diff options
| author | benjhayden@chromium.org <benjhayden@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-14 18:43:07 +0000 |
|---|---|---|
| committer | benjhayden@chromium.org <benjhayden@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-14 18:43:07 +0000 |
| commit | 487427386756d7d83cbb30007c48a5df86d4f709 (patch) | |
| tree | 7d389664444cabe3d6229938b7559f3f635cdd00 /net/http/http_util_unittest.cc | |
| parent | 9e4c520da70a35cb45396ec8cb4bb53c4d334a5f (diff) | |
| download | chromium_src-487427386756d7d83cbb30007c48a5df86d4f709.zip chromium_src-487427386756d7d83cbb30007c48a5df86d4f709.tar.gz chromium_src-487427386756d7d83cbb30007c48a5df86d4f709.tar.bz2 | |
Update net::HttpUtil::IsSafeHeader() with two new headers
Looks like W3C added Access-Control-Request-Headers and Access-Control-Request-Method to the list of unsafe headers.
http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method
BUG=126264
Review URL: https://chromiumcodereview.appspot.com/10365012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@136923 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_util_unittest.cc')
| -rw-r--r-- | net/http/http_util_unittest.cc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/net/http/http_util_unittest.cc b/net/http/http_util_unittest.cc index 8293c80..fc38137 100644 --- a/net/http/http_util_unittest.cc +++ b/net/http/http_util_unittest.cc @@ -27,6 +27,8 @@ TEST(HttpUtilTest, IsSafeHeader) { "pRoXy-FoO", "accept-charset", "accept-encoding", + "access-control-request-headers", + "access-control-request-method", "connection", "content-length", "cookie", @@ -61,6 +63,11 @@ TEST(HttpUtilTest, IsSafeHeader) { "accept_charset", "accept-encodinga", "accept_encoding", + "access-control-request-headersa", + "access-control-request-header", + "access_control_request_header", + "access-control-request-methoda", + "access_control_request_method", "connectiona", "content-lengtha", "content_length", |