diff options
| author | Patrick Shaughnessy <pshaughn@comcast.net> | 2020-02-14 13:13:22 -0500 |
|---|---|---|
| committer | Patrick Shaughnessy <pshaughn@comcast.net> | 2020-02-14 13:13:22 -0500 |
| commit | 739f09e19979b16b508cbb0048e519e1d4015f3a (patch) | |
| tree | 6225c2e6d1324c9d0eaf40141b3c1231a1cded5b | |
| parent | 4f36472b6fed75568c651cbbeecc6678791018a9 (diff) | |
| download | servo-739f09e19979b16b508cbb0048e519e1d4015f3a.tar.gz servo-739f09e19979b16b508cbb0048e519e1d4015f3a.zip | |
Handle access-control header wildcards
| -rw-r--r-- | components/net/fetch/methods.rs | 19 | ||||
| -rw-r--r-- | components/net_traits/response.rs | 8 | ||||
| -rw-r--r-- | tests/wpt/metadata/fetch/api/cors/cors-expose-star.sub.any.js.ini | 15 |
3 files changed, 13 insertions, 29 deletions
diff --git a/components/net/fetch/methods.rs b/components/net/fetch/methods.rs index e8c35e4a901..e3c74e9da05 100644 --- a/components/net/fetch/methods.rs +++ b/components/net/fetch/methods.rs @@ -340,15 +340,16 @@ pub fn main_fetch( .map(|v| v.iter().collect()); match header_names { // Subsubstep 2. - Some(ref list) if request.credentials_mode != CredentialsMode::Include => { - if list.len() == 1 && list[0] == "*" { - response.cors_exposed_header_name_list = response - .headers - .iter() - .map(|(name, _)| name.as_str().to_owned()) - .collect(); - } - }, + Some(ref list) + if request.credentials_mode != CredentialsMode::Include && + list.iter().any(|header| header == "*") => + { + response.cors_exposed_header_name_list = response + .headers + .iter() + .map(|(name, _)| name.as_str().to_owned()) + .collect(); + } // Subsubstep 3. Some(list) => { response.cors_exposed_header_name_list = diff --git a/components/net_traits/response.rs b/components/net_traits/response.rs index 4ee8b37eb56..34e46ebc6a3 100644 --- a/components/net_traits/response.rs +++ b/components/net_traits/response.rs @@ -6,7 +6,7 @@ //! resulting from a [fetch operation](https://fetch.spec.whatwg.org/#concept-fetch) use crate::{FetchMetadata, FilteredMetadata, Metadata, NetworkError, ReferrerPolicy}; use crate::{ResourceFetchTiming, ResourceTimingType}; -use headers::{AccessControlExposeHeaders, ContentType, HeaderMapExt}; +use headers::{ContentType, HeaderMapExt}; use http::{HeaderMap, StatusCode}; use hyper_serde::Serde; use servo_arc::Arc; @@ -241,6 +241,7 @@ impl Response { } let old_headers = old_response.headers.clone(); + let exposed_headers = old_response.cors_exposed_header_name_list.clone(); let mut response = old_response.clone(); response.internal_response = Some(Box::new(old_response)); response.response_type = filter_type; @@ -266,10 +267,7 @@ impl Response { "expires" | "last-modified" | "pragma" => true, "set-cookie" | "set-cookie2" => false, header => { - let access = old_headers.typed_get::<AccessControlExposeHeaders>(); - let result = access - .and_then(|v| v.iter().find(|h| *header == h.as_str().to_ascii_lowercase())); - result.is_some() + exposed_headers.iter().any(|h| *header == h.as_str().to_ascii_lowercase()) } } }).map(|(n, v)| (n.clone(), v.clone())).collect(); diff --git a/tests/wpt/metadata/fetch/api/cors/cors-expose-star.sub.any.js.ini b/tests/wpt/metadata/fetch/api/cors/cors-expose-star.sub.any.js.ini deleted file mode 100644 index 9b247bfeb2e..00000000000 --- a/tests/wpt/metadata/fetch/api/cors/cors-expose-star.sub.any.js.ini +++ /dev/null @@ -1,15 +0,0 @@ -[cors-expose-star.sub.any.html] - [Basic Access-Control-Expose-Headers: * support] - expected: FAIL - - [* can be one of several values] - expected: FAIL - - -[cors-expose-star.sub.any.worker.html] - [Basic Access-Control-Expose-Headers: * support] - expected: FAIL - - [* can be one of several values] - expected: FAIL - |