS Redirect 303 from remote to another remote with user 
+PASS Redirect 303 from remote to another remote with password 
 PASS Redirect 307 from same origin to remote without user and password 
-FAIL Redirect 307 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 307 from same origin to remote with user and password 
+PASS Redirect 307 from same origin to remote with user 
+PASS Redirect 307 from same origin to remote with password 
+PASS Redirect 307 from remote to same origin with user and password 
+PASS Redirect 307 from remote to same origin with user 
+PASS Redirect 307 from remote to same origin with password 
+PASS Redirect 307 from remote to same remote with user and password 
+PASS Redirect 307 from remote to same remote with user 
+PASS Redirect 307 from remote to same remote with password 
+PASS Redirect 307 from remote to another remote with user and password 
+PASS Redirect 307 from remote to another remote with user 
+PASS Redirect 307 from remote to another remote with password 
 PASS Redirect 308 from same origin to remote without user and password 
-FAIL Redirect 308 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 308 from same origin to remote with user and password 
+PASS Redirect 308 from same origin to remote with user 
+PASS Redirect 308 from same origin to remote with password 
+PASS Redirect 308 from remote to same origin with user and password 
+PASS Redirect 308 from remote to same origin with user 
+PASS Redirect 308 from remote to same origin with password 
+PASS Redirect 308 from remote to same remote with user and password 
+PASS Redirect 308 from remote to same remote with user 
+PASS Redirect 308 from remote to same remote with password 
+PASS Redirect 308 from remote to another remote with user and password 
+PASS Redirect 308 from remote to another remote with user 
+PASS Redirect 308 from remote to another remote with password 
 
index 434dd51..7e77c52 100644 (file)
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://user@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: redirection URL http://:password@127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 has credentials
 
 PASS Redirect 301 from same origin to remote without user and password 
-FAIL Redirect 301 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 301 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 301 from same origin to remote with user and password 
+PASS Redirect 301 from same origin to remote with user 
+PASS Redirect 301 from same origin to remote with password 
+PASS Redirect 301 from remote to same origin with user and password 
+PASS Redirect 301 from remote to same origin with user 
+PASS Redirect 301 from remote to same origin with password 
+PASS Redirect 301 from remote to same remote with user and password 
+PASS Redirect 301 from remote to same remote with user 
+PASS Redirect 301 from remote to same remote with password 
+PASS Redirect 301 from remote to another remote with user and password 
+PASS Redirect 301 from remote to another remote with user 
+PASS Redirect 301 from remote to another remote with password 
 PASS Redirect 302 from same origin to remote without user and password 
-FAIL Redirect 302 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 302 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 302 from same origin to remote with user and password 
+PASS Redirect 302 from same origin to remote with user 
+PASS Redirect 302 from same origin to remote with password 
+PASS Redirect 302 from remote to same origin with user and password 
+PASS Redirect 302 from remote to same origin with user 
+PASS Redirect 302 from remote to same origin with password 
+PASS Redirect 302 from remote to same remote with user and password 
+PASS Redirect 302 from remote to same remote with user 
+PASS Redirect 302 from remote to same remote with password 
+PASS Redirect 302 from remote to another remote with user and password 
+PASS Redirect 302 from remote to another remote with user 
+PASS Redirect 302 from remote to another remote with password 
 PASS Redirect 303 from same origin to remote without user and password 
-FAIL Redirect 303 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 303 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 303 from same origin to remote with user and password 
+PASS Redirect 303 from same origin to remote with user 
+PASS Redirect 303 from same origin to remote with password 
+PASS Redirect 303 from remote to same origin with user and password 
+PASS Redirect 303 from remote to same origin with user 
+PASS Redirect 303 from remote to same origin with password 
+PASS Redirect 303 from remote to same remote with user and password 
+PASS Redirect 303 from remote to same remote with user 
+PASS Redirect 303 from remote to same remote with password 
+PASS Redirect 303 from remote to another remote with user and password 
+PASS Redirect 303 from remote to another remote with user 
+PASS Redirect 303 from remote to another remote with password 
 PASS Redirect 307 from same origin to remote without user and password 
-FAIL Redirect 307 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 307 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 307 from same origin to remote with user and password 
+PASS Redirect 307 from same origin to remote with user 
+PASS Redirect 307 from same origin to remote with password 
+PASS Redirect 307 from remote to same origin with user and password 
+PASS Redirect 307 from remote to same origin with user 
+PASS Redirect 307 from remote to same origin with password 
+PASS Redirect 307 from remote to same remote with user and password 
+PASS Redirect 307 from remote to same remote with user 
+PASS Redirect 307 from remote to same remote with password 
+PASS Redirect 307 from remote to another remote with user and password 
+PASS Redirect 307 from remote to another remote with user 
+PASS Redirect 307 from remote to another remote with password 
 PASS Redirect 308 from same origin to remote without user and password 
-FAIL Redirect 308 from same origin to remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from same origin to remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from same origin to remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same origin with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to same remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with user and password assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with user assert_unreached: Should have rejected: undefined Reached unreachable code
-FAIL Redirect 308 from remote to another remote with password assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS Redirect 308 from same origin to remote with user and password 
+PASS Redirect 308 from same origin to remote with user 
+PASS Redirect 308 from same origin to remote with password 
+PASS Redirect 308 from remote to same origin with user and password 
+PASS Redirect 308 from remote to same origin with user 
+PASS Redirect 308 from remote to same origin with password 
+PASS Redirect 308 from remote to same remote with user and password 
+PASS Redirect 308 from remote to same remote with user 
+PASS Redirect 308 from remote to same remote with password 
+PASS Redirect 308 from remote to another remote with user and password 
+PASS Redirect 308 from remote to another remote with user 
+PASS Redirect 308 from remote to another remote with password 
 
