makes XMLHttpRequest::SetRequestHeader call dom::headers::is_forbidde…

…n_header_name
servo · Jul 19, 2016 · 60549c4 · 60549c4
1 parent 530b027
commit 60549c4
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 16 deletions.
diff --git a/components/script/dom/headers.rs b/components/script/dom/headers.rs
@@ -102,7 +102,7 @@ fn is_forbidden_response_header(name: &str) -> bool {
 }
 
 // https://fetch.spec.whatwg.org/#forbidden-header-name
-fn is_forbidden_header_name(name: &str) -> bool {
+pub fn is_forbidden_header_name(name: &str) -> bool {
     let disallowed_headers =
         ["accept-charset", "accept-encoding",
          "access-control-request-headers",

diff --git a/components/script/dom/xmlhttprequest.rs b/components/script/dom/xmlhttprequest.rs
@@ -25,6 +25,7 @@ use dom::document::DocumentSource;
 use dom::document::{Document, IsHTMLDocument};
 use dom::event::{Event, EventBubbles, EventCancelable};
 use dom::eventtarget::EventTarget;
+use dom::headers::is_forbidden_header_name;
 use dom::progressevent::ProgressEvent;
 use dom::xmlhttprequesteventtarget::XMLHttpRequestEventTarget;
 use dom::xmlhttprequestupload::XMLHttpRequestUpload;
@@ -416,21 +417,8 @@ impl XMLHttpRequestMethods for XMLHttpRequest {
                 // Step 5
                 // Disallowed headers and header prefixes:
                 // https://fetch.spec.whatwg.org/#forbidden-header-name
-                let disallowedHeaders =
-                    ["accept-charset", "accept-encoding",
-                    "access-control-request-headers",
-                    "access-control-request-method",
-                    "connection", "content-length",
-                    "cookie", "cookie2", "date", "dnt",
-                    "expect", "host", "keep-alive", "origin",
-                    "referer", "te", "trailer", "transfer-encoding",
-                    "upgrade", "via"];
-
-                let disallowedHeaderPrefixes = ["sec-", "proxy-"];
-
-                if disallowedHeaders.iter().any(|header| *header == s) ||
-                   disallowedHeaderPrefixes.iter().any(|prefix| s.starts_with(prefix)) {
-                    return Ok(())
+                if is_forbidden_header_name(s) {
+                    return Ok(());
                 } else {
                     s
                 }