Diff
Modified: trunk/LayoutTests/imported/w3c/ChangeLog (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/ChangeLog 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,3 +1,21 @@
+2016-08-06 Youenn Fablet <[email protected]>
+
+ [Fetch API] Fetch API should strip fragment and credentials from URLs used as referrer
+ https://bugs.webkit.org/show_bug.cgi?id=160593
+
+ Reviewed by Alex Christensen.
+
+ * web-platform-tests/fetch/api/basic/referrer-expected.txt:
+ * web-platform-tests/fetch/api/basic/referrer-worker-expected.txt:
+ * web-platform-tests/fetch/api/basic/referrer.js:
+ (runTest): Adding more tests.
+ One test is failing as the redirection from same-origin to cross-origin is stripping the referer header.
+ But none is added afterwards. Hence cross-origin redirected request is sent without any referer header.
+ * web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt: Rebasing according redirect.py script changes.
+ * web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt: Ditto.
+ * web-platform-tests/fetch/api/resources/redirect.py:
+ (main): Fixing rediret.py script.
+
2016-08-05 Chris Dumez <[email protected]>
DOMException should be constructible
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,4 +1,8 @@
PASS origin-when-cross-origin policy on a same-origin URL
PASS origin-when-cross-origin policy on a cross-origin URL
+FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null
+PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection
+PASS Referrer with credentials should be stripped
+PASS Referrer with fragment ID should be stripped
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer-worker-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,4 +1,8 @@
PASS origin-when-cross-origin policy on a same-origin URL
PASS origin-when-cross-origin policy on a cross-origin URL
+FAIL origin-when-cross-origin policy on a cross-origin URL after same-origin redirection assert_equals: Request's referrer is correct expected (string) "http://localhost:8800/" but got (object) null
+PASS origin-when-cross-origin policy on a same-origin URL after cross-origin redirection
+PASS Referrer with credentials should be stripped
+PASS Referrer with fragment ID should be stripped
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/basic/referrer.js 2016-08-06 08:50:13 UTC (rev 204224)
@@ -6,6 +6,11 @@
function runTest(url, init, expectedReferrer, title) {
promise_test(function(test) {
+ if (url.indexOf('?') !== -1)
+ url += "&headers=referer&cors";
+ else
+ url += "?headers=referer&cors";
+
return fetch(url , init).then(function(resp) {
assert_equals(resp.status, 200, "HTTP status is 200");
assert_equals(resp.headers.get("x-request-referer"), expectedReferrer, "Request's referrer is correct");
@@ -13,13 +18,21 @@
}, title);
}
-var fetchedUrl = RESOURCES_DIR + "inspect-headers.py?headers=referer";
-var corsFetchedUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py?headers=referer&cors";
+var fetchedUrl = RESOURCES_DIR + "inspect-headers.py";
+var corsFetchedUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py";
var redirectUrl = RESOURCES_DIR + "redirect.py?location=" ;
var corsRedirectUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "redirect.py?location=";
runTest(fetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, location.toString(), "origin-when-cross-origin policy on a same-origin URL");
runTest(corsFetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a cross-origin URL");
+runTest(redirectUrl + corsFetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a cross-origin URL after same-origin redirection");
+runTest(corsRedirectUrl + fetchedUrl, { referrerPolicy: "origin-when-cross-origin"}, get_host_info().HTTP_ORIGIN + "/", "origin-when-cross-origin policy on a same-origin URL after cross-origin redirection");
+
+var referrerUrlWithCredentials = get_host_info().HTTP_ORIGIN.replace("http://", "http://username:password@");
+runTest(fetchedUrl, {referrer: referrerUrlWithCredentials}, get_host_info().HTTP_ORIGIN + "/", "Referrer with credentials should be stripped");
+var referrerUrlWithFragmentIdentifier = get_host_info().HTTP_ORIGIN + "#fragmentIdentifier";
+runTest(fetchedUrl, {referrer: referrerUrlWithFragmentIdentifier}, get_host_info().HTTP_ORIGIN + "/", "Referrer with fragment ID should be stripped");
+
done();
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,48 +1,48 @@
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
PASS Redirect 301 from same origin to remote with user and password
PASS Redirect 301 from same origin to remote with user
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/cors/cors-redirect-credentials-worker-expected.txt 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,48 +1,48 @@
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27301%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27302%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27303%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27307%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
-CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=%5B%27308%27%5D&location=%5B%27http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py%27%5D&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=301&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=302&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=303&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=307&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://localhost:8801/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40localhost%3A8801%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2Fuser%3A%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
+CONSOLE MESSAGE: Cross-origin redirection to http://127.0.0.1:8800/fetch/api/resources/preflight.py?redirect_status=308&location=http%3A%2F%2F%3Apassword%40127.0.0.1%3A8800%2Ffetch%2Fapi%2Fcors%2F..%2Fresources%2Fpreflight.py&count=1 denied by Cross-Origin Resource Sharing policy: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
PASS Redirect 301 from same origin to remote with user and password
PASS Redirect 301 from same origin to remote with user
Modified: trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py (204223 => 204224)
--- trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/LayoutTests/imported/w3c/web-platform-tests/fetch/api/resources/redirect.py 2016-08-06 08:50:13 UTC (rev 204224)
@@ -37,7 +37,10 @@
if scheme == "" or scheme == "http" or scheme == "https":
url += "&" if '?' in url else "?"
