Beacon with non-CORS-safelisted Content-Type

Feature: Beacon with non-CORS-safelisted Content-Type (deprecated)

sendBeacon() has been available as described in https://www.chromestatus.com/feature/5517433905348608. A part of sendBeacon()'s functionalities has been temporarily disabled later due to a security issue. The change is that, from M60, sendBeacon() will throw when called with a Blob whose type is not a CORS-safelisted value for the Content-Type request header as the data argument. This entry is used for tracking progress on resolving the issue and re-enabling the functionality.

Documentation

https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon

Specification

Specification link

Status: Specification being incubated in a Community Group

Status in Chromium

Blink components: Blink>Network

Implementation status: Deprecated (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No signal
Safari: No signal
Web Developers: No signals

Owners

Last updated on 2021-08-29