index bb4a559..a7d8c7c 100644 (file)
@@ -1,22 +1,22 @@
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=301&location=invalidurl%3A due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=301&location=data%3A%2Cdata%2520url due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=302&location=invalidurl%3A due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=302&location=data%3A%2Cdata%2520url due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=303&location=invalidurl%3A due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=303&location=data%3A%2Cdata%2520url due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=307&location=invalidurl%3A due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=307&location=data%3A%2Cdata%2520url due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=308&location=invalidurl%3A due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?redirect_status=308&location=data%3A%2Cdata%2520url due to access control checks.
 
 PASS Redirect 301 in "follow" mode without location 
index 5293dd6..46f0bcd 100644 (file)
@@ -1,13 +1,13 @@
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to invalidurl: denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: Cross-origin redirection to data:,data%20url denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 
 PASS Redirect 301 in "follow" mode without location 
 PASS Redirect 301 in "manual" mode without location 
index 1777cd6..b89dd8a 100644 (file)
@@ -1,12 +1,12 @@
-CONSOLE MESSAGE: Cross-origin redirection to mailto:a@a.com denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to mailto:a@a.com denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?location=mailto:a@a.com due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to data:,HI denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:,HI denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?location=data:,HI due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to facetime:a@a.org denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to facetime:a@a.org denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?location=facetime:a@a.org due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to about:blank denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to about:blank denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?location=about:blank due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to about:unicorn denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to about:unicorn denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?location=about:unicorn due to access control checks.
 CONSOLE MESSAGE: Not allowed to load local resource: blob:djfksfjs
 
index 96d0eae..da8b3a7 100644 (file)
@@ -1,10 +1,10 @@
-CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://localhost:8800/fetch/api/resources/redirect.py?cors&location=data%3Atext%2Fplain%3Bbase64%2CcmVzcG9uc2UncyBib2R5 due to access control checks.
 CONSOLE MESSAGE: Redirection to URL with a scheme that is not HTTP(S).
 CONSOLE MESSAGE: Fetch API cannot load data:text/plain;base64,cmVzcG9uc2UncyBib2R5 due to access control checks.
 CONSOLE MESSAGE: Unsafe attempt to load URL data:text/plain;base64,cmVzcG9uc2UncyBib2R5 from origin http://localhost:8800. Domains, protocols and ports must match.
 
-CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Fetch API cannot load http://127.0.0.1:8800/fetch/api/resources/redirect.py?cors&location=data%3Atext%2Fplain%3Bbase64%2CcmVzcG9uc2UncyBib2R5 due to access control checks.
 CONSOLE MESSAGE: Redirection to URL with a scheme that is not HTTP(S).
 CONSOLE MESSAGE: Fetch API cannot load data:text/plain;base64,cmVzcG9uc2UncyBib2R5 due to access control checks.
index b16c54d..20a654c 100644 (file)
@@ -1,7 +1,7 @@
-CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 CONSOLE MESSAGE: Unsafe attempt to load URL data:text/plain;base64,cmVzcG9uc2UncyBib2R5 from origin http://localhost:8800. Domains, protocols and ports must match.
 
-CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
+CONSOLE MESSAGE: Cross-origin redirection to data:text/plain;base64,cmVzcG9uc2UncyBib2R5 denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
 
 PASS Testing data URL loading after same-origin redirection (cors mode) 
 PASS Testing data URL loading after same-origin redirection (no-cors mode) 
index 80fdf01..c790f90 100644 (file)
@@ -1,9 +1,13 @@
+CONSOLE MESSAGE: Cross-origin redirection to https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443&PNGIMAGE&ACACredentials=true denied by Cross-Origin Resource Sharing policy: redirection URL https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443&PNGIMAGE&ACACredentials=true has credentials
+CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/common/redirect.py?location=https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443%26PNGIMAGE%26ACACredentials=true due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to https://127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443&PNGIMAGE&ACACredentials=true denied by Cross-Origin Resource Sharing policy: redirection URL https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443&PNGIMAGE&ACACredentials=true has credentials
+CONSOLE MESSAGE: Cannot load image https://localhost:9443/common/redirect.py?location=https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/fetch-access-control.py?ACAOrigin=%20https://localhost:9443%26PNGIMAGE%26ACACredentials=true due to access control checks.
 
 PASS No CORS fetch after a redirect with an URL containing credentials 
-FAIL CORS fetch after a redirect with a cross origin URL containing credentials assert_unreached: Should have rejected: undefined Reached unreachable code
+PASS CORS fetch after a redirect with a cross origin URL containing credentials 
 PASS CORS fetch after a redirect with a same origin URL containing credentials 
 PASS Image loading after a redirect with an URL containing credentials 
-FAIL CORS Image loading after a redirect with a cross origin URL containing credentials promise_test: Unhandled rejection with value: "Image should not load"
+PASS CORS Image loading after a redirect with a cross origin URL containing credentials 
 PASS CORS Image loading after a redirect with a same origin URL containing credentials 
 PASS Frame loading after a redirect with an URL containing credentials 
 
index 0252e1e..6d99056 100644 (file)
@@ -6,8 +6,10 @@ CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/nonav-follow-sameo
 CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Unsafe attempt to load URL https://127.0.0.1:9443/service-workers/service-worker/resources/success.py?ACAOrigin=https%3A%2F%2Flocalhost%3A9443 from origin https://localhost:9443. Domains, protocols and ports must match.
 
 CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/nonav-follow-sameorigin-redirects-to-cors-nocreds?url=redirect.py%3FRedirect%3Dhttps%253A%252F%252F127.0.0.1%253A9443%252Fservice-workers%252Fservice-worker%252Fresources%252Fsuccess.py%253FACAOrigin%253Dhttps%25253A%25252F%25252Flocalhost%25253A9443.
-CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Origin https://localhost:9443 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cross-origin redirection to https://127.0.0.1:9443/service-workers/service-worker/resources/success.py denied by Cross-Origin Resource Sharing policy: redirection URL https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/success.py has credentials
 CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/nonav-follow-cors-redirects-to-nocors-creds?url=redirect.py%3FRedirect%3Dhttps%253A%252F%252Ffoo%253Abar%2540127.0.0.1%253A9443%252Fservice-workers%252Fservice-worker%252Fresources%252Fsuccess.py.
+CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Cross-origin redirection to https://127.0.0.1:9443/service-workers/service-worker/resources/success.py?ACAOrigin=https%3A%2F%2Flocalhost%3A9443 denied by Cross-Origin Resource Sharing policy: redirection URL https://foo:bar@127.0.0.1:9443/service-workers/service-worker/resources/success.py?ACAOrigin=https%3A%2F%2Flocalhost%3A9443 has credentials
+CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/nonav-follow-cors-redirects-to-cors-creds?url=redirect.py%3FRedirect%3Dhttps%253A%252F%252Ffoo%253Abar%2540127.0.0.1%253A9443%252Fservice-workers%252Fservice-worker%252Fresources%252Fsuccess.py%253FACAOrigin%253Dhttps%25253A%25252F%25252Flocalhost%25253A9443.
 CONSOLE MESSAGE: FetchEvent.respondWith received an error: TypeError: Unsafe attempt to load URL https://127.0.0.1:9443/service-workers/service-worker/resources/success.py from origin https://localhost:9443. Domains, protocols and ports must match.
 
