Bug 845273 - Backout Access-Control-Allow-Origin checks (bug 814117) for site breakage r=jduell
authorJason Duell <jduell.mcbugs@gmail.com>
Thu, 14 Mar 2013 13:59:33 -0700
changeset 124834 2626965bcf333f15f9c30c3836cf4b0477593961
parent 124833 8b3c093d11eb8ec44353ae1ba4fecb24e2d743e8
child 124835 8f6fa0ad12737fac26c6d8fbe96034daf8439758
push id24436
push userryanvm@gmail.com
push dateFri, 15 Mar 2013 11:52:55 +0000
treeherdermozilla-central@8f5b1f9f5804 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjduell
bugs845273, 814117
milestone22.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 845273 - Backout Access-Control-Allow-Origin checks (bug 814117) for site breakage r=jduell
netwerk/protocol/http/nsHttpAtomList.h
netwerk/protocol/http/nsHttpHeaderArray.h
netwerk/test/unit/test_duplicate_headers.js
--- a/netwerk/protocol/http/nsHttpAtomList.h
+++ b/netwerk/protocol/http/nsHttpAtomList.h
@@ -16,17 +16,16 @@
   The first argument to HTTP_ATOM is the C++ name of the atom.
   The second argument to HTTP_ATOM is the string value of the atom.
  ******/
 
 HTTP_ATOM(Accept,                    "Accept")
 HTTP_ATOM(Accept_Encoding,           "Accept-Encoding")
 HTTP_ATOM(Accept_Language,           "Accept-Language")
 HTTP_ATOM(Accept_Ranges,             "Accept-Ranges")
-HTTP_ATOM(Access_Control_Allow_Origin, "Access-Control-Allow-Origin")
 HTTP_ATOM(Age,                       "Age")
 HTTP_ATOM(Allow,                     "Allow")
 HTTP_ATOM(Alternate_Protocol,        "Alternate-Protocol")
 HTTP_ATOM(Assoc_Req,                 "Assoc-Req")
 HTTP_ATOM(Authentication,            "Authentication")
 HTTP_ATOM(Authorization,             "Authorization")
 HTTP_ATOM(Cache_Control,             "Cache-Control")
 HTTP_ATOM(Connection,                "Connection")
--- a/netwerk/protocol/http/nsHttpHeaderArray.h
+++ b/netwerk/protocol/http/nsHttpHeaderArray.h
@@ -157,17 +157,16 @@ nsHttpHeaderArray::IsSingletonHeader(nsH
            header == nsHttp::Referer             ||
            header == nsHttp::Host                ||
            header == nsHttp::Authorization       ||
            header == nsHttp::Proxy_Authorization ||
            header == nsHttp::If_Modified_Since   ||
            header == nsHttp::If_Unmodified_Since ||
            header == nsHttp::From                ||
            header == nsHttp::Location            ||
-           header == nsHttp::Access_Control_Allow_Origin ||
            header == nsHttp::Max_Forwards;
 }
 
 inline bool
 nsHttpHeaderArray::TrackEmptyHeader(nsHttpAtom header)
 {
     return header == nsHttp::Content_Length ||
            header == nsHttp::Location;
@@ -197,18 +196,17 @@ nsHttpHeaderArray::MergeHeader(nsHttpAto
     entry->value.Append(value);
 }
 
 inline bool
 nsHttpHeaderArray::IsSuspectDuplicateHeader(nsHttpAtom header)
 {
     bool retval =  header == nsHttp::Content_Length         ||
                      header == nsHttp::Content_Disposition    ||
-                     header == nsHttp::Access_Control_Allow_Origin ||
                      header == nsHttp::Location;
 
-    MOZ_ASSERT(!retval || IsSingletonHeader(header),
-               "Only non-mergeable headers should be in this list\n");
+    NS_ASSERTION(!retval || IsSingletonHeader(header),
+                 "Only non-mergeable headers should be in this list\n");
 
     return retval;
 }
 
 #endif
--- a/netwerk/test/unit/test_duplicate_headers.js
+++ b/netwerk/test/unit/test_duplicate_headers.js
@@ -594,37 +594,11 @@ function handler20(metadata, response)
   response.write(body);
   response.finish();
 }
 
 function completeTest20(request, data, ctx)
 {
   do_check_eq(request.status, Components.results.NS_ERROR_CORRUPTED_CONTENT);
 
-  run_test_number(21);
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// FAIL if multiple Access-Control-Allow-Origin headers provided
-
-test_flags[21] = CL_EXPECT_FAILURE;
-
-function handler21(metadata, response)
-{
-  var body = "012345678901234567890123456789";
-  response.seizePower();
-  response.write("HTTP/1.0 200 OK\r\n");
-  response.write("Content-Type: text/plain\r\n");
-  response.write("Content-Length: 30\r\n");
-  response.write("Access-Control-Allow-Origin: www.mozilla.org\r\n");
-  response.write("Access-Control-Allow-Origin: www.evil.net\r\n");
-  response.write("\r\n");
-  response.write(body);
-  response.finish();
-}
-
-function completeTest21(request, data, ctx)
-{
-  do_check_eq(request.status, Components.results.NS_ERROR_CORRUPTED_CONTENT);
-
   endTests();
 }