#keep url parameters in location
- url += urlencode(request.GET.items())
+ url_parameters = {}
+ for item in request.GET.items():
+ url_parameters[item[0]] = item[1][0]
+ url += urlencode(url_parameters)
#make sure location changes during redirection loop
url += "&count=" + str(stashed_data['count'])
headers.append(("Location", url))
Modified: trunk/Source/WebCore/ChangeLog (204223 => 204224)
--- trunk/Source/WebCore/ChangeLog 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/ChangeLog 2016-08-06 08:50:13 UTC (rev 204224)
@@ -1,3 +1,30 @@
+2016-08-06 Youenn Fablet <[email protected]>
+
+ [Fetch API] Fetch API should strip fragment and credentials from URLs used as referrer
+ https://bugs.webkit.org/show_bug.cgi?id=160593
+
+ Reviewed by Alex Christensen.
+
+ Covered by updated tests.
+
+ Stripping of referrer value before sending a load request.
+
+ Fixing bug in workers as referrer value was overwritten by WorkerThreadableLoader.
+ The current handling of referrer values as HTTP header is not great as this may trigger unnecessary preflighting.
+ Refactoring should allow passing it as a separate parameter and setting it after preflighting as per
+ https://fetch.spec.whatwg.org/#http-network-or-cache-fetch.
+
+ Also a newly added test is failing, as SubresourceLoader is removing the referer header in case of a cross-origin redirection.
+ But none is added back.
+
+ * Modules/fetch/FetchRequest.cpp:
+ (WebCore::FetchRequest::internalRequest): Stripping referrer value.
+ * loader/WorkerThreadableLoader.cpp:
+ (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Do not override referrer value if one is defined.
+ * page/SecurityPolicy.cpp:
+ (WebCore::SecurityPolicy::generateReferrerHeader): Adding assertion to ensure referrer value does not contain
+ credentials and/or fragment identifiers.
+
2016-08-05 Yusuke Suzuki <[email protected]>
[ES6] Add ScriptElement::determineScriptType
Modified: trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp (204223 => 204224)
--- trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/Modules/fetch/FetchRequest.cpp 2016-08-06 08:50:13 UTC (rev 204224)
@@ -297,7 +297,7 @@
// FIXME: Support no-referrer and client. Ensure this case-sensitive comparison is ok.
if (m_internalRequest.referrer != "no-referrer" && m_internalRequest.referrer != "client")
- request.setHTTPReferrer(m_internalRequest.referrer);
+ request.setHTTPReferrer(URL(URL(), m_internalRequest.referrer).strippedForUseAsReferrer());
return request;
}
Modified: trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp (204223 => 204224)
--- trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/loader/WorkerThreadableLoader.cpp 2016-08-06 08:50:13 UTC (rev 204224)
@@ -111,7 +111,7 @@
auto contentSecurityPolicyCopy = std::make_unique<ContentSecurityPolicy>(*securityOrigin);
contentSecurityPolicyCopy->copyStateFrom(contentSecurityPolicy);
- auto optionsCopy = std::make_unique<LoaderTaskOptions>(options, outgoingReferrer, *securityOrigin);
+ auto optionsCopy = std::make_unique<LoaderTaskOptions>(options, request.httpReferrer().isNull() ? outgoingReferrer : request.httpReferrer(), *securityOrigin);
// Can we benefit from request being an r-value to create more efficiently its isolated copy?
m_loaderProxy.postTaskToLoader([this, request = request.isolatedCopy(), options = WTFMove(optionsCopy), contentSecurityPolicyCopy = WTFMove(contentSecurityPolicyCopy)](ScriptExecutionContext& context) mutable {
Modified: trunk/Source/WebCore/page/SecurityPolicy.cpp (204223 => 204224)
--- trunk/Source/WebCore/page/SecurityPolicy.cpp 2016-08-06 08:48:31 UTC (rev 204223)
+++ trunk/Source/WebCore/page/SecurityPolicy.cpp 2016-08-06 08:50:13 UTC (rev 204224)
@@ -68,6 +68,8 @@
String SecurityPolicy::generateReferrerHeader(ReferrerPolicy referrerPolicy, const URL& url, const String& referrer)
{
+ ASSERT(referrer == URL(URL(), referrer).strippedForUseAsReferrer());
+
if (referrer.isEmpty())
return String();