 CONSOLE MESSAGE: Fetch API cannot load https://localhost:9443/nonav-follow-sameorigin-redirects-to-nocors-creds?url=redirect.py%3FRedirect%3Dhttps%253A%252F%252Ffoo%253Abar%2540127.0.0.1%253A9443%252Fservice-workers%252Fservice-worker%252Fresources%252Fsuccess.py.
@@ -81,7 +83,7 @@ PASS Non-navigation, follow redirect, no-cors mode Request redirected to no-cors
 PASS Non-navigation, follow redirect, no-cors mode Request redirected to cors without credentials should succeed interception and response should not be redirected 
 PASS Non-navigation, follow redirect, cors mode Request redirected to same-origin with credentials should succeed interception and response should be redirected 
 PASS Non-navigation, follow redirect, cors mode Request redirected to no-cors with credentials should fail interception and response should not be redirected 
-FAIL Non-navigation, follow redirect, cors mode Request redirected to cors with credentials should fail interception and response should be redirected promise_test: Unhandled rejection with value: "assert_promise_rejects: Must fail to fetch: url=/nonav-follow-cors-redirects-to-cors-creds?url=redirect.py%3FRedirect%3Dhttps%253A%252F%252Ffoo%253Abar%2540127.0.0.1%253A9443%252Fservice-workers%252Fservice-worker%252Fresources%252Fsuccess.py%253FACAOrigin%253Dhttps%25253A%25252F%25252Flocalhost%25253A9443 Promise did not reject."
+PASS Non-navigation, follow redirect, cors mode Request redirected to cors with credentials should fail interception and response should be redirected 
 PASS Non-navigation, follow redirect, same-origin mode Request redirected to same-origin with credentials should succeed interception and response should be redirected 
 PASS Non-navigation, follow redirect, same-origin mode Request redirected to no-cors with credentials should fail interception and response should not be redirected 
 PASS Non-navigation, follow redirect, same-origin mode Request redirected to cors with credentials should fail interception and response should not be redirected 
index ecc2db3..cb1cbeb 100644 (file)
@@ -1,13 +1,17 @@
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/XMLHttpRequest/resources/access-control-basic-allow-star.py denied by Cross-Origin Resource Sharing policy: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
-CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/XMLHttpRequest/resources/redirect-cors.py?location=http://127.0.0.1:8800/XMLHttpRequest/resources/access-control-basic-allow-star.py& due to access control checks.
-CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: URL is either a non-HTTP URL or contains credentials.
-CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/XMLHttpRequest/resources/redirect-cors.py?location=foo://bar.cgi&allow_origin=true due to access control checks.
-CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/XMLHttpRequest/resources/redirect-cors.py?location=http://127.0.0.1:8800/XMLHttpRequest/resources/access-control-basic-allow-star.py&allow_origin=true&redirect_preflight=true. Preflight response is not successful
-CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/XMLHttpRequest/resources/redirect-cors.py?location=http://127.0.0.1:8800/XMLHttpRequest/resources/access-control-basic-allow-star.py&allow_origin=true&allow_header=x-test&redirect_preflight=true. Preflight response is not successful
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py denied by Cross-Origin Resource Sharing policy: Origin http://localhost:8800 is not allowed by Access-Control-Allow-Origin.
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/xhr/resources/redirect-cors.py?location=http://127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py& due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py denied by Cross-Origin Resource Sharing policy: redirection URL http://username:password@127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py has credentials
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/xhr/resources/redirect-cors.py?location=http://username:password@127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py&allow_origin=true due to access control checks.
+CONSOLE MESSAGE: Cross-origin redirection to foo://bar.cgi denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/xhr/resources/redirect-cors.py?location=foo://bar.cgi&allow_origin=true due to access control checks.
+CONSOLE MESSAGE: Preflight response is not successful
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/xhr/resources/redirect-cors.py?location=http://127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py&allow_origin=true&redirect_preflight=true due to access control checks.
+CONSOLE MESSAGE: Preflight response is not successful
+CONSOLE MESSAGE: XMLHttpRequest cannot load http://127.0.0.1:8800/xhr/resources/redirect-cors.py?location=http://127.0.0.1:8800/xhr/resources/access-control-basic-allow-star.py&allow_origin=true&allow_header=x-test&redirect_preflight=true due to access control checks.
 
