Bug 845273 - Backout Access-Control-Allow-Origin checks (bug 814117) for site breakage r=jduell a=lsblakk
authorJason Duell <jduell.mcbugs@gmail.com>
Thu, 14 Mar 2013 14:02:26 -0700
changeset 127750 ce589d7d2b006c7486f2b2d26ac93921791f4266
parent 127749 784c1f1815a98ba2bc0fd99a4314424423bdc722
child 127751 b43e14e2b81ccc1ae72186e3daacbb59c586ecb7
push id2280
push userjduell@mozilla.com
push dateThu, 14 Mar 2013 21:02:41 +0000
treeherdermozilla-beta@ce589d7d2b00 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjduell, lsblakk
bugs845273, 814117
milestone20.0
Bug 845273 - Backout Access-Control-Allow-Origin checks (bug 814117) for site breakage r=jduell a=lsblakk
netwerk/protocol/http/nsHttpAtomList.h
netwerk/protocol/http/nsHttpHeaderArray.h
netwerk/test/unit/test_duplicate_headers.js
--- a/netwerk/protocol/http/nsHttpAtomList.h
+++ b/netwerk/protocol/http/nsHttpAtomList.h
@@ -16,17 +16,16 @@
   The first argument to HTTP_ATOM is the C++ name of the atom.
   The second argument to HTTP_ATOM is the string value of the atom.
  ******/
 
 HTTP_ATOM(Accept,                    "Accept")
 HTTP_ATOM(Accept_Encoding,           "Accept-Encoding")
 HTTP_ATOM(Accept_Language,           "Accept-Language")
 HTTP_ATOM(Accept_Ranges,             "Accept-Ranges")
-HTTP_ATOM(Access_Control_Allow_Origin, "Access-Control-Allow-Origin")
 HTTP_ATOM(Age,                       "Age")
 HTTP_ATOM(Allow,                     "Allow")
 HTTP_ATOM(Alternate_Protocol,        "Alternate-Protocol")
 HTTP_ATOM(Assoc_Req,                 "Assoc-Req")
 HTTP_ATOM(Authentication,            "Authentication")
 HTTP_ATOM(Authorization,             "Authorization")
 HTTP_ATOM(Cache_Control,             "Cache-Control")
 HTTP_ATOM(Connection,                "Connection")
--- a/netwerk/protocol/http/nsHttpHeaderArray.h
+++ b/netwerk/protocol/http/nsHttpHeaderArray.h
@@ -157,17 +157,16 @@ nsHttpHeaderArray::IsSingletonHeader(nsH
            header == nsHttp::Referer             ||
            header == nsHttp::Host                ||
            header == nsHttp::Authorization       ||
            header == nsHttp::Proxy_Authorization ||
            header == nsHttp::If_Modified_Since   ||
            header == nsHttp::If_Unmodified_Since ||
            header == nsHttp::From                ||
            header == nsHttp::Location            ||
-           header == nsHttp::Access_Control_Allow_Origin ||
            header == nsHttp::Max_Forwards;
 }
 
 inline bool
 nsHttpHeaderArray::TrackEmptyHeader(nsHttpAtom header)
 {
     return header == nsHttp::Content_Length ||
            header == nsHttp::Location;
@@ -197,18 +196,17 @@ nsHttpHeaderArray::MergeHeader(nsHttpAto
     entry->value.Append(value);
 }
 
 inline bool
 nsHttpHeaderArray::IsSuspectDuplicateHeader(nsHttpAtom header)
 {
     bool retval =  header == nsHttp::Content_Length         ||
                      header == nsHttp::Content_Disposition    ||
-                     header == nsHttp::Access_Control_Allow_Origin ||
                      header == nsHttp::Location;
 
-    MOZ_ASSERT(!retval || IsSingletonHeader(header),
-               "Only non-mergeable headers should be in this list\n");
+    NS_ASSERTION(!retval || IsSingletonHeader(header),
+                 "Only non-mergeable headers should be in this list\n");
 
     return retval;
 }
 
 #endif
--- a/netwerk/test/unit/test_duplicate_headers.js
+++ b/netwerk/test/unit/test_duplicate_headers.js
@@ -594,37 +594,11 @@ function handler20(metadata, response)
   response.write(body);
   response.finish();
 }
 
 function completeTest20(request, data, ctx)
 {
   do_check_eq(request.status, Components.results.NS_ERROR_CORRUPTED_CONTENT);
 
-  run_test_number(21);
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// FAIL if multiple Access-Control-Allow-Origin headers provided
-
-test_flags[21] = CL_EXPECT_FAILURE;
-
-function handler21(metadata, response)
-{
-  var body = "012345678901234567890123456789";
-  response.seizePower();
-  response.write("HTTP/1.0 200 OK\r\n");
-  response.write("Content-Type: text/plain\r\n");
-  response.write("Content-Length: 30\r\n");
-  response.write("Access-Control-Allow-Origin: www.mozilla.org\r\n");
-  response.write("Access-Control-Allow-Origin: www.evil.net\r\n");
-  response.write("\r\n");
-  response.write(body);
-  response.finish();
-}
-
-function completeTest21(request, data, ctx)
-{
-  do_check_eq(request.status, Components.results.NS_ERROR_CORRUPTED_CONTENT);
-
   endTests();
 }