- From: Thomas Wisniewski <notifications@github.com>
- Date: Tue, 20 Feb 2018 05:20:11 +0000 (UTC)
- To: whatwg/xhr <xhr@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 20 February 2018 05:20:36 UTC
I'm failing to see where an XHR that's 301/302/303 redirected (as in the tests in /xhr/send-redirect-post-upload.htm) would lose its content-type header to pass those tests, given the XHR and Fetch specs as-written. That is, during [step 4 of the XHR send()](https://xhr.spec.whatwg.org/#the-send()-method) method, an author request header for the content-type will be added, but I don't see where it should be filtered out for the redirected request to meet this test's expectations. I see [HTTP-redirect fetch step 11](https://fetch.spec.whatwg.org/#http-redirect-fetch), where the POST will become a GET if needed and the upload body will be nulled out, but where is the content-type filtered out, so that it isn't added right back to the request headers? In addition, the "301 POST with string and explicit Content-Type safelisted" test in /xhr/send-redirect-to-cors.htm expects its explicitly-set content-type to not be filtered out, but does expect the body and content-length to be stripped away. And so I'm lead to believe that the content-type header shouldn't be removed when explicitly set by the user (unless blocked by CORS), but it should be removed when it's implicitly computed in send() step 4? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/xhr/issues/192
Received on Tuesday, 20 February 2018 05:20:36 UTC