 PASS Request is redirected without CORS headers to a response with Access-Control-Allow-Origin=* 
 PASS Request is redirected to a response with Access-Control-Allow-Origin=* 
-FAIL Request with user info is redirected to a response with Access-Control-Allow-Origin=* assert_true: expected true got false
+PASS Request with user info is redirected to a response with Access-Control-Allow-Origin=* 
 PASS Request is redirect to a bad URL 
 PASS Preflighted request is redirected to a response with Access-Control-Allow-Origin=* 
 PASS Preflighted request is redirected to a response with Access-Control-Allow-Origin=* and header allowed 
index 061d102..99223b5 100644 (file)
@@ -1,3 +1,22 @@
+2019-11-11  Youenn Fablet  <youenn@apple.com>
+
+        Fail cross-origin redirection loads in case of CORS with redirection URLs having credentials
+        https://bugs.webkit.org/show_bug.cgi?id=204036
+
+        Reviewed by Alex Christensen.
+
+        Update checks in SubresourceLoader according networking process.
+        Make error messages consistent,
+        Test: http/tests/navigation/page-cache-mediastream.html
+
+        * loader/CrossOriginAccessControl.cpp:
+        (WebCore::validateCrossOriginRedirectionURL):
+        (WebCore::isValidCrossOriginRedirectionURL): Deleted.
+        * loader/CrossOriginAccessControl.h:
+        * loader/SubresourceLoader.cpp:
+        (WebCore::SubresourceLoader::didReceiveResponse):
+        (WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):
+
 2019-11-11  Jer Noble  <jer.noble@apple.com>
 
         ASSERT at PlatformCALayerCocoa::avPlayerLayer(): [platformLayer() sublayers].count == 1
index bb29de1..3d2fcd0 100644 (file)
@@ -127,11 +127,15 @@ CachedResourceRequest createPotentialAccessControlRequest(ResourceRequest&& requ
     return cachedRequest;
 }
 
-bool isValidCrossOriginRedirectionURL(const URL& redirectURL)
+String validateCrossOriginRedirectionURL(const URL& redirectURL)
 {
-    return LegacySchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(redirectURL.protocol().toStringWithoutCopying())
-        && redirectURL.user().isEmpty()
-        && redirectURL.pass().isEmpty();
+    if (!LegacySchemeRegistry::shouldTreatURLSchemeAsCORSEnabled(redirectURL.protocol().toStringWithoutCopying()))
+        return makeString("not allowed to follow a cross-origin CORS redirection with non CORS scheme");
+
+    if (redirectURL.hasUsername() || redirectURL.hasPassword())
+        return makeString("redirection URL ", redirectURL.string(), " has credentials");
+
+    return { };
 }
 
 OptionSet<HTTPHeadersToKeepFromCleaning> httpHeadersToKeepFromCleaning(const HTTPHeaderMap& headers)
index 1444966..b093866 100644 (file)
@@ -54,8 +54,6 @@ WEBCORE_EXPORT void updateRequestForAccessControl(ResourceRequest&, SecurityOrig
 WEBCORE_EXPORT ResourceRequest createAccessControlPreflightRequest(const ResourceRequest&, SecurityOrigin&, const String&);
 CachedResourceRequest createPotentialAccessControlRequest(ResourceRequest&&, Document&, const String& crossOriginAttribute, ResourceLoaderOptions&&);
 
