XHR CORS on 302 Redirect sets Origin to "null" in request
| Originator: | terinjokes | ||
| Number: | rdar://12466595 | Date Originated: | 09-Oct-2012 06:05 PM |
| Status: | Open | Resolved: | |
| Product: | Safari | Product Version: | 6.0.1 (8536.26.14) |
| Classification: | Serious Bug | Reproducible: | Always |
09-Oct-2012 06:05 PM Terin Stock: Summary: A XHR CORS request that includes a 302 redirect sets the Origin property to "null" in the redirected request. Steps to Reproduce: 0. Be on one domain (host: http://example.test) 1. Initiate a XHR CORS request to a resource. (host: http://test1.example.org) 2. The resource issues a 302 redirect to another resource on another domain (host: http://test2.example.org) Expected Results: The second request (to test2.example.org) would have set the Origin to "example.test" in the request Actual Results: During the second request the Origin is set to "null" Notes: Firefox 15.x: OK IE 8: OK Chrome: 24.0.1284.2 dev X-Post: https://bugs.webkit.org/show_bug.cgi?id=98838
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!