content-length header is being added to the safe-list

Fixed Issue #17440391

Details

Author
shachar z.
Created
May 9, 2018
Privacy
This issue is public.
Found in
  • Microsoft Edge
  • Internet Explorer
  • Chrome
  • Safari
  • Firefox
  • Opera
Fixed in build #
17.17716
Reports
Reported by 1 person

Sign in to watch or report this issue.

Steps to reproduce

Steps to reproduce the problem:

  1. create a CORS fetch request to a url that has content-length in its response and doesn’t add content-length to access-control-expose-headers
  2. content-length should be accessible in the response’s headers

What is the expected behavior?
When doing a CORS fetch request if content-length exists in the http response it should be exposed on the response headers even if it’s not added to the access-control-expose-headers.

What went wrong?
content-length is not exposed

https://github.com/whatwg/fetch/pull/626
https://github.com/w3c/web-platform-tests/pull/10930

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “Brandon M.”

      Changed Status to “Confirmed”

      Changed Status from “Confirmed” to “In code review”

      Changed Status from “In code review” to “Fixed”

    You need to sign in to your Microsoft account to add a comment.

    Sign in