-bool isValidCrossOriginRedirectionURL(const URL&);
-
 enum class HTTPHeadersToKeepFromCleaning {
     ContentType = 1 << 0,
     Referer = 1 << 1,
@@ -72,5 +70,6 @@ WEBCORE_EXPORT bool validatePreflightResponse(const ResourceRequest&, const Reso
 
 WEBCORE_EXPORT Optional<ResourceError> validateCrossOriginResourcePolicy(const SecurityOrigin&, const URL&, const ResourceResponse&);
 Optional<ResourceError> validateRangeRequestedFlag(const ResourceRequest&, const ResourceResponse&);
+String validateCrossOriginRedirectionURL(const URL&);
 
 } // namespace WebCore
index bdd723c..f478df0 100644 (file)
@@ -600,9 +600,11 @@ bool SubresourceLoader::checkRedirectionCrossOriginAccessControl(const ResourceR
 
     // Implementing https://fetch.spec.whatwg.org/#concept-http-redirect-fetch step 7 & 8.
     if (options().mode == FetchOptions::Mode::Cors) {
-        if (m_resource->isCrossOrigin() && !isValidCrossOriginRedirectionURL(newRequest.url())) {
-            errorMessage = "URL is either a non-HTTP URL or contains credentials."_s;
-            return false;
+        if (m_resource->isCrossOrigin()) {
+            auto locationString = redirectResponse.httpHeaderField(HTTPHeaderName::Location);
+            errorMessage = validateCrossOriginRedirectionURL(URL(redirectResponse.url(), locationString));
+            if (!errorMessage.isNull())
+                return false;
         }
 
         ASSERT(m_origin);
index cea2dd7..609d8b2 100644 (file)
@@ -1,3 +1,16 @@
+2019-11-11  Youenn Fablet  <youenn@apple.com>
+
+        Fail cross-origin redirection loads in case of CORS with redirection URLs having credentials
+        https://bugs.webkit.org/show_bug.cgi?id=204036
+
+        Reviewed by Alex Christensen.
+
+        Implement https://fetch.spec.whatwg.org/#http-redirect-fetch steps 7 and 8.
+        Covered by updated tests.
+
+        * NetworkProcess/NetworkLoadChecker.cpp:
+        (WebKit::NetworkLoadChecker::checkRedirection):
+
 2019-11-11  Per Arne Vollan  <pvollan@apple.com>
 
         [iOS] Unable to view .pages files
index 244eeb8..39f5bd9 100644 (file)
@@ -119,6 +119,18 @@ void NetworkLoadChecker::checkRedirection(ResourceRequest&& request, ResourceReq
     // FIXME: We should check that redirections are only HTTP(s) as per fetch spec.
     // See https://github.com/whatwg/fetch/issues/393
 
+    if (m_options.mode == FetchOptions::Mode::Cors && (!m_isSameOriginRequest || !isSameOrigin(request.url(), m_origin.get()))) {
+        auto location = URL(redirectResponse.url(), redirectResponse.httpHeaderField(HTTPHeaderName::Location));
+        if (m_schemeRegistry && !m_schemeRegistry->shouldTreatURLSchemeAsCORSEnabled(location.protocol())) {
+            handler(redirectionError(redirectResponse, makeString("Cross-origin redirection to ", redirectRequest.url().string(), " denied by Cross-Origin Resource Sharing policy: not allowed to follow a cross-origin CORS redirection with non CORS scheme")));
+            return;
+        }
+        if (location.hasUsername() || location.hasPassword()) {
+            handler(redirectionError(redirectResponse, makeString("Cross-origin redirection to ", redirectRequest.url().string(), " denied by Cross-Origin Resource Sharing policy: redirection URL ", location.string(), " has credentials")));
+            return;
+        }
+    }
+
     if (++m_redirectCount > 20) {
         handler(redirectionError(redirectResponse, "Load cannot follow more than 20 redirections"_s));
         return;