mirror of
https://github.com/servo/servo.git
synced 2025-08-03 20:50:07 +01:00
makes XMLHttpRequest::SetRequestHeader call dom::headers::is_forbidden_header_name
This commit is contained in:
parent
530b02790b
commit
60549c47ba
2 changed files with 4 additions and 16 deletions
|
@ -25,6 +25,7 @@ use dom::document::DocumentSource;
|
|||
use dom::document::{Document, IsHTMLDocument};
|
||||
use dom::event::{Event, EventBubbles, EventCancelable};
|
||||
use dom::eventtarget::EventTarget;
|
||||
use dom::headers::is_forbidden_header_name;
|
||||
use dom::progressevent::ProgressEvent;
|
||||
use dom::xmlhttprequesteventtarget::XMLHttpRequestEventTarget;
|
||||
use dom::xmlhttprequestupload::XMLHttpRequestUpload;
|
||||
|
@ -416,21 +417,8 @@ impl XMLHttpRequestMethods for XMLHttpRequest {
|
|||
// Step 5
|
||||
// Disallowed headers and header prefixes:
|
||||
// https://fetch.spec.whatwg.org/#forbidden-header-name
|
||||
let disallowedHeaders =
|
||||
["accept-charset", "accept-encoding",
|
||||
"access-control-request-headers",
|
||||
"access-control-request-method",
|
||||
"connection", "content-length",
|
||||
"cookie", "cookie2", "date", "dnt",
|
||||
"expect", "host", "keep-alive", "origin",
|
||||
"referer", "te", "trailer", "transfer-encoding",
|
||||
"upgrade", "via"];
|
||||
|
||||
let disallowedHeaderPrefixes = ["sec-", "proxy-"];
|
||||
|
||||
if disallowedHeaders.iter().any(|header| *header == s) ||
|
||||
disallowedHeaderPrefixes.iter().any(|prefix| s.starts_with(prefix)) {
|
||||
return Ok(())
|
||||
if is_forbidden_header_name(s) {
|
||||
return Ok(());
|
||||
} else {
|
||||
